Commit Graph

3570 Commits

Author SHA1 Message Date
Ryan P Kilby
de9f1d56c4 Followup to set_context removal (#7076)
* Raise framework-specific deprecation warnings

- Use `RemovedInDRF313Warning` instead of DeprecationWarning
- Update to follow deprecation policy

* Pass serializer instead of model to validator

The `UniqueTogetherValidator` may need to access attributes on the
serializer instead of just the model instance. For example, this is
useful for handling field sources.

* Fix framework deprecation warning in test

* Remove outdated validator attribute
2019-12-11 08:44:08 +00:00
Roy Segall
ebcd93163a Adding I'm a teapot error code (#7081) 2019-12-10 09:18:35 +00:00
Ryan P Kilby
90eaf51839
Update framework deprecation warnings (#7075)
- Bump version numbers for deprecation warnings
- Drop deprecated features
2019-12-04 16:18:38 -08:00
Ryan P Kilby
95d4843abe
Fix Django 3.0 deprecations (#7074) 2019-12-04 14:14:43 -08:00
Hasan Ramezani
4d9f9eb192 Changed default widget for TextField with choices to select (#6892) 2019-12-04 12:24:49 -08:00
Tom Christie
070cff5a03
Drop set_context() (#7062)
* Do not persist the context in validators

Fixes encode/django-rest-framework#5760

* Drop set_context() in favour of 'requires_context = True'
2019-12-03 11:16:27 +00:00
Tom Christie
fe840a34ff
Escape hyperlink URLs on lookup (#7059)
* Escape hyperlink URLs on lookup

* Rename duplicate test
2019-11-21 11:38:40 +00:00
Chris Guo
cad1b08260 Fix override func style and regular usage (#7050)
* style: add space and rm redundant parentheses

* refactor: use super to replace inherit class

* Prefer explicit tuple syntax
2019-11-18 12:30:36 +00:00
Maxime Jacques
8988afa082 Update bootstrap to 3.4.1 (#6923) 2019-11-11 16:41:10 -05:00
Yann Savary
0d3d548aa5 OpenAPI: Fixed generation when title or version not provided. (#6912) 2019-11-06 21:54:12 +01:00
Yann Savary
7c3477dcda OpenAPI: Ported docstring operation description from CoreAPI inspector. (#6898) 2019-11-06 21:52:02 +01:00
Kentalot
becb962160 OpenAPI: Use int64 format for large integers. (#7018) 2019-11-06 21:46:19 +01:00
Dima Knivets
8b06ce72d7 OpenAPI: Map renderers/parsers for request/response media-types. (#6865) 2019-11-06 21:44:51 +01:00
Tom Christie
82f2569895
Update __init__.py 2019-11-05 16:43:32 +00:00
Erwan Rouchet
39bd6cc5cb Set the proper JSON schema type for HStoreFields in OpenAPI schemas (#6914) 2019-10-27 21:13:01 -04:00
Jeremy Lainé
c9f06bf73f Fix a spelling error in openapi AutoSchema method (#7004)
Replace "pagninator" by "paginator".
2019-10-24 10:51:16 +02:00
Ryan P Kilby
a8c86be660
Update linter requirements (#7010) 2019-10-22 11:18:51 -07:00
Sergey
43397a81ae Fixed decimal snan deserialization (#7002)
* Added test case causes exception in DecimalField deserialization

* Fixed NaN checking which throws exception with sNaN value
2019-10-22 10:06:37 +01:00
Guilherme Munarolo
0fd72f17ee Fixed crash deleting required schema parameter key on PATCH requests. (#6944)
Closes #6941
2019-10-10 08:50:20 +02:00
Francisco Couzo
37dcd55370 Fix bug in escape_curly_brackets (#6909) 2019-10-04 13:50:19 -07:00
mehrab
b4db2dfacf Fixed no-cls-argument on staticmethod __new__ (#6960) 2019-10-04 12:40:09 -07:00
Konstantinos Tselepakis
30e56f62ba Fix nested write of non-relational fields (#6916) 2019-10-03 09:33:37 -07:00
Mariusz Felisiak
75afe48b6c Fixed import of FieldDoesNotExist exception. 2019-09-28 20:52:22 +02:00
Tom Christie
89ac0a1c7e
Version 3.10.3 (#6908)
* Version 3.10.3

