Commit Graph

74 Commits

Author SHA1 Message Date
Piper Merriam
fc9be55d43 Alter CSRF exemption implementation
The previous implementation of decorating `APIView.dispach` with the
`csrf_exempt` decorator allowed for an easy-to-make mistake where
someone could override the `dispatch` method on a view and inadvertantly
remove the csrf exemption of their api view.

By moving the decoration of the view into the `as_view` logic, it
becomes much more difficult to make this mistake.
2014-09-03 09:50:31 -06:00
Dmitry Mukhin
3b07d0c997 Merge branch 'master' into set-retry-after
Conflicts:
	tests/test_throttling.py
2014-08-20 20:04:48 +04:00
Tom Christie
bf09c32de8 Code linting and added runtests.py 2014-08-19 13:28:07 +01:00
Dmitry Mukhin
c3891b6e00 set Retry-After header when throttled 2014-04-07 20:31:12 +04:00
David Larlet
07cb436d61 Typo in keywords arguments name
Because it matters ;)
2014-03-04 16:32:34 +01:00
hongfeiZhang
693d9d9c63 In the method permission_denied, did not use the request parameter. 2014-03-01 11:37:31 +08:00
Tom Christie
18f26ff5cc Only add 'Vary: Accept' header when there is more than one possible renderer. 2014-01-30 17:47:55 +00:00
Tom Christie
9f0ead9597 Remove TODO note, since it hasn't been TODONE. 2014-01-30 17:32:05 +00:00
Tom Christie
6302307885 Update comment in get_parser_context. 2013-10-24 13:45:16 +01:00
Andy Freeland
b5523bcc7d Support customizable view EXCEPTION_HANDLER
Add `api_settings.EXCEPTION_HANDLER` to support custom error responses.

Fixes #907.
2013-09-06 12:47:33 -05:00
Tom Christie
b54cbd292c Use view.settings for API settings, to make testing easier. 2013-08-27 12:36:06 +01:00
Tom Christie
b430503fa6 Move exception handler out of main view 2013-08-27 12:32:33 +01:00
Tom Christie
5120670624 Document customizable view names/descriptions 2013-08-19 08:45:53 +01:00
Tom Christie
89b0a539c3 Move view name/description functions into public space 2013-08-19 08:24:27 +01:00
Christopher Paolini
e6662d434f Improved view/description function setting
Now supports each View having its own name and description function and
overriding the global default.
2013-08-17 17:44:51 -04:00
Jeremy Satterfield
1d8a80f5cc don't set X-Throttle-Wait-Second header if throttle wait is None 2013-08-13 15:31:58 -05:00
Tom Christie
8cc63b09f6 Add support for StreamingHttpResponse. Closes #939 2013-06-21 22:42:04 +01:00
Ethan Fremen
ae2887ffc4 Set the args and kwargs before initializing the request.
Allows get_parser_context to function correctly.

