Piper Merriam
fc9be55d43
Alter CSRF exemption implementation
...
The previous implementation of decorating `APIView.dispach` with the
`csrf_exempt` decorator allowed for an easy-to-make mistake where
someone could override the `dispatch` method on a view and inadvertantly
remove the csrf exemption of their api view.
By moving the decoration of the view into the `as_view` logic, it
becomes much more difficult to make this mistake.
2014-09-03 09:50:31 -06:00
Dmitry Mukhin
3b07d0c997
Merge branch 'master' into set-retry-after
...
Conflicts:
tests/test_throttling.py
2014-08-20 20:04:48 +04:00
Tom Christie
bf09c32de8
Code linting and added runtests.py
2014-08-19 13:28:07 +01:00
Dmitry Mukhin
c3891b6e00
set Retry-After header when throttled
2014-04-07 20:31:12 +04:00
David Larlet
07cb436d61
Typo in keywords arguments name
...
Because it matters ;)
2014-03-04 16:32:34 +01:00
hongfeiZhang
693d9d9c63
In the method permission_denied, did not use the request parameter.
2014-03-01 11:37:31 +08:00
Tom Christie
18f26ff5cc
Only add 'Vary: Accept' header when there is more than one possible renderer.
2014-01-30 17:47:55 +00:00
Tom Christie
9f0ead9597
Remove TODO note, since it hasn't been TODONE.
2014-01-30 17:32:05 +00:00
Tom Christie
6302307885
Update comment in get_parser_context
.
2013-10-24 13:45:16 +01:00
Andy Freeland
b5523bcc7d
Support customizable view EXCEPTION_HANDLER
...
Add `api_settings.EXCEPTION_HANDLER` to support custom error responses.
Fixes #907 .
2013-09-06 12:47:33 -05:00
Tom Christie
b54cbd292c
Use view.settings for API settings, to make testing easier.
2013-08-27 12:36:06 +01:00
Tom Christie
b430503fa6
Move exception handler out of main view
2013-08-27 12:32:33 +01:00
Tom Christie
5120670624
Document customizable view names/descriptions
2013-08-19 08:45:53 +01:00
Tom Christie
89b0a539c3
Move view name/description functions into public space
2013-08-19 08:24:27 +01:00
Christopher Paolini
e6662d434f
Improved view/description function setting
...
Now supports each View having its own name and description function and
overriding the global default.
2013-08-17 17:44:51 -04:00
Jeremy Satterfield
1d8a80f5cc
don't set X-Throttle-Wait-Second header if throttle wait is None
2013-08-13 15:31:58 -05:00
Tom Christie
8cc63b09f6
Add support for StreamingHttpResponse. Closes #939
2013-06-21 22:42:04 +01:00
Ethan Fremen
ae2887ffc4
Set the args and kwargs before initializing the request.
...
Allows get_parser_context to function correctly.
Signed-off-by: Ethan Fremen <ethan@matterport.com>
2013-06-07 19:25:39 -07:00
Tom Christie
40e09472d8
Never deepcopy validators. Closes #913
2013-06-06 08:56:39 +01:00
Tom Christie
fcaee6e580
Clean up OPTIONS implementation
2013-05-24 23:44:23 +01:00
Oscar Vilaplana
a1deb5eac7
simplified, moved field humanizing to Field. broken tests
2013-05-23 08:26:55 +02:00
Oscar Vilaplana
7a5cd090aa
fixed tests, added docs, renamed helper method
2013-05-19 15:45:33 +02:00
Nikolaus Schlemm
88c94f3720
Merge remote-tracking branch 'grimborg/issue-192-expose-fields-for-options' into issue-192-expose-fields-for-options
2013-05-19 14:58:11 +02:00
Oscar Vilaplana
f1f5f92d89
Added tests, cleaned up imports
2013-05-19 14:55:46 +02:00
Nikolaus Schlemm
efca5f6fec
use double quotes for docstring instead of single quotes
2013-05-19 14:54:16 +02:00
Nikolaus Schlemm
1154c12b33
don't expose fields for GET and DELETE - leaving room for parameters like e.g. filter or paginate
2013-05-19 11:37:12 +02:00
Nikolaus Schlemm
a91841f7fe
WORKAROUND: avoid errors like "AttributeError: 'APIRoot' object has no attribute 'get_serializer'"
2013-05-19 11:29:41 +02:00
Nikolaus Schlemm
c0f3a1c397
Integrated status quo of grimborg's awesome humanize_field() for exposing field metadata via OPTIONS :)
2013-05-19 09:25:02 +02:00
Nikolaus Schlemm
843ae60237
Merge branch 'issue-192-expose-fields-for-options' of git://github.com/grimborg/django-rest-framework into issue-192-expose-fields-for-options
...