* Version 3.10.3 release notes
2019-09-04 14:28:25 +01:00
Tom Christie
4b30b32014
Default OpenAPI version to the empty string (#6907) 2019-09-04 12:53:50 +01:00
Yann Savary
e57c1505fc Replaced 'TODO' hardcoded version info by a parameter with default '0.1.0' (#6899) 2019-09-03 16:07:30 +02:00
Peter J. Farrell
b3f032fb8f Fixed #6875 -- Made OpenAPI Schema operationId casing consistent. (#6876) 2019-09-03 16:05:43 +02:00
Dima Knivets
1cc4be47b4 Fixed min/max attributes for serializers.ListField (#6866) 2019-09-03 15:43:54 +02:00
Reupen Shah
f8c16441fa Add support for pagination in OpenAPI response schemas (#6867)
Refs #6846

This provides a way for pagination classes to add pagination properties (`count`, `next`, `results` etc.) to OpenAPI response schemas.

A new method `get_paginated_response_schema()` has been added to `BasePagination`. This method is intended to mirror `get_paginated_response()` (which takes a `list` and wraps it in a `dict`). 

Hence, `get_paginated_response_schema()` takes an unpaginated response schema (of type `array`) and wraps that with a schema object of type `object` containing the relevant properties that the pagination class adds to responses.

The default implementation of `BasePagination.get_paginated_response_schema()` simply passes the schema through unmodified, for backwards compatibility.
2019-09-03 15:25:44 +02:00
Christopher Grebs
5a8736ae45 Handle 'None' return value of wait() properly during throttling. (#6837) 2019-08-12 11:36:05 -07:00
Dima Knivets
a142467586 Fixed incorrect OpenAPI response schema generation for a DELETE method in generic views (#6860) 2019-08-09 15:02:41 +02:00
Chris Vigelius
f7dc6b5656 OpenAPI: Added required description to responses. (#6850) 2019-08-07 22:09:27 +02:00
Chris Vigelius
0ebfbfdf81 OpenAPI: only include non-empty required property. (#6851)
Closes #6834
2019-08-07 21:40:21 +02:00
Gregory N. Schmit
335054a5d3 replace force_text with force_str 2019-08-07 21:05:24 +02:00
Reupen Shah
b45ff07294 Use an array type for list view response schemas
This is the first part of #6846.

Previously, the response schema for list views was an object representing a single item. However, list views return a list of items, and hence it should be an array.

Further work will need to be done to support how pagination classes modify list responses.

There should be no change for views not determined to be list views.
2019-08-07 20:40:22 +02:00
Reupen Shah
a3f244d85e Move AutoSchema serializer instantiation to common method 2019-08-07 20:40:22 +02:00
zeroohub
7e1c4be7ce Avoided double call for remote url in FileField.to_representation. (#6841) 2019-08-06 12:31:46 +02:00
Min ho Kim
0e1c5d3132 Fix typos (#6835) 2019-07-25 10:04:01 -07:00
Chris Vigelius
ca727872c8 OpenAPI schemas: Ensure lazy field descriptions are converted to str(). (#6832) 2019-07-25 15:30:20 +02:00
Carlton Gibson
de26af4295 Move determine_path_prefix() logic into CoreAPI module. 2019-07-24 11:13:30 +02:00
Carlton Gibson
e309a4f0b8 Fix OpenAPI path generation with common prefixes.
Closes #6675. Closes #6823.
2019-07-24 11:13:30 +02:00
Daniel Alvarez
2138f558ce Added mapping of ListField.child type for OpenAPI Schemas. 2019-07-24 11:09:57 +02:00
Muammar ibn Faisal
f7c3220fdb Ability to specify urlconf in include_docs_urls added (#6824)
There is a problem in the current implementation that if one exports docs via `include_docs_urls` he will be using `ROOT_URLCONF` (https://github.com/encode/django-rest-framework/blob/master/rest_framework/schemas/generators.py#L73), which is a big problem, if one is working with subdomains and he has sets of disjoint URLs.
This simple fix allows to pass through forgotten `urlconf` parameter.
2019-07-23 12:06:03 +01:00
Tom Christie
044252af1c
Version 3.10.1 (#6817)
* Ensure that requiring 'uritemplate' does not also require 'coreapi'

