The urlparse shim in compat.py duplicates Django's bundled six. Can rely
on upstream instead of duplicating their works. Unifies shim with other
files already using six.
Fixed some regressions where compat was imported during app loading and
led to importing django.contrib.auth.models which ended in a
`AppRegistryNotReady` exception.
Set literals are available on all supported Python versions. They are
idiomatic and always faster:
$ python3 -m timeit '{}'
10000000 loops, best of 3: 0.0357 usec per loop
$ python3 -m timeit 'dict()'
10000000 loops, best of 3: 0.104 usec per loop
$ python3 -m timeit '{1, 2, 3}'
10000000 loops, best of 3: 0.0754 usec per loop
$ python3 -m timeit 'set([1, 2, 3])'
1000000 loops, best of 3: 0.228 usec per loop
Running the tests with bytes warning enabled shows some bytes/str
mixups. Fix them all.
Some examples of mixing usage:
str(b'foo') -- calling str() on bytes
b'foo' == 'foo' -- compare str with bytes
'foo' + b'bar' -- concatenating str and bytes
* Adding rounding parameter to DecimalField.
* Using standard `assert` instead of `self.fail()`.
* add testcase and PEP8 multilines fix
* flake8 fixes
* Use decimal module constants in tests.
* Add docs note for `rounding` parameter.
Closes#5528.
Viewset custom actions (@detail_route etc) OPTIONS (and HEAD) methods were not being excluded from Schema Generations.
This PR adds a test reproducing the reported error and adjusts `EndpointEnumerator.get_allowed_methods()` to filter ViewSet actions in the same way as other `APIView`s
* substitute '@@' code block delimiter with triple back-tick, more consistent with other markdown extensions
* remove development print and allow spaces between triple backtick and syntax name in codeblock
* update comparison content for markdown test
* Fixed issues with schema name collisions
* Fixed mutating issues in python 3
* Optimized solution
* Fixed isort
* Removed not needed cast
* Fix for key collision
* Added preferred key to preserve if available
* Add accidently removed test
* Update remaing `include` calls
Missed as part of #5481 cleanup.
* Provide app_name in include_docs_urls
* Update remaining get_regex_pattern usages
* Allow functools.partial in is_simple_callable check
* Set version number for 3.7.0 release
* Rename release notes section
Moved issue links to top for easier access.
(Can move back later)
* Add release note for #5273
* Add release note for #5440
* Add release note for #5265
Strict JSON handling
* Add release note for #5250
* Add release notes for #5170
* Add release notes for #5443
* Add release notes for #5448
* Add release notes for #5452
* Add release not for #5342
* Add release notes for 5454
* Add release notes for #5058 & #5457
Remove Django 1.8 & 1.9 from README and setup.py
* Release notes for merged 3.6.5 milestone tickets
Tickets migrated to 3.7.0 milestone.
* Add release notes for #5469
* Add release notes from AM 2ndOct
* Add final changes to the release notes.
* Add date and milestone link
Move issue links back to bottom.
* Update translations from transifex
* Begin releae anouncement
* Add release note for #5482
* 3.7 release announcement & related docs.
* Identify code that needs to be pulled out of/removed from compat.py
* Extract modern code from get_names_and_managers in compat.py and remove compat code
* Extract modern code from is_authenticated() in compat.py and remove.
* Extract modern code from is_anonymous() in compat.py and remove
* Extract modern code from get_related_model() from compat.py and remove
* Extract modern code from value_from_object() in compat.py and remove
* Update postgres compat
JSONField now always available.
* Remove DecimalValidator compat
* Remove get_remote_field compat
* Remove template_render compat
Plus isort.
* Remove set_many compat
* Remove include compat
As of Django 1.11 the `authenticate` function accepts a request as an
additional argument. This commit fixes compatibility between newer Django
versions and custom authentication backends which already depend on the request
object.
See also:
[Django 1.11 release](https://docs.djangoproject.com/en/1.11/releases/1.11/)
```
authenticate() now passes a request argument to the authenticate() method of
authentication backends. Support for methods that don’t accept request as the
first positional argument will be removed in Django 2.1.
```
Pull up method from subclass to superclass
The call was added in 426547c61c
to allow for dict-style arguments to ValidationError but does not
apply to other APIException descendants.
