`IsAuthenticatedOrReadOnly` authorizes users that are not
authenticated for read-only access to resources.
Therefore, they are unauthenticated users, not unauthorized users.
Apart from a few exceptions, django-rest-framework uses the American
English spelling "authorization"/"authorized".
$ git grep -oi authorised | wc -l
2
$ git grep -oi authorized | wc -l
30
Replace the few occurences of the British English spelling with the
American English one.
* Allow usage of Django 2.x path in SimpleRouter
* Use path in Default router
* Update docs/api-guide/routers.md
Co-authored-by: Éric <merwok@netwok.org>
* Update docs/api-guide/routers.md
Co-authored-by: Éric <merwok@netwok.org>
* Add tests also for default router with path
* Use a more relevant attribute for lookup when using path converters
Co-authored-by: Asif Saif Uddin <auvipy@gmail.com>
Co-authored-by: Éric <merwok@netwok.org>
Without adding the URLs manually, the users and groups APIs were not usable.
My env:
(venv) ➜ tutorial pip freeze
asgiref==3.5.2
astroid==2.12.13
autopep8==2.0.0
dill==0.3.6
Django==4.1.3
djangorestframework==3.14.0
isort==5.10.1
lazy-object-proxy==1.8.0
mccabe==0.7.0
platformdirs==2.5.4
pycodestyle==2.10.0
pylint==2.15.6
pylint-django==2.5.3
pylint-plugin-utils==0.7
pytz==2022.6
sqlparse==0.4.3
tomli==2.0.1
tomlkit==0.11.6
wrapt==1.14.1
* Added normalize parameter to DecimalField to be able to strip trailing zeros. Fixes#6151.
* Updated docs to include normalize option on DecimalField
* Fixed linting error in test_fields
* Removed comment and renamed normalize to normalize_output as suggested in code review
Co-authored-by: Tom Christie <tom@tomchristie.com>
- Replace the broken Bootswatch-Link with an Jsdelivr-Link as suggested at https://bootswatch.com/help/
- Updated the stated Bootstrap version
- Added a note that the Bootstrap version must match the default one
Co-authored-by: Tom Christie <tom@tomchristie.com>
We depend on pytz, but until late last year we got it implicitly through
depending on Django. Since their release 4.0, however, they no longer
depend on pytz; commit 250479dc3 added the dependency directly to our
metadata in setup.py, but the documentation about dependencies (most
importantly, the instructions for new contributors) was left untouched.
This commit updates the new contributor instructions to suggest an
"editable installation" of the project at the step that previously had
users manually install Django. In this mode, pip fetches and installs
the project dependencies automatically (so in the unlikely event we grow
another dependency, that doc doesn't need to be changed again) and makes
the project available to the virtualenv's python as a normal package,
but doesn't require reinstallation for mundane edits.
* Version 3.14.0
* Update docs/community/release-notes.md to use proper links.
Co-authored-by: Adam Johnson <me@adamj.eu>
* Add community announcement page for version 3.14
* Remove deprecated NullBooleanField.
* Change openapi _get_reference removal to 3.15
This deprecation was never released in the 3.13.x series and therefore
can't be removed at the same time the replacement is released.
* Removing deprecated openapi methods.
Co-authored-by: Adam Johnson <me@adamj.eu>
In the "Creating custom mixins" documentation, the code example recommends using
```python
if self.kwargs[field]
```
However, if the correct field is not present in kwargs, a KeyError arises.
A more secure option is tu use .get() to validate that the field is contained in the kwargs dictionary:
```python
if self.kwargs.get(field)
```
I found it unclear how the model was determined for `DjangoModelPermissions`. The docs say you need a `queryset` or `get_queryset`, but not that the value returned from those is what determines the model that is used.
* Fixed missing "fields" meta argument in docs, leading to an assertion error
* Update docs/api-guide/serializers.md
Co-authored-by: Tom Christie <tom@tomchristie.com>
Co-authored-by: Tom Christie <tom@tomchristie.com>
* Tutorial - Adjust quickstart
Add asgi.py file
Also add paragraph for the second user, which is later displayed
* Tutorial - Adjust quickstart
It seems that there is no CLI command to easily create a user
Remove the second user from the Markdown
Image next
* Tutorial - quickstart - Update browsable API image
Only show the admin user
New Image has similar width and is compressed
I might just be misunderstanding something (always a strong possibility!), but it seems to me that the table on the Permissions page is slightly inaccurate.
For `permission_classes`, wouldn't it have global-level permissions for list actions (rather than no permission control, as is currently listed)?
Right now httpie moved to "httpie" organization (https://github.com/httpie/httpie) and they don't have "installation" at their GitHub. Instead of that, they have "Getting started" section with link to "Installation instructions".
* docs updated to highlight use of select_related and prefetch related to avoid n+1 problems
* Apply suggestions from code review
cosmetic changes
Co-authored-by: Xavier Ordoquy <xordoquy@linovia.com>
* cosmetic changes
Co-authored-by: Xavier Ordoquy <xordoquy@linovia.com>