Signed-off-by: Ethan Fremen <ethan@matterport.com>
2013-06-07 19:25:39 -07:00
Tom Christie
40e09472d8 Never deepcopy validators. Closes #913 2013-06-06 08:56:39 +01:00
Tom Christie
fcaee6e580 Clean up OPTIONS implementation 2013-05-24 23:44:23 +01:00
Oscar Vilaplana
a1deb5eac7 simplified, moved field humanizing to Field. broken tests 2013-05-23 08:26:55 +02:00
Oscar Vilaplana
7a5cd090aa fixed tests, added docs, renamed helper method 2013-05-19 15:45:33 +02:00
Nikolaus Schlemm
88c94f3720 Merge remote-tracking branch 'grimborg/issue-192-expose-fields-for-options' into issue-192-expose-fields-for-options 2013-05-19 14:58:11 +02:00
Oscar Vilaplana
f1f5f92d89 Added tests, cleaned up imports 2013-05-19 14:55:46 +02:00
Nikolaus Schlemm
efca5f6fec use double quotes for docstring instead of single quotes 2013-05-19 14:54:16 +02:00
Nikolaus Schlemm
1154c12b33 don't expose fields for GET and DELETE - leaving room for parameters like e.g. filter or paginate 2013-05-19 11:37:12 +02:00
Nikolaus Schlemm
a91841f7fe WORKAROUND: avoid errors like "AttributeError: 'APIRoot' object has no attribute 'get_serializer'" 2013-05-19 11:29:41 +02:00
Nikolaus Schlemm
c0f3a1c397 Integrated status quo of grimborg's awesome humanize_field() for exposing field metadata via OPTIONS :) 2013-05-19 09:25:02 +02:00
Nikolaus Schlemm
843ae60237 Merge branch 'issue-192-expose-fields-for-options' of git://github.com/grimborg/django-rest-framework into issue-192-expose-fields-for-options
Conflicts:
	rest_framework/tests/fields.py
2013-05-18 18:34:21 +02:00
Oscar Vilaplana
4dffcb5d77 Added humanized field names and types 2013-05-18 18:10:17 +02:00
Nikolaus Schlemm
5ab7cc6e6b HEAD and OPTIONS should not be exposed as actions as discussed in a42afa04c3 (commitcomment-3241476) 2013-05-18 17:38:47 +02:00
Nikolaus Schlemm
b4dbfa9832 only catch relevant exceptions ;) 2013-05-18 17:10:13 +02:00
Nikolaus Schlemm
f8c1481d4b expose the fields metadata via OPTIONS as described in https://github.com/tomchristie/django-rest-framework/issues/192
missing:
 - get fields for method (currently all the same)
 - tests
 - right placement of code
2013-05-18 16:21:25 +02:00
Tom Christie
95abe6e844 Cleanup docstrings 2013-04-25 12:47:34 +01:00
Tom Christie
835d3f89d3 Merge remove-django-generics 2013-04-23 11:59:13 +01:00
Tom Christie
23289b023d Explicit error if dev does not return a response from the view 2013-04-16 14:32:46 +01:00
Tom Christie
c73d0e1e39 Minor cleaning up on View 2013-04-09 18:22:39 +01:00
Tom Christie
f68721ade8 Factor view names/descriptions out of View class 2013-04-04 21:42:26 +01:00
Tom Christie
13b3af0d22 Auth is no longer lazy. Closes #667.
More consistent auth failure behavior.
2013-02-28 17:58:58 +00:00
Tom Christie
4e14b26fa9 Drop unused import 2013-02-28 13:42:08 +00:00
Tom Christie
0c7d6062b2 Py3/2 compat fixes for uncode view names/descriptions 2013-02-22 20:18:16 +00:00
Michael Elovskikh
aa95ccbab7 Fixed UnicodeDecodeError on get_name and get_description methods 2013-02-22 18:50:09 +06:00
Tom Christie
160d10d348 Fix docstring 2013-02-20 08:46:00 +00:00
Tom Christie
c1a40c5899 Drop unused import. 2013-02-15 09:06:05 +00:00
Tom Christie
f5a0275547 Tidy up internal view permission checking logic.
Also document correctly - these methods are now public and will fall
under the deprecation policy from now on.
2013-02-12 08:58:28 +00:00
Tom Christie
09b01887f2 New style object-level permission checks 2013-02-12 08:58:28 +00:00
Marc Tamlyn
bd7977eed7 Purge naked excepts.
Most of these had obvious exceptions which would be thrown. Some I'm not
sure about but they should at least catch only Exception so as not to
ignore SystemExit and other inappropriate Error classes.
2013-02-06 13:05:17 +00:00
Tom Christie
b052c92ac3 Cleanup imports
Mostly adding `from __future__ import unicode_literals` everywhere.
2013-02-04 20:55:35 +00:00
Tom Christie
65b62d64ec WWW-Authenticate responses 2013-01-21 21:29:49 +00:00
Tom Christie
36fa722ebb Merged to latest master 2013-01-07 21:04:52 +00:00