Commit Graph

1115 Commits

Author SHA1 Message Date
Arnab Kumar Shil
959085c145
Handle Nested Relation in SlugRelatedField when many=False (#8922)
* Update relations.py

Currently if you define the slug field as a nested relationship in a `SlugRelatedField` while many=False, it will cause an attribute error. For example:

For this code:
```
class SomeSerializer(serializers.ModelSerializer):
    some_field= serializers.SlugRelatedField(queryset=SomeClass.objects.all(), slug_field="foo__bar")
```
The POST request (or save operation) should work just fine, but if you use GET, then it will fail with Attribute error:

> AttributeError: 'SomeClass' object has no attribute 'foo__bar'

Thus I am handling nested relation here. Reference: https://stackoverflow.com/questions/75878103/drf-attributeerror-when-trying-to-creating-a-instance-with-slugrelatedfield-and/75882424#75882424

* Fixed test cases

* code comment changes related to slugrelatedfield

* changes based on pre-commit and removed comma which was added accidentally

* fixed primary keys of the mock object

* added more test cases based on review

---------

Co-authored-by: Arnab Shil <arnab.shil@thermofisher.com>
2023-04-08 12:27:14 +06:00
Konstantin Alekseev
b7523f4b9f
Support UniqueConstraint (#7438) 2023-03-03 13:04:47 +06:00
Jameel Al-Aziz
15c613a9eb
Allow generic requests, responses, fields, views (#8825)
Allow Request, Response, Field, and GenericAPIView to be subscriptable.
This allows the classes to be made generic for type checking.

This is especially useful since monkey patching DRF can be problematic
as seen in this [issue][1].

[1]: https://github.com/typeddjango/djangorestframework-stubs/issues/299
2023-02-22 21:39:01 +06:00
Ehsan200
4abfa28e08
feat: Add some changes to ValidationError to support django style vadation errors (#8863) 2023-02-06 17:30:48 +06:00
piotrszyma
22d206c1e0
Inherit from faked classes in tests to satisfy mypy (#8859)
* tests: inherit FakeResolverMatcher from django.urls.ResolverMatcher in tests/test_versioning.py

* tests: inherit from rest_framework.versioning.BaseVersioning in tests/test_reverse.py

* fix: isort

---------

Co-authored-by: Piotr Szyma <pszyma@opera.com>
2023-01-28 17:18:58 +06:00
Manish Kumar Shah
0618fa88e1
Fix Respect can_read_model permission in DjangoModelPermissions (#8009)
* Fix Respect `can_read_model` permission in DjangoModelPermissions

FIXES: #6324

* Updated documentation and simplified code
2023-01-13 14:52:54 +06:00
Devid
2d19f233ab
Add SimplePathRouter (#6789)
* Allow usage of Django 2.x path in SimpleRouter

* Use path in Default router

* Update docs/api-guide/routers.md

Co-authored-by: Éric <merwok@netwok.org>

* Update docs/api-guide/routers.md

Co-authored-by: Éric <merwok@netwok.org>

* Add tests also for default router with path

* Use a more relevant attribute for lookup when using path converters

Co-authored-by: Asif Saif Uddin <auvipy@gmail.com>
Co-authored-by: Éric <merwok@netwok.org>
2023-01-12 14:16:48 +06:00
Yuekui
2b34aa4291
Re-prefetch related objects after updating (#8043)
* Re-prefetch related objects after updating

* Fix flake8 format

* Use _prefetch_related_lookups and refine test cases

* Add more test cases and refine prefetch checking
2023-01-11 15:30:15 +06:00
Radosław Kowalski
89d6ce7d43
fix FilePathField required argument (#8805) 2023-01-05 01:21:57 +06:00
David Graves
48a21aa0eb
raise ImproperlyConfigured exception if basename is not unique (#8438)
* raise ImproperlyConfigured if basename already exists

* rename already_registered function; return True/False

* additional basename tests

* additional basename tests

* Update rest_framework/routers.py

Co-authored-by: David Graves <dgraves@lrtcapitalgroup.com>
Co-authored-by: Asif Saif Uddin <auvipy@gmail.com>
2022-12-10 22:50:41 +06:00
kanazawa
b79099f7ba
Use PrimaryKeyRelatedField pkfield in openapi (#8315) 2022-12-10 22:48:43 +06:00
Jakub Bodek
1355890f9f
replace partition with split in BasicAuthentication (#8790)
* replace partition with split in BasicAuthentication

* test if basic auth without provided password fails
2022-12-08 09:52:35 +06:00
Rodrigo
1fbe16a8d2
Fix BooleanField's allow_null behavior (#8614)
* Fix BooleanField's allow_null behavior

* Update rest_framework.fields

- Use .get with default value for 'allow_null' kwarg in BooleanField's
  init
2022-12-06 15:04:50 +06:00
Sigve Sebastian Farstad
ee15731cbc
Handle Django's ValidationErrors in ListField (#6423)
Without this, Django's ValidationErrors will bypass the error collection
from ListField's children.