* Don't include autocomplete fields on TokenAuth admin

* Version 3.10.1
2019-07-17 14:17:45 +01:00
Tom Christie
9eaf49dab9
Version 3.10 (#6802)
* 3.10 release notes

* Version number -> 3.10

* Update translations

* Update 3.10 release docs

* Update release notes

* Delete symlink
2019-07-15 12:31:09 +01:00
Ryan P Kilby
b26db12813 Update default settings to use lists instead of tuples (#6799)
* Update default settings from tuples to lists

* Add missing trailing commas

* Use single quotes for consistency

* Update settings lists in docs
2019-07-15 11:54:46 +01:00
Aarni Koskela
5c922fb39d JSONEncoder: ensure empty listlikes remain lists, not dicts (#6794) 2019-07-09 11:41:05 +01:00
Tom Quinonero
7762aaa90f Docs sidebar improvements (#5638) (#6589)
* add sans-serif fallback for Verdana in docs sidebar

Co-Authored-By: Joachim Jablon <ewjoachim@gmail.com>

* improve display for docs sidebar (#5638)

Co-Authored-By: Joachim Jablon <ewjoachim@gmail.com>
2019-07-08 13:05:13 +01:00
Ryan P Kilby
bd6a1b3b6c Fix dotted-source field checking on serializer write (#6786)
* Add tests for raise_errors_on_nested_writes

* Fix dotted-source field checking on serializer write

The code was previously checking the validated data for the field's
attribute name, however, the data contain the first source attr.
2019-07-08 11:10:18 +01:00
Ryan P Kilby
976739206c Don't render extra actions when unauthenticated (#6775) 2019-07-04 14:54:16 +01:00
Ryan P Kilby
e4e75f1c7c
Strip null characters from search param (#6774) 2019-07-02 11:33:48 -07:00
Ryan P Kilby
41d5338ba6 Translate Throttled exception messages (#6771) 2019-07-02 11:21:40 +01:00
Ryan P Kilby
da06240257
Fix ModelField max_length argument (#6773) 2019-07-01 19:14:45 -07:00
Karambir Singh Nain
a7778897ad Fix ArrayField kwargs mapping for blank/allow_empty (#6758)
Postgres ArrayField blank=True should allow empty Lists in Serializer
2019-07-01 17:34:34 -07:00
Reupen Shah
3242adf058 Enforce allow_empty=False during partial validation of parent serializer (#6512)
Refs #6509

This enforces allow_empty=True when a ListSerializer is a child of another serializer and partial validation is being performed on the parent serializer.

This is because partial validation should allow fields to be omitted, but should not cause values that are invalid without partial validation to become valid.

This effectively reverts #4222. None of the tests added in that PR fail if the associated change is removed, so I‘m not sure what that PR was trying to fix.
2019-07-01 13:30:16 +01:00
Michael
79b2350b54 [fields] Format error message only if params exist (#6624)
This prevents exceptions when the error message contains `%`, but is
not intended for formatting.  Django itself does the same:
6866c91b63/django/core/exceptions.py (L168-L169)

Fixes encode/django-rest-framework#6622
2019-07-01 13:28:16 +01:00
Ryan P Kilby
7179ea9984 Raise exception when field source is a built-in (#6766) 2019-07-01 13:25:47 +01:00
Ryan P Kilby
91ea138406 Allow redundant SerializerMethodField method names (#6767) 2019-07-01 13:22:03 +01:00
Greg Curtis
42fd179d4e upgrade jQuery to latest version (#6728) 2019-07-01 13:16:21 +01:00
Ryan P Kilby
df1d146ee7
Remove old documentation (#6765) 2019-06-28 16:03:00 -07:00
Jan Pieter Waagmeester
cfd3ea0996 TokenAdmin: add 'user' to autocomplete_fields (#6762)
TokenAdmin is unusable with a big number of user records (in this case ~150k). Django 2.0 added the [ModelAdmin.autocomplete_fields](https://docs.djangoproject.com/en/stable/ref/contrib/admin/#django.contrib.admin.ModelAdmin.autocomplete_fields) option to use select2 to provide a better user experience.