Conflicts:
rest_framework/tests/fields.py
2013-05-18 18:34:21 +02:00
Oscar Vilaplana
4dffcb5d77
Added humanized field names and types
2013-05-18 18:10:17 +02:00
Nikolaus Schlemm
5ab7cc6e6b
HEAD and OPTIONS should not be exposed as actions as discussed in a42afa04c3 (commitcomment-3241476)
2013-05-18 17:38:47 +02:00
Nikolaus Schlemm
b4dbfa9832
only catch relevant exceptions ;)
2013-05-18 17:10:13 +02:00
Nikolaus Schlemm
f8c1481d4b
expose the fields metadata via OPTIONS as described in https://github.com/tomchristie/django-rest-framework/issues/192
...
missing:
- get fields for method (currently all the same)
- tests
- right placement of code
2013-05-18 16:21:25 +02:00
Tom Christie
95abe6e844
Cleanup docstrings
2013-04-25 12:47:34 +01:00
Tom Christie
835d3f89d3
Merge remove-django-generics
2013-04-23 11:59:13 +01:00
Tom Christie
23289b023d
Explicit error if dev does not return a response from the view
2013-04-16 14:32:46 +01:00
Tom Christie
c73d0e1e39
Minor cleaning up on View
2013-04-09 18:22:39 +01:00
Tom Christie
f68721ade8
Factor view names/descriptions out of View class
2013-04-04 21:42:26 +01:00
Tom Christie
13b3af0d22
Auth is no longer lazy. Closes #667 .
...
More consistent auth failure behavior.
2013-02-28 17:58:58 +00:00
Tom Christie
4e14b26fa9
Drop unused import
2013-02-28 13:42:08 +00:00
Tom Christie
0c7d6062b2
Py3/2 compat fixes for uncode view names/descriptions
2013-02-22 20:18:16 +00:00
Michael Elovskikh
aa95ccbab7
Fixed UnicodeDecodeError on get_name and get_description methods
2013-02-22 18:50:09 +06:00
Tom Christie
160d10d348
Fix docstring
2013-02-20 08:46:00 +00:00
Tom Christie
c1a40c5899
Drop unused import.
2013-02-15 09:06:05 +00:00
Tom Christie
f5a0275547
Tidy up internal view permission checking logic.
...
Also document correctly - these methods are now public and will fall
under the deprecation policy from now on.
2013-02-12 08:58:28 +00:00
Tom Christie
09b01887f2
New style object-level permission checks
2013-02-12 08:58:28 +00:00
Marc Tamlyn
bd7977eed7
Purge naked excepts.
...
Most of these had obvious exceptions which would be thrown. Some I'm not
sure about but they should at least catch only Exception so as not to
ignore SystemExit and other inappropriate Error classes.
2013-02-06 13:05:17 +00:00
Tom Christie
b052c92ac3
Cleanup imports
...
Mostly adding `from __future__ import unicode_literals` everywhere.
2013-02-04 20:55:35 +00:00
Tom Christie
65b62d64ec
WWW-Authenticate responses
2013-01-21 21:29:49 +00:00
Tom Christie
36fa722ebb
Merged to latest master
2013-01-07 21:04:52 +00:00