Here is an example that illustrates this change.

Consider a Serializer that uses ListField like this:

```python
class SomeSerializer(serializers.Serializer):
    uuids = serializers.ListField(
	child=serializers.PrimaryKeyRelatedField(
	    queryset=Model.objects.something(),
	    validators=[SomeCustomValidator()]
	)
    )
```

Validating data that looks like this works fine:

```python
{uuids: ['some-valid-uuid', 'some-valid-uuid']}
```

Raising a DRF ValidationError for one of the children works fine, giving
an error object like:

```python
{'uuids': {0: ErrorDetail(string='Some validation error')}}
```

Raising a Django ValidationError for one of the children works
differently (which serializers.PrimaryKeyRelatedField can do in some
cases, like when the uuid is malformed). It gives an error object like:

```python
{'uuids': ["'X' is not a valid UUID."]}
```

Handling Django's ValidationErrors in ListField explicitly (like in this
pull request), will maintain a regular error interface in this case:

```python
{'uuids': {0: ErrorDetail(string="'X' is not a valid UUID.")}}
```
2022-12-04 20:37:47 +06:00
Luka Jeran
6ec6ddea9b
Avoid inline script execution for injecting CSRF token (#7016)
Scripts with type="application/json" or "text/plain" are not executed, so we can
use them to inject dynamic CSRF data, without allowing inline-script execution
in Content-Security-Policy.
2022-11-29 16:10:32 +00:00
Peter Thomassen
52f4139674
Properly handle OverflowError in DurationField deserialization (#8042)
Related: https://github.com/django/django/pull/8870/files
2022-11-24 17:27:45 +06:00
Shinya Ohyanagi
9e328a9549
Fix OpenAPI operation name plural appropriately (#8017) 2022-11-24 13:48:05 +06:00
hashlash
ebde56b932
Represent SafeString as plain string on schema rendering. (#8429)
* Use SafeString.represent_str to represent SafeString as str

* Add SafeString yaml rendering test
2022-11-23 20:42:06 +06:00
Denny Biasiolli
c0d95cb967
Fix #8771 - Checking for authentication even if _ignore_model_permissions = True (#8772) 2022-11-22 20:21:16 +06:00
Subin Kim
8175f05c89
Added pagination settings test case (#8362) 2022-11-22 14:18:47 +06:00
Shi Pengtao
0ae3323bd2
fix 404 when page query parameter is empty string (#8578)
* fix 404 when page query parameter is empty string

* Update pagination.py

* Update pagination.py

Co-authored-by: Tom Christie <tom@tomchristie.com>
2022-11-22 12:37:31 +06:00
954
03c2ef1787
Fixes instance check in ListSerializer.to_representation (#8726) (#8727)
* Fixes 'RelatedManager' object is not iterable in ListSerializer.to_representation.(#8726)

* Change to only BaseManager

* Commit unit test

* Update tests/test_serializer_lists.py

* Update tests/test_serializer_lists.py

* Update tests/test_serializer_lists.py

* Update tests/test_serializer_lists.py

* Update tests/test_serializer_lists.py

* Update tests/test_serializer_lists.py

* Format import

* Format import

Co-authored-by: Asif Saif Uddin <auvipy@gmail.com>
2022-11-22 12:01:01 +06:00
Jason Joy Atsu Winmorre
9e56f54efb
FloatField will crash if the input is a number that is too big (#8725)
* FloatField will crash if the input is a number that is too big

* Added Unit test for float field overflow error catch

* Removed random import

* Removed additional imported ValidationError

* Update rest_framework/fields.py

* Update tests/test_fields.py

Co-authored-by: Asif Saif Uddin <auvipy@gmail.com>
2022-11-22 11:15:25 +06:00
Asif Saif Uddin
751808c59b
converted assertion to pytest style in test status (#8769) 2022-11-21 11:32:07 +00:00
Henrik Wahlgren
d5f228dd00
Possibility to remove trailing zeros on DecimalFields representation (#6514)
* Added normalize parameter to DecimalField to be able to strip trailing zeros. Fixes #6151.