If support for django 1.11 is dropped, this change would make the `TokenAdmin` usable again.
2019-06-28 13:44:15 +01:00
Kryštof Řeháček
6a95451d72 Fixes #6751 - ModelSerializer fields does not get updated correctly when signals are connected to some fields (#6752)
* fixes #6751

* reverted condition

* save instance before setting m2m fields

* added comment why m2m fields are saved after instance

* removed blank line

* added test for the issue 6751
2019-06-22 09:14:15 +01:00
Xavier Ordoquy
809a6acd36 Add --urlconf to the generateschema command (#6696) 2019-06-09 15:23:52 +02:00
Alan Crosswell
4d228257ac Retain declared path ordering in OpenAPI YAML output. (#6680)
* Add pyyaml.dump(..., sort_keys=False) to not sort openapi keys alphabetically
* Retain ordering of paths as provided in urlconf in OpenAPI schemas.
2019-06-09 14:58:02 +02:00
Alan Crosswell
819c46ea80 Add --generator_class CLI option to generateschema (#6735)
* add --generator_class CLI option to generateschema
* Add test for generateschema —generator_class flag.
2019-06-09 14:43:54 +02:00
Alan Crosswell
2d65f82dd7 Generate OpenAPI schema field types from validators. (#6674) 2019-06-09 14:42:56 +02:00
Alan Crosswell
a63860fc8b Corrected openapi.SchemaGenerator path prefixes. (#6724) 2019-06-09 14:29:55 +02:00
Ryan P Kilby
3e210ae48d
Update markdown preprocessor registration (#6722) 2019-05-31 14:11:58 -07:00
Adam
6aac9d2be1 Remove references to django-crispy-forms (#6600) 2019-05-30 19:47:30 -07:00
Jon Dufresne
b37aa284eb Remove unnecessary bytes() calls (#6626) 2019-05-30 15:05:27 -07:00
Florian Wendelborn
6bd25c09a6 Add Multiple HTTP Statuses (#6706) 2019-05-30 14:32:46 -07:00
Ran Benita
c2293e9f25 Improve performance of lazy validation message formatting (#6709) 2019-05-29 11:32:03 -07:00
Raffaele Salmaso
514033815d Allow JSONField encoder customization. (#6713) 2019-05-24 12:47:35 +01:00
Mathieu Pillard
afb678433b Always call all throttling classes on the view when checking throttles (#6711) 2019-05-23 14:42:29 +01:00
Ryan P Kilby
19ca86d8d6
Fix lazy translation of ListField errors (#6708)
* Test init for fields w/ lazy translations
* Fix lazy translations for ListField
2019-05-22 19:41:53 -07:00
Florian Wendelborn
0d0e7c3ae0 Add HTTP 308 Permanent Redirect (#6693) 2019-05-22 11:25:12 -07:00
Ryan P Kilby
db37512a6e
Remove 3.10 deprecations (#6687)
* Remove DjangoObjectPermissionsFilter
* Remove detail_route/list_route
* Bump deprecation warning versions
2019-05-21 10:36:55 -07:00
Ran Benita
ccd9b71c0a Don't cache _readable_fields and _writable_fields (#6689)
It might be useful for a serializer with many many fields which uses
read_only and write_only on a large percentage of the fields. But the
memory usage and statefulness it adds are not worth it for the common
case.
2019-05-21 15:45:31 +01:00
Ryan P Kilby
1b8141a4aa
Fix nullable source='*' fields (#6659) 2019-05-20 14:58:02 -07:00
Ran Benita
7232586c7c Simplify Serializer.fields with @cached_property (#6662) 2019-05-20 14:49:47 +01:00
Joachim Jablon
43a9cc1b7a Fix CursorPagination when objects get deleted between calls (#6504) (#6593)
* Added regression tests (#6504)

Co-Authored-By: Tom Quinonero <tq@3yourmind.com>

* Fix CursorPagination when objects get deleted between calls (#6504)

Co-Authored-By: Tom Quinonero <tq@3yourmind.com>
2019-05-20 14:41:31 +01:00
Carlton Gibson
37f210a455
Added OpenAPI Schema Generation. (#6532)
Co-authored-by: Lucidiot <lucidiot@protonmail.com>
Co-authored-by: dongfangtianyu <dongfangtianyu@qq.com>
2019-05-13 16:07:03 +02:00
Ran Benita
9811a29a5a Pass through memo in __deepcopy__ as required by the docs (#6660)
This is needed to avoid problems with recursive loops. See
https://docs.python.org/3.7/library/copy.html
toward the end.
2019-05-09 09:20:32 +01:00
gaetano-guerriero
a7c577cb31 Dict field allow empty (#6583)
* dict field: support allow_empty option