* add 'docstrings-with-pygments' feature without packages checks and tests
* move syntax_highlight doc filter in compatibility module and define it conditionally
* typo fixed
* add test for optional code highlight ('pygments' and 'markdown' packages must be installed)
Closes#5237
Generics/ModelViewset performs filtering on: list, retrieve, put, patch and destroy (plus method equivalents).
i.e. on list plus anything that calls `get_object`.
This PR makes schema generation follow that.
It adds `AutoSchema._allows_filters()` which can be overridden in subclasses.
I’ve made this initially “private” so we can make quick changes if needs be in a 3.7.1 etc.
The documentation generator calls view.get_serializer() in order to
inspect it for documentation generation. However, if get_serializer()
throws an APIException (e.g. PermissionDenied), it doesn't get caught at
the call site, but instead propagates up and aborts the entire view.
With the try/except in this commit, the documentation generator instead
gratiously ignores that particular view and moves on to the next one
instead. Practical concequences of this commit is that the docs no
longer break if any view's get_serializer(..) throws an APIException.
* Changes to the paginator defaults and settings
Require a default paginator be specified when using the page size
setting.
https://github.com/encode/django-rest-framework/issues/5168
* DRF-5168 import warnings
missed this in last commit
* Add a system checks file
Add a check for pagination settings for the 3.7 upgrade cycle.
* more compatible import approach
* missing bactic
* revised language and approach to import the system check
Adds a rest framework app config.
* Adjust doc wording
## Description
The `choices` field for the `ChoiceField` class should be able to be edited after `ChoiceField.__init__` is called.
```
field = ChoiceField(choices=[1,2])
field.choices = [1] # Should no longer allow `2` as a choice
```
Currently, you must update `choices`, `grouped_choices`, and `choice_strings_to_values` to achieve this. This P/R keeps `grouped_choices` and `choice_strings_to_values` in sync whenever the `choices` are edited.
* Add tests for schema exclusions
* Move exclusion check to should_include_endpoint
* Update docs
* Switch to using `schema = None`
* Test PendingDeprecationWarnings
* Add note to release notes.
* s/deprecated/pending deprecation/
* Add PR link to release notes
* Correct typo in test class name
* Test 'exclude_from_schema' deprecation warning message (#1)
* Correct deprecation warning message
* Initial Refactor Step
* Add descriptor class
* call from generator
* proxy back to generator for implementation.
* Move `get_link` to descriptor
* Move `get_description` to descriptor
* Remove need for generator in get_description
* Move get_path_fields to descriptor
* Move `get_serializer_fields` to descriptor
* Move `get_pagination_fields` to descriptor
* Move `get_filter_fields` to descriptor
* Move `get_encoding` to descriptor.
* Pass just `url` from SchemaGenerator to descriptor
* Make `view` a property
Encapsulates check for a view instance.
* Adjust API Reference docs
* Add `ManualSchema` class
* Refactor to `ViewInspector` plus `AutoSchema`
The interface then is **just** `get_link()`
* Add `manual_fields` kwarg to AutoSchema
* Add schema decorator for FBVs
* Adjust comments
* Docs: Provide full params in example
Ref feedback b52e372f8f (r137254795)
* Add docstring for ViewInstpector.__get__ descriptor method.
Ref https://github.com/encode/django-rest-framework/pull/5354#discussion_r137265022
* Make `schemas` a package.
* Split generators, inspectors, views.
* Adjust imports
* Rename to EndpointEnumerator
* Adjust ManualSchema to take `fields`
… and `description`.
Allows `url` and `action` to remain dynamic
* Add package/module docstrings
Sometimes, probably in the upgrade from Django 1.9 to 1.10, a post with
empty content is forbidden by javascript, with the message "Please fill
in this field". Filling the form with '{}' allows an application/json
request to be submitted.
The API call itself works perfectly well with a post with empty content:
the interface shouldn't make assumptions about it.
* Add regression test for #2505. Thanks @pySilver!
* Add regression test for #5087
* Revert "Cached the field's root and context property."
This reverts commit 792005806b.
I sometimes have parameter names with a period (.) in them, to represent nested objects, e.g. containerobj.inner_param. The Javascript was throwing an error in the browsable API when interacting with those parameters.