* Updated docs to include normalize option on DecimalField

* Fixed linting error in test_fields

* Removed comment and renamed normalize to normalize_output as suggested in code review

Co-authored-by: Tom Christie <tom@tomchristie.com>
2022-11-16 14:31:50 +00:00
Stanislav Levin
78cdae6999
Fix Pytest's deprecation warnings about nose usage (#8758)
Pytest 7.2.0 deprecated plain `setup` and `teardown` functions and
methods as nose idioms:
https://docs.pytest.org/en/latest/changelog.html#pytest-7-2-0-2022-10-23

`setup` can be safely replaced with `setup_method`:
https://docs.pytest.org/en/stable/deprecations.html#setup-teardown

Fixes: https://github.com/encode/django-rest-framework/issues/8757
Signed-off-by: Stanislav Levin <slev@altlinux.org>

Signed-off-by: Stanislav Levin <slev@altlinux.org>
2022-11-15 12:29:15 +00:00
Den
35c5be6ec2
Add a method for getting serializer field name (OpenAPI) (#7493)
* Add a method for getting serializer field name

* Add docs and test

Co-authored-by: Tom Christie <tom@tomchristie.com>
2022-10-17 10:47:45 +01:00
Klaas van Schelven
56946fac8f
Preserve exception messages for wrapped Django exceptions (#8051)
* Preserve messages for wrapped Django exceptions

* Fix the test

* Update test_generics.py

* Update test_generics.py

Co-authored-by: Tom Christie <tom@tomchristie.com>
2022-10-11 12:48:57 +00:00
Norbert Schuler
911b207fa1
Added examples to schema of CursorPagination (#8687)
* Added examples to schema of CursorPagination

Fix https://github.com/encode/django-rest-framework/issues/8686

Added missing examples for CursorPagination class to disable warnings in https://github.com/tfranzel/drf-spectacular and make it consistent with other pagination classes.

* Adapted test case for paginated response schema
2022-10-11 11:50:33 +01:00
Markus Legner
d507cd851c
Fix infinite recursion with deepcopy on Request (#8684) 2022-10-07 11:58:38 +01:00
Tom Christie
f8b3f38b57
Update supported versions for 3.14 release (#8662)
* Update supported versions for 3.14 release

* Fix up test case for Django 3.0
2022-09-21 14:32:02 +01:00
Tim Schilling
b658915846
Version 3.14.0 proposal (#8599)
* Version 3.14.0

* Update docs/community/release-notes.md to use proper links.

Co-authored-by: Adam Johnson <me@adamj.eu>

* Add community announcement page for version 3.14

* Remove deprecated NullBooleanField.

* Change openapi _get_reference removal to 3.15

This deprecation was never released in the 3.13.x series and therefore
can't be removed at the same time the replacement is released.

* Removing deprecated openapi methods.

Co-authored-by: Adam Johnson <me@adamj.eu>
2022-09-21 14:08:12 +01:00
David Smith
4aea8dd65a
Change semantic of OR of two permission classes (#7522)
* Change semantic of OR of two permission classes

The original semantic of OR is defined as: the request pass either of the two has_permission() check, and pass either of the two has_object_permission() check, which could lead to situations that a request passes has_permission() but fails on has_object_permission() of Permission Class A, fails has_permission() but passes has_object_permission() of Permission Class B, passes the OR permission check. This should not be the desired permission check semantic in applications, because such a request should fail on either Permission Class (on Django object permission) alone, but passes the OR or the two.

My code fix this by changing the semantic so that the request has to pass either class's has_permission() and has_object_permission() to get the Django object permission of the OR check.

* Update rest_framework/permissions.py

* Update setup.cfg

Co-authored-by: Mark Yu <markyu98@outlook.com>
Co-authored-by: Tom Christie <tom@tomchristie.com>
2022-09-21 12:19:33 +01:00
willbeaufoy
354ae73ffb
Make APIClient.force_authenticate() work with user=None (#8212)
* Fix testing with token

* Add unit test

* Split unit test into 3

* Fix linting error
2022-09-15 09:35:48 +01:00
Jonas Lundberg
df584350b4
Prevent head method mapping to coerce action name (#7729) 2022-08-12 12:00:55 +01:00
David Cain
8b2ccccbe5
Stop calling set_context, planned for 3.13 drop (#8589)
Per the deprecation warnings (which have been raised since DRF 3.11),
`set_context()` was planned not to be supported in DRF 3.13. I think we
can safely delete it, in favor of `requires_context`.

