Propagate the nullability of underlying model fields in ModelSerializer
when those fields are marked as read only. This ensures the correct
generation of OpenAPI schemas.
Fix#8041.
* Add distinction between request and response serializers
* Add docs
* document new functions in schemas.md
* add a test case for different request vs response objects
* Correct formatting for flake8
Co-authored-by: Shaun Gosse <shaun.gosse@emburse.com>
HTML responses generated by the Browsable API otherwise generate
inconsistent ETAGs -- due to the presence of CSRF tokens in the response
-- even when the API is read-only, (and as such when the response
contains no resource-modifying forms, i.e. neither POST nor PUT forms,
which might require the CSRF token).
While the template was appropriately including CSRF tokens only within
POST and PUT forms, its AJAX overlay included the CSRF token in *every*
response, regardless of whether it would be needed.
This change brings the logic of the `script` block into line with that
of the rest of the template -- and such that read-only APIs (and really
the Browsable API pages of *any* read-only resources) will not
needlessly include the CSRF token, and will now be safely cachable -- by
both back-end systems and by the user agent.
* Add failing tests for ordering filter with model property
* Fix get_default_valid_fields of OrderingFilter
* Filter model properties in get_default_valid_fields of OrderingFilter
* Fix JSONBoundField usage on nested serializers (#6211)
* Unify JSONBoundField as_form_field output between py2 and py3
When using json.dumps with indenting, in python2 the default formatting
prints whitespace after commas (,) and python3 does not. This can be
unified with the separators keyword argument.
* Add failing test when rendering to json a schema with timedelta
* Fix JSONOpenAPIRenderer for fields with default=timedelta()
* fix isort
* fix test for python 3.5
Co-authored-by: Pierre Chiquet <pierre.chiquet@ubikey.fr>
* Handle None in to_representation()
* Return None as '' in to_representation() when coerce_to_string=True
* Handle '' as None in to_internal_value(), for symmetry with
to_representation(), and because the empty concept doesn't make sense
for Decimal.
Fixes#7417.
Fixes all these issues seen with `tox -e py38-django31`:
```
/Users/chainz/Documents/Projects/django-rest-framework/tests/test_request.py:208: RemovedInDjango40Warning: Passing None for the middleware get_response argument is deprecated.
SessionMiddleware().process_request(self.wrapped_request)
tests/test_requests_client.py: 1 test with warning
tests/test_testing.py: 4 tests with warnings
tests/test_throttling.py: 1 test with warning
tests/authentication/test_authentication.py: 4 tests with warnings
tests/browsable_api/test_browsable_api.py: 4 tests with warnings
/Users/chainz/Documents/Projects/django-rest-framework/rest_framework/authentication.py:139: RemovedInDjango40Warning: Passing None for the middleware get_response argument is deprecated.
check = CSRFCheck()
```
* url() is deprecated in Django 3.1
* update given feedbacks on url() is deprecated in Django 3.1
* Fix test_urlpatterns.py to continue testing mixed re_path() and path()
* Fix one missed reference
Co-authored-by: sanjusci <sanju.sci9@gmail.com>
Django 3.1 adds a new generic JSONField to replace the PostgreSQL-specific one. This adds support for the new field type, which should behave the same as the existing PostgreSQL field.
Django's new JSONField also includes support for a custom "decoder", so add support for that in the serializer field.
* Make `NullBooleanField` subclass `BooleanField`
This removes a lot of the redundancy that was in place becuase we
were not doing this. This maintains the `None` initial value that
was previously present, as well as disallowing `allow_null` to be
passed in.
* Remove special case for mapping `NullBooleanField`
In newer versions of Django, the `NullBooleanField` is handled the
same way as a `BooleanField(null=True)`. Given that we also support
that combination, and that our own `NullBooleanField` behaves in the
same manner, it makes sense to remove the special casing that exists
for it.
* Add test for BooleanField(null=True, choices)
* Remove special case for NullBooleanField
* Adjust mapping tests for NullBooleanField
* Fixed linting error
* Raise deprecation warning when NullBooleanField is used
* Fix linting issue in imports
* Fix ModelSerializer unique_together field sources
Updates ModelSerializer to check for serializer fields that map to the
model field sources in the unique_together lists.