Large encoded string take a very long time to to release from memory, but if we just pass the stream directly into json.load we get much better memory performance.
Per issue #4999, JSONFields are not rendered properly in the DRF
browsable API HTML forms. This patch attempts to fix that behavior by
introducing a JSONBoundField helper similar to the NestedBoundField
helper.
* reference/master: (22 commits)
Clarify get_schema_fields signature
Updated monthly report link on funding page
Bumped django-guardian version.
remove django 1.11 from allow_failure matrix
update django 1.11 to stable release in tox
Update existing vary headers in response instead of overwriting them.
Update links after moving to encode org
Use overridden settings exception handler
Pass initkwargs stored on view to instance
Update 7-schemas-and-client-libraries.md
Update Boolean field to more closely match python library
Fix parser names in docstring.
Fix typo at docstring
update test case
update test case
fix unique=True validation for ChoiceField
Added drfpasswordless to Authentication docs
Document adding django_filters to installed apps
Added drfpasswordless to third party packages topic page.
Added drfpasswordless to authentication topic page.
...
Python Reference:
distutils.util.strtobool(val)
Convert a string representation of truth to true (1) or false (0).
True values are y, yes, t, true, on and 1; false values are n, no, f, false, off and 0. Raises ValueError if val is anything else.
* reference/master:
use django 1.11rc1 in tox
Leave parameters with regex pattern as String
restored original formatting
Do not hint BigAutoField as integer (outside of range)
Mention where the mixins live
Try to improve browser support
Cleanup and refactor docs api.js script
Move bootstrap modal data attrs to anchor
Remove unused base.js script
Correctly set scheme in coreapi TokenAuthentication
reverted to fix the issue without changing setting
DEFAULT_PAGINATION_CLASS is changed to 'None'
add content block and breadcrumbs_empty block to allow base.html to be reused
Update 7-schemas-and-client-libraries.md
Updated testimonial name on funding site
ID must start from 1 again
* Use py36 on travis
* Remove basepython from tox
* Use py27 on travis
* Use version ranges for dependencies
* Use tox-travis to sync python/env factors
* Add toxenv/django env vars to codecov build vars
* Use raw string to fix py36 invalid escape sequence
* Add test for disabling declared fields on child
* Check that declared base field is not in attrs
* Update meta inheritance docs to include serializer
* Test that meta fields cannot be declared as None
* Add docs example for declarative field disabling
* add failing testcase for breadcrumb suffixes missing when using ModelViewSets
* fix get_breadcrumbs to honor overridden get_view_name and keep viewset suffixes
* ensure suffixes are appended in breadcrumb util
This commit fixes the issue when you set the keyword argument `source`
and your have not set the serializer fields explicitly. Then the
construction of field failed because there is not actually any model
field with that name.
However, you are still able to imply the name of model field by
providing the `source` keyword argument.
This is to address https://github.com/tomchristie/django-rest-raml/issues/5
The problem is that if you try to generate RAML docs when you haven't set up any views, you get the above error (min called on an empty list).
unfortunately, this PR is not very helpful since it doesn't actually surface a readable error to the user. Not sure what the best way to address this would be...
To do `GROUP_BY` queries in django requires one to use `.values()`
eg this groups posts by user getting a count of posts per user.
```
Posts.objects.order_by('user').values('user').annotate(post_count=Count('post'))
```
This would produce a value queryset which serializes its result
objects as dictionaries while `CursorPagination` requires a queryset
with result objects that are model instances.
This commit enables cursor pagination for value querysets.
- had to mangle the tests a bit to test it out. They might need
some refactoring.
- tried the same for `.values_list()` but it turned out to be
trickier than I expected since you have to use tuple indexes.
Since `str` objects are immutable, appending to existing `str` creates
in fact a new `str` instance.
Thus `ErrorDetail.detail.code` attribute is lost after `str` concatenation operation.
when using with django-filter and rest_framework_swagger need to import coreapi before django-filter as django filter tries to load rest_framework.coreapi which is undefined at this point
* Start test case
* Added 'requests' test client
* Address typos
* Graceful fallback if requests is not installed.