* document ListField allow_empty option

* document HStoreField allow_empty parameter
2019-05-09 09:18:20 +01:00
Tim Gates
564faddb0f Make Markdown 2.6 the minimum compatible version (#6576) 2019-05-08 19:34:38 -07:00
Afnarel
67d2eabd6c Fix username in template for custom user models (#6612) 2019-05-01 17:23:23 -07:00
Jon Dufresne
e16273a658 Simplify import_from_string() with Django's import_string() (#6617) 2019-05-01 15:32:28 -07:00
Jon Dufresne
5e1619bc9e Remove unnecessary assignments immediately before a return statement (#6619)
Cleans up the pattern:

    ...
    myvar = <expression>
    return myvar

To:

    ...
    return <expression>
2019-05-01 07:51:54 +02:00
Jon Dufresne
3f19e66d9f Replace all usage ugettext functions with the non-u versions (#6634)
On Python 3, the ugettext functions are a simple aliases of their non-u
counterparts (the 'u' represents Python 2 unicode type). Starting with
Django 3.0, the u versions will be deprecated.

https://docs.djangoproject.com/en/dev/releases/3.0/#id2

> django.utils.translation.ugettext(), ugettext_lazy(), ugettext_noop(),
> ungettext(), and ungettext_lazy() are deprecated in favor of the
> functions that they’re aliases for:
> django.utils.translation.gettext(), gettext_lazy(), gettext_noop(),
> ngettext(), and ngettext_lazy().
2019-05-01 07:49:54 +02:00
Jon Dufresne
513a49d63b Drop default 'utf-8' to .encode()/.decode() (#6633)
A Python 3 cleanup that allows for less noise in the code.

https://docs.python.org/3/library/stdtypes.html#bytes.decode
https://docs.python.org/3/library/stdtypes.html#str.encode
2019-05-01 07:49:16 +02:00
Jon Dufresne
ff86f09f74 Remove unnecessary compatibility shims from rest_framework/compat.py (#6631)
For Python 3, collections.abc.Mapping and collections.abc.MutableMapping
are always available from the stdlib.
2019-05-01 07:44:33 +02:00
Carlton Gibson
0407a0df8a
Dropped Python 2 compatibility. (#6615)
Thanks to Jon Dufresne (@jdufresne) for review.

Co-authored-by: Asif Saif Uddin <auvipy@gmail.com>
Co-authored-by: Rizwan Mansuri <Rizwan@webbyfox.com>
2019-04-30 17:53:44 +02:00
Carlton Gibson
83d09c7bc5
Update version and release notes for v3.9.3. 2019-04-29 16:30:44 +02:00
Carlton Gibson
bf9859de51
Adjust django-guardian check for PY2 compatible version. (#6613) 2019-04-29 16:08:39 +02:00
Patrickcai
b25d245b89 Merge multiple isinstance() calls to one (#6513)
* Merge multiple isinstance() calls to one

See https://docs.python.org/3/library/functions.html#isinstance

* Fix `)` mismatch

Fix `)` mismatch
2019-03-22 12:29:45 +00:00
Kevin Brown
86c72bb226 Fix schema generation of ManyRelatedField to detect the child type (#6489)
* Introspect ManyRelatedField data type recursively

For all `ManyRelatedField` objects, we were assuming that the inner type was always a `String`. While this may be true for the default output, a `ManyRelatedField` is a wrapper for a lot of other classes which includes more than just strings. This should allow us to document lists of things other than strings.

* Added test for schemas for many-to-many fields

This adds a test that makes sure we generate the schema for a many-to-many field such that it actually has the right type. For some reason we did not previously have any tests for schema generation that included them, so hopefully this will prevent any future issues from popping up.