* Ensure field name ordering consistency
* Pass data via response instead of renderer_context
Instead of relying on internal implementation details to get a reference
to the response or view, attach these directly to the returned response.
* Remove unused method
* SearchFilter to support Custom query Transforms
Since Some fields support `__` as a custom Transform for query lookups we needed to update the m2m checking code to handle search_fields that contain __ that are not relationships.
* Update documentation on SearchFilter to include references to JSON and HStore Fields.
The `maximum` is valid here within the schema but it was not
previously being included because we were not copying over the
entire schema for the generated `IntegerField` previously.
The `ListField` was generating a schema that contained `type=None`
when a `ChoiceField` was the child, since we are not currently able
to introspect the type of a `ChoiceField`.
* Expand declared filtering tests
- Test declared filter ordering
- Test multiple inheritance
* Fix serializer multiple inheritance bug
* Improve field order test to check for field types
* Raise framework-specific deprecation warnings
- Use `RemovedInDRF313Warning` instead of DeprecationWarning
- Update to follow deprecation policy
* Pass serializer instead of model to validator
The `UniqueTogetherValidator` may need to access attributes on the
serializer instead of just the model instance. For example, this is
useful for handling field sources.
* Fix framework deprecation warning in test
* Remove outdated validator attribute
* First pass at Django 3.0 compat
* Drop Guardian for 1.11 tests, since we're installing an incompatible version
* Fix ROOT_URLCONF override in test case
* Fix typo
Co-Authored-By: Rémy HUBSCHER <hubscher.remy@gmail.com>
* Linting
Refs #6846
This provides a way for pagination classes to add pagination properties (`count`, `next`, `results` etc.) to OpenAPI response schemas.
A new method `get_paginated_response_schema()` has been added to `BasePagination`. This method is intended to mirror `get_paginated_response()` (which takes a `list` and wraps it in a `dict`).
Hence, `get_paginated_response_schema()` takes an unpaginated response schema (of type `array`) and wraps that with a schema object of type `object` containing the relevant properties that the pagination class adds to responses.
The default implementation of `BasePagination.get_paginated_response_schema()` simply passes the schema through unmodified, for backwards compatibility.
This is the first part of #6846.
Previously, the response schema for list views was an object representing a single item. However, list views return a list of items, and hence it should be an array.
Further work will need to be done to support how pagination classes modify list responses.
There should be no change for views not determined to be list views.
* Add tests for raise_errors_on_nested_writes
* Fix dotted-source field checking on serializer write
The code was previously checking the validated data for the field's
attribute name, however, the data contain the first source attr.
Refs #6509
This enforces allow_empty=True when a ListSerializer is a child of another serializer and partial validation is being performed on the parent serializer.
This is because partial validation should allow fields to be omitted, but should not cause values that are invalid without partial validation to become valid.
This effectively reverts #4222. None of the tests added in that PR fail if the associated change is removed, so I‘m not sure what that PR was trying to fix.
* fixes#6751
* reverted condition
* save instance before setting m2m fields
* added comment why m2m fields are saved after instance
* removed blank line
* added test for the issue 6751
Use of PyYAML's yaml.load function without specifying the Loader
parameter has been deprecated, see https://msg.pyyaml.org/load.
Earlier versions of PyYAML already had the alternative safe_load
function, which limits the loader to a subset of YAML constructs, that
is enough for what we need here.
Fixes#6677
It might be useful for a serializer with many many fields which uses
read_only and write_only on a large percentage of the fields. But the
memory usage and statefulness it adds are not worth it for the common
case.
* Added regression tests (#6504)
Co-Authored-By: Tom Quinonero <tq@3yourmind.com>
* Fix CursorPagination when objects get deleted between calls (#6504)
Co-Authored-By: Tom Quinonero <tq@3yourmind.com>
On Python 3, the ugettext functions are a simple aliases of their non-u
counterparts (the 'u' represents Python 2 unicode type). Starting with
Django 3.0, the u versions will be deprecated.
https://docs.djangoproject.com/en/dev/releases/3.0/#id2
> django.utils.translation.ugettext(), ugettext_lazy(), ugettext_noop(),
> ungettext(), and ungettext_lazy() are deprecated in favor of the
> functions that they’re aliases for:
> django.utils.translation.gettext(), gettext_lazy(), gettext_noop(),
> ngettext(), and ngettext_lazy().