* Add cookie support
* Tests for auth and CSRF
* Py3 compat
* py3 compat
* py3 compat
* Add get_requests_client
* Added SchemaGenerator.should_include_link
* add settings for html cutoff on related fields
* Router doesn't work if prefix is blank, though project urls.py handles prefix
* Fix Django 1.10 to-many deprecation
* Add django.core.urlresolvers compatibility
* Update django-filter & django-guardian
* Check for empty router prefix; adjust URL accordingly
It's easiest to fix this issue after we have made the regex. To try
to fix it before would require doing something different for List vs
Detail, which means we'd have to know which type of url we're
constructing before acting accordingly.
* Fix misc django deprecations
* Use TOC extension instead of header
* Fix deprecations for py3k
* Add py3k compatibility to is_simple_callable
* Add is_simple_callable tests
* Drop python 3.2 support (EOL, Dropped by Django)
* schema_renderers= should *set* the renderers, not append to them.
* API client (#4424)
* Fix release notes
* Add note about 'User account is disabled.' vs 'Unable to log in'
* Clean up schema generation (#4527)
* Handle multiple methods on custom action (#4529)
* RequestsClient, CoreAPIClient
* exclude_from_schema
* Added 'get_schema_view()' shortcut
* Added schema descriptions
* Better descriptions for schemas
* Add type annotation to schema generation
* Coerce schema 'pk' in path to actual field name
* Deprecations move into assertion errors
* Use get_schema_view in tests
* Updte CoreJSON media type
* Handle schema structure correctly when path prefixs exist. Closes#4401
* Add PendingDeprecation to Router schema generation.
* Added SCHEMA_COERCE_PATH_PK and SCHEMA_COERCE_METHOD_NAMES
* Renamed and documented 'get_schema_fields' interface.
In commit 5392be4ddb, there was a change
made when cleaning up the template for the API listing that caused 2
spaces to appear before every header item (except the first) and before
the first line of the body of the response. This meant that it often
looked like:
HTTP 200 OK
Allow: GET, OPTIONS
Content-Type: application/json
Vary: Accept
{
"key": "value",
"key2": "value2"
}
This change removes those leading spaces, so that it will now look like:
HTTP 200 OK
Allow: GET, OPTIONS
Content-Type: application/json
Vary: Accept
{
"key": "value",
"key2": "value2"
}
By doing this it is possible to override get_limit in order to return all records if the request has a predefined param.
For example, if one wants that all records are retrieved if url has &limit=-1, get_limit could return self.count in this case.
Otherwise, if self.count is set after self.limit then, to achive the same result, one has to override get_limit and paginate_queryset, or run get_limit twice.
- Change the name of ``resolve_context()`` to ``get_template_context()``.
- Pass the renderer context to this method, to give subclasses more flexibility
when overriding.
The meta information stored in opts needs to be restored for
each search field. Otherwise it references the wrong model
when an attribute of a related model comes before an attribute
of the original model in search fields. This doesn't apply to
m2m relations since must_call_distinct returns True in that
case.
It is possible that a key in a MultiValueDict has multiple values, lists
are represented this way. When accessing a key in a MultiValueDict
it only returns the last element of that key. This becomes a problem
when parsing an html dict with a list inside of it.
To fix this problem we have to get and set the value using .getlist()
and .setlist().
* Exclude read_only=True fields from unique_together validation
* Test to ensure that unique_together validators can be removed
* Do not add uniquness_extra_kwargs when validators are explicitly declared.
* Add docs on validation in complex cases
* Add Meta.fields = '__all__' to serializer classes where required.
* Add explicit on_delete=models.CASCADE to ForeignKey fields.
* Use '.remote_field' and '.model' in preference to '.rel' and '.to' when inspecting model fields.
* Use new value_from_object in preference to internal _get_val_from_obj
* Added TEMPLATES setting to tests
* Remove deprecated view-string in URL conf
* Replace 'urls = ...' in test classes with override_settings('ROOT_URLCONF=...')
* Refactor UsingURLPatterns to use override_settings(ROOT_URLCONF=...) style
* Get model managers and names in a version-compatible manner.
* Apply override_settings to a TestCase, not a mixin class
* Use '.callback' property instead of private attributes when inspecting urlpatterns
* Pass 'user' to template explicitly
* Correct sorting of import statements.