This should serve as a regression test for the `items` field on to-many relationships, which was previously forced to a `String` even though in most cases it is a different inner type within the array.
2019-03-07 11:26:03 +01:00
Ryan P Kilby
fd32dd7ca4 Explicitly raise exc in 'raise_uncaught_exception' (#6435) 2019-03-07 09:44:20 +00:00
Jon Dufresne
9d06e43d05 Replace type('') with six.text_type (#6482)
As all source files import unicode_literals, type('') is always
equivalent to six.text_type (str on Python 3 and unicode on Python 2).
Removes the need to call type(), is more explicit, and will be easier to
catch places to change for when it is time to eventually drop Python 2.
2019-03-05 12:11:46 +01:00
Carlton Gibson
ac4c78967a Update version for v3.9.2 release. 2019-03-03 20:16:16 +01:00
Jon Dufresne
7eac86688a Remove executable bit from static assets (#6484)
These files are simply static assets and do not require an executable
bit. They are never intended to be executed as standalone scripts.
2019-03-03 18:39:08 +00:00
Carlton Gibson
94593b3a50
Introduce RemovedInDRF…Warning classes to simplify deprecations. (#6480)
Closes #6290.
2019-03-03 09:20:45 +01:00
Jon Dufresne
a216d02ce0 Merge multiple isinstance() calls to one (#6481)
https://docs.python.org/3/library/functions.html#isinstance

> If classinfo is a tuple of type objects (or recursively, other such
> tuples), return true if object is an instance of any of the types.
2019-03-02 20:48:03 +00:00
Andrzej Górski
317174b163 Avoided calling distinct on annotated fields in SearchFilter. (#6240)
Fixes #6094
2019-02-25 16:59:25 +01:00
Adrien Brunet
2daf6f1341 Add negation ~ operator to permissions composition (#6361) 2019-02-25 15:33:40 +01:00
Frédéric Massart
94fbfcb6fd Added lazy evaluation to composed permissions. (#6463)
Refs #6402.
2019-02-25 13:47:02 +01:00
Carlton Gibson
8a29c53226 Allowed Q objects in limit_choices_to introspection. (#6472)
Closes #6470.
2019-02-25 10:49:29 +00:00
Charlie Hornsby
07c5c968ce Fix DeprecationWarning when accessing collections.abc classes via collections (#6268)
* Use compat version of collections.abc.Mapping

Since the Mapping class will no longer be available to import directly
from the collections module in Python 3.8, we should use the
compatibility helper introduced in #6154 in the fields module.

* Alias and use compat version of collections.abc.MutableMapping

Since the MutableMapping class will no longer be available to import
directly from the collections module in Python 3.8, we should create an
alias for it in the compat module and use that instead.
2019-02-25 09:17:04 +01:00
Allan Reyes
d110454d4c Added SearchFilter.get_search_fields() hook. (#6279) 2019-02-19 17:18:14 +01:00
Si Feng
1ece516d2d Adjusted field validators to accept iterables. (#6282)
Closes 6280.
2019-02-19 16:38:20 +01:00
jeffrey k eliasen
eb3180173e Made templates compatible with session-based CSRF. (#6207) 2019-02-19 12:15:03 +01:00
Carlton Gibson
190f6201cb
Update Django Guardian dependency. (#6430)
* Update Django Guardian dependency.
* Skip testing Guardian on PY2. See https://github.com/django-guardian/django-guardian/issues/602
2019-01-31 15:59:19 +01:00
Carlton Gibson
bd9a799e16
Fixed SchemaView to reset renderer on exception. (#6429)
Fixes #6258.
2019-01-31 15:28:01 +01:00
Carlton Gibson
f54a220d8f
Corrected coreapi CLI code example generation. (#6428)
Remove “> “ when rendering template.
Closes #6333.
2019-01-31 11:36:40 +01:00
Andy Babic
87ade870c3 Added 'request_forms' block to base.html (#6340) 2019-01-24 16:30:46 +01:00
Carlton Gibson
8d20e10218
Deferred schema renderer creation to avoid requiring pyyaml. (#6416)
Closes #6366.
2019-01-24 16:01:06 +01:00
Carlton Gibson
f539c0dbd1
Removed incorrect DictField docstring. (#6417)
Closes #6363.
2019-01-24 15:18:22 +01:00
Sébastien Diemer
822b85ac36 routers: invalidate _urls cache on register (#6407)
see https://github.com/encode/django-rest-framework/issues/5660

Trying to register new routes on a router after having accessed the
router `urls` attribute leads to surprising results.
The route is added without error to the router's `registry` but the urls
are not updated, because they are cached in `_urls`.
This commit invalidates the cache after each new registration.
2019-01-17 13:07:57 +00:00
Tom Christie
453196e9c3
Version 3.9.1 (#6405)
* Version 3.9.1