From the 3.11 announcement:

> Previous our approach to this was that implementations could include a
> `set_context` method, which would be called prior to validation. However
> this approach had issues with potential race conditions. We have now
> move this approach into a pending deprecation state. It will continue to
> function, but will be escalated to a deprecated state in 3.12, and
> removed entirely in 3.13.

Why keep `RemovedInDRF313Warning` around?
=========================================
It's a bit odd that version 3.13 includes an exception class describing
things which are to be deleted in 3.13, but I've opted to keep the (now
unreferenced) class around, for fear of breaking others' setup.

(For example, if projects have a `filterwarnings` setup meant to
intercept `rest_framework.RemovedInDRF313Warning`, an error will be
thrown due to an unresolvable reference).
2022-08-08 11:18:49 +01:00
Sergey Lyapustin
a1b35bb44b
Use example.com domain in tests. (#8571)
* Use example.com domain for the samples.

* Fixed typo.
2022-07-25 10:28:41 +01:00
Tom Christie
fa9d516ee2
Update docstring test for more recent pygments version (#8530)
* Update docstring test for more recent pygments version

* Drop unused import
2022-06-20 10:44:27 +01:00
Stephen Finucane
5185cc9348
Handle unset fields with 'many=True' (#7574)
* Handle unset fields with 'many=True'

The docs note:

  When serializing fields with dotted notation, it may be necessary to
  provide a `default` value if any object is not present or is empty
  during attribute traversal.

However, this doesn't work for fields with 'many=True'. When using
these, the default is simply ignored.

The solution is simple: do in 'ManyRelatedField' what we were already
doing for 'Field', namely, catch possible 'AttributeError' and
'KeyError' exceptions and return the default if there is one set.

Signed-off-by: Stephen Finucane <stephen@that.guru>
Closes: #7550

* Add test cases for #7550

Signed-off-by: Stephen Finucane <stephen@that.guru>
2022-06-08 14:46:19 +01:00
Marti Raudsepp
26830c3d2d
Fix QueryDict type error in test (#8475)
QueryDict takes a `str` argument. Discovered while working on
djangorestframework-stubs.
2022-06-08 14:37:46 +01:00
itsdkey
e7af8d662b
tests for #5127 (#7715)
* tests for #5127

* Resolves #5127
2022-06-08 13:41:26 +01:00
Grigory
1396f6886a
Respect model error_messages for relation (#7599) 2022-06-06 13:53:42 +01:00
Krukov D
281fc074ba
improve performance for noncallble attributes (#8502)
Co-authored-by: Dima Kryukov <dmitry.kryukov@pandadoc.com>
2022-06-06 12:54:57 +01:00
Mariusz Felisiak
333f1ffb94
Confirmed support for Django 4.1. (#8498) 2022-06-06 12:39:06 +01:00
hashlash
df92e57ad6
Added test client support for HTTP 307 and 308 redirects (#8419)
* Add retain test data on follow=True

* Simplify TestAPITestClient.test_follow_redirect

Inspired from Django's ClientTest.test_follow_307_and_308_redirect

* Add 307 308 follow redirect test
2022-03-24 09:57:42 +00:00
Luke Plant
bce9df9b5e
Make ReturnDict support dict union operators on Python 3.9 and later (#8302)
Fixes issue #8301
2021-12-22 15:08:58 +00:00
Tom Christie
a780e80deb
Revert "Make api_view respect standard wrapper assignments (#8291)" (#8297)
This reverts commit 9c97946531.
2021-12-15 15:16:38 +00:00
tim-mccurrach
9c97946531
Make api_view respect standard wrapper assignments (#8291) 2021-12-13 13:08:40 +00:00
Tom Christie
d0bb4d877f
Tweak test_description (#8293) 2021-12-13 09:33:03 +00:00
Carlton Gibson
f46c33e4e2 Fixed TestDefaultTZDateTimeField to allow multiple tzinfo implementations.
zoneinfo was made the default time zone implementation in
306607d5b9.
2021-09-23 11:57:03 +02:00