* Raise framework-specific deprecation warnings
- Use `RemovedInDRF313Warning` instead of DeprecationWarning
- Update to follow deprecation policy
* Pass serializer instead of model to validator
The `UniqueTogetherValidator` may need to access attributes on the
serializer instead of just the model instance. For example, this is
useful for handling field sources.
* Fix framework deprecation warning in test
* Remove outdated validator attribute
* First pass at Django 3.0 compat
* Drop Guardian for 1.11 tests, since we're installing an incompatible version
* Fix ROOT_URLCONF override in test case
* Fix typo
Co-Authored-By: Rémy HUBSCHER <hubscher.remy@gmail.com>
* Linting
Refs #6846
This provides a way for pagination classes to add pagination properties (`count`, `next`, `results` etc.) to OpenAPI response schemas.
A new method `get_paginated_response_schema()` has been added to `BasePagination`. This method is intended to mirror `get_paginated_response()` (which takes a `list` and wraps it in a `dict`).
Hence, `get_paginated_response_schema()` takes an unpaginated response schema (of type `array`) and wraps that with a schema object of type `object` containing the relevant properties that the pagination class adds to responses.
The default implementation of `BasePagination.get_paginated_response_schema()` simply passes the schema through unmodified, for backwards compatibility.
This is the first part of #6846.
Previously, the response schema for list views was an object representing a single item. However, list views return a list of items, and hence it should be an array.
Further work will need to be done to support how pagination classes modify list responses.
There should be no change for views not determined to be list views.
* Add tests for raise_errors_on_nested_writes
* Fix dotted-source field checking on serializer write
The code was previously checking the validated data for the field's
attribute name, however, the data contain the first source attr.
Refs #6509
This enforces allow_empty=True when a ListSerializer is a child of another serializer and partial validation is being performed on the parent serializer.
This is because partial validation should allow fields to be omitted, but should not cause values that are invalid without partial validation to become valid.
This effectively reverts #4222. None of the tests added in that PR fail if the associated change is removed, so I‘m not sure what that PR was trying to fix.
* fixes#6751
* reverted condition
* save instance before setting m2m fields
* added comment why m2m fields are saved after instance
* removed blank line
* added test for the issue 6751
Use of PyYAML's yaml.load function without specifying the Loader
parameter has been deprecated, see https://msg.pyyaml.org/load.
Earlier versions of PyYAML already had the alternative safe_load
function, which limits the loader to a subset of YAML constructs, that
is enough for what we need here.
Fixes#6677
It might be useful for a serializer with many many fields which uses
read_only and write_only on a large percentage of the fields. But the
memory usage and statefulness it adds are not worth it for the common
case.
* Added regression tests (#6504)
Co-Authored-By: Tom Quinonero <tq@3yourmind.com>
* Fix CursorPagination when objects get deleted between calls (#6504)
Co-Authored-By: Tom Quinonero <tq@3yourmind.com>
On Python 3, the ugettext functions are a simple aliases of their non-u
counterparts (the 'u' represents Python 2 unicode type). Starting with
Django 3.0, the u versions will be deprecated.
https://docs.djangoproject.com/en/dev/releases/3.0/#id2
> django.utils.translation.ugettext(), ugettext_lazy(), ugettext_noop(),
> ungettext(), and ungettext_lazy() are deprecated in favor of the
> functions that they’re aliases for:
> django.utils.translation.gettext(), gettext_lazy(), gettext_noop(),
> ngettext(), and ngettext_lazy().
Thanks to Jon Dufresne (@jdufresne) for review.
Co-authored-by: Asif Saif Uddin <auvipy@gmail.com>
Co-authored-by: Rizwan Mansuri <Rizwan@webbyfox.com>
* Introspect ManyRelatedField data type recursively
For all `ManyRelatedField` objects, we were assuming that the inner type was always a `String`. While this may be true for the default output, a `ManyRelatedField` is a wrapper for a lot of other classes which includes more than just strings. This should allow us to document lists of things other than strings.
* Added test for schemas for many-to-many fields
This adds a test that makes sure we generate the schema for a many-to-many field such that it actually has the right type. For some reason we did not previously have any tests for schema generation that included them, so hopefully this will prevent any future issues from popping up.
This should serve as a regression test for the `items` field on to-many relationships, which was previously forced to a `String` even though in most cases it is a different inner type within the array.
As all source files import unicode_literals, type('') is always
equivalent to six.text_type (str on Python 3 and unicode on Python 2).
Removes the need to call type(), is more explicit, and will be easier to
catch places to change for when it is time to eventually drop Python 2.
see https://github.com/encode/django-rest-framework/issues/5660
Trying to register new routes on a router after having accessed the
router `urls` attribute leads to surprising results.
The route is added without error to the router's `registry` but the urls
are not updated, because they are cached in `_urls`.
This commit invalidates the cache after each new registration.
* Add test that verifies that HTML is correctly escaped in Browsable API views
* Fix `urlize_quoted_links` tag to avoid double escaping in autoescape mode
* Fix XSS in default DRF Browsable API template by re-enabling autoescape
* Fix issue1811: take limit_choices_to into account with FK
* Issue 1811: Add tests to illustrate issue
* Filter queryset only if limit_choices_to exists
* Move test_relations_with_limited_querysets file within test_relations_pk
* move limit_choices_to logic from relations.py to utils/field_mapping.py
* move limit_choices_to above other check to avoid conflicts
In some cases we end with an operation between two `OperandHolder`.
This didn't work as it didn't knew how to deal with | or &
This fixes by adding those operations.
* Release notes to 5174a26ec9
* Update version for v3.9.0
* Removed exclude_from_schema per deprecation policy.
* Updated list_route() and detail_route() deprecations.
* Weakened to PendingDeprecationWarning for `base_name`
cc @rpkilby.
* Add (beginning of) 3.9 release announcement.
@tomchristie: Input on OpenAPI and What’s Next very welcome! :)
* Add announcement section for Extra Actions in Browsable API
* Update release notes and add deprecation note for Django Guardian backend.
* Add release note for #6073
* Add release notes to dd19a44583
* Adding release notes
* Update 3.9 announcement
* Add Oct 18 release date