* Remove unused TEMPLATE_LOADERS setting, in favor of TEMPLATES.
* Remove code style issue
* BaseFilter test requires a concrete model
* Resolve tox.ini issues
* Resolve isort differences between local and tox environments
When serializers has fields with something like `source=user.email`, the
uniqueness validator should check `email` field instead of `user`, cause
`user` is a model object.
This allows subclassing TokenAuthentication and setting custom keyword,
thus allowing the Authorization header to be for example:
Bearer 956e252a-513c-48c5-92dd-bfddc364e812
It doesn't change the behavior of TokenAuthentication itself,
it simply allows to reuse the logic of TokenAuthentication without
the need of copy pasting the class and changing one hardcoded string.
Related: #4080
Instead of hardcoding the CSRF cookie name, the value is passed to the template as a context variable, rendered as a JavaScript variable, and read by csrf.js.
Fixes#4048
Determining the version and performing content negotiation should be done before ensuring the permission of the request. The reason is that these information can be used in handling the exceptions. For example different versions may return different error scheme. Also, the rendering class can be used to determine how to exception handler response should be rendered.
+ verbose_name in models.Token fields
+ Meta-options verbose_name & verbose_name_plural
+ Labels in AuthTokenSerializer fields in case of usages in Brousable API
+ provide AppConfig class as described in django documentation with verbose_name came through ugettext_lazy
The fact that we don't import Token from authentication doesn't invalidate
the need for the model to be abstract whenever the authtoken isn't listed
in the INSTALLED_APPS.
QueryParameterVersioning does not fall back to the value used in the `DEFAULT_VERSION` setting, while other versioning schemes do. This looks like a minor change, and incorporates the `self.default_version` set in the superclass.
I'll sheepishly admit that I edited this inline without running any tests or anything, so please let me know if this needs more work.
Previously an extra list wrapped nested validation errors raised from serializer's validate() methods.
That was inconsistent with the format of validation errors raised by validate_<fieldname> methods.
i.e. these two resulted in *different* behaviour:
def validate_foo(self):
raise ValidationError(['bar'])
def validate(self):
raise ValidationError({'foo': ['bar']})
These two tests were previously added in
7d79cf35b7
but we have now discovered that there are not actually two separate
cases, there was just a bug in the code that made it look that way.
This also removes a redundant check to see if `DecimalValidator` was
defined.
Previously, all validators set on a DecimalField in Django would be
stripped when converted to a Django REST framework field. This was
because any validator that was an instance of `DecimalValidator` would
be removed, and when `DecimalValidator` wasn't supported (so it was
`None`), all validators would be removed.
This fixes the issue by only removing the `DecimalValidator` instances
if the `DecimalValidator` is supported.
This allows users in Django 1.9+ to include the authentication urls
without specifying the namespace, as in:
urlpatterns = [
...
url(r'^auth/', include('rest_framework.urls'))
]
Quietly catching `AttributeError` and `TypeError` when calling
`get_queryset()` is rather insidious, as those exceptions get caught no
matter where they might happen in the call stack.
If a NestedBoundField field has a value of `None` and is inside another NestedBoundField field, it will have its value converted to an empty string while the form of its enclosing field is being rendered. So, NestedBoundField fields with an empty string value must be handled the same way as NestedBoundField fields with a `None` value.
Windows Pythons seem to like printing addresses in upper-case, while Linux
Pythons like lower-case hexes.
This led to an amusing (for a given value of "amusing", anyway) situation
where some repr tests would fail if the objects they were testing happened
to be allocated at an address with a hex digit in the range A..F.
The user may wish to provide a dynamic queryset on a `RelatedField`
based on the `context`. The way to do that is to create a subclass of
`RelatedField` (or a child) and override the `get_queryset` method.
However, this is undocumented, and instantiating that field without a
`queryset` argument (because it's not needed) will raise an assertion
error.
Document `.get_queryset(self)` as an official part of the API of
`RelatedField`, and don't enforce the use of `queryset` when
`get_queryset` is overridden.
Previously it required a filter_class,
or else it would error when calling `cls()`.
This now sets the `filter` context to `None`
if one does not exist.
Fixes#3559