* Upgrade bootstrap

* Release notes for 3.9.1
2019-01-16 13:27:35 +00:00
Yury V. Zaytsev
4bb9a3c484 Fix XSS caused by disabled autoescaping in the default DRF Browsable API view templates (#6330)
* Add test that verifies that HTML is correctly escaped in Browsable API views

* Fix `urlize_quoted_links` tag to avoid double escaping in autoescape mode

* Fix XSS in default DRF Browsable API template by re-enabling autoescape
2019-01-16 12:36:25 +00:00
Adrien Brunet
e3bd4b9048 Fix #1811: take limit_choices_to into account with FK (#6371)
* Fix issue1811: take limit_choices_to into account with FK

* Issue 1811: Add tests to illustrate issue

* Filter queryset only if limit_choices_to exists

* Move test_relations_with_limited_querysets file within test_relations_pk

* move limit_choices_to logic from relations.py to utils/field_mapping.py

* move limit_choices_to above other check to avoid conflicts
2019-01-08 13:49:47 +00:00
Stephen Finucane
c052a86c7b compat: (py2) urlparse = urllib.parse (py3) (#6262)
* compat: (py2) urlparse = urllib.parse (py3)

We were mistakenly importing the 'urlparse' function from the Python 2
'urlparse' module, as opposed to the module itself. Correct this.

Signed-off-by: Stephen Finucane <stephen@that.guru>
Closes: #6261

* compat: Remove 'compat.urlparse'

We can just use Django's vendored six library, like we do everywhere
else.

Signed-off-by: Stephen Finucane <stephen@that.guru>
2019-01-08 12:03:02 +00:00
Carlton Gibson
587058e3c2 Allow run_validators() to handle non-dict types. (#6365)
Fixes #6053.

Original test case thanks to Vincent Delaitre in #6242.
2019-01-08 11:39:30 +00:00
Yaser Khahani
0cf18c4163 Use Default Version in URLPathVersioning if 'version' Didn't Specified by Client (#6380)
* Use Default Version in URLPathVersioning if 'version' Didn't Passed

* Clean Code
2019-01-08 11:34:54 +00:00
Alf
963ce306f3 Added "allow_unicode" to generated kwargs for ModelSerializer SlugField (#6315) 2018-12-19 15:37:52 +01:00
HoangYell
b61806e3b3 add "js-tooltip" class to "POST" button (#6344)
the tool tip of "POST" button is different from other buttons, since it loses the "js-tooltip" class.
2018-12-03 12:10:05 +00:00
Benjamin Pereto
5a54f897ec FIX: openapi schema title should be a string not a tuple (#6259) 2018-11-28 12:45:26 +00:00
Xavier Ordoquy
74574217a4 Fix composable permissions
In some cases we end with an operation between two `OperandHolder`.
This didn't work as it didn't knew how to deal with | or &
This fixes by adding those operations.
2018-11-27 15:29:44 +01:00
takaaki shimbo
0f5dfe8b3c Fix typo in schemas (#6332)
* Fix typo in generators.py

* Fix typo in inspectors.py

* message line too long

* Change backslash to multiline strings

* Removed trailing whitespace from assertion message
2018-11-26 10:14:59 -08:00
Mark Davidoff
6f2c0dbf4d
permissions must return a boolean
`x and y` actually returns object y when both are true. the means P & IsAuthenticated will fail with TypeError: unsupported operand type(s) for &: 'instance' and 'bool' as IsAuthenticated now returns a CallableBool which does not overload __ror__
2018-10-28 14:12:39 -07:00
Tom Christie
2c9c0f1b7f
Version 3.9 (#6247)
* Release notes to 5174a26ec9

* Update version for v3.9.0

* Removed exclude_from_schema per deprecation policy.

* Updated list_route() and detail_route() deprecations.

* Weakened to PendingDeprecationWarning for `base_name`

cc @rpkilby.

* Add (beginning of) 3.9 release announcement.

@tomchristie: Input on OpenAPI and What’s Next very welcome! :)

* Add announcement section for Extra Actions in Browsable API

* Update release notes and add deprecation note for Django Guardian backend.

* Add release note for #6073

* Add release notes to dd19a44583

* Adding release notes

* Update 3.9 announcement

* Add Oct 18 release date
2018-10-18 10:38:46 +01:00
Dennis Kliban
dd19a44583 Problem: autoescape not getting passed to urlize_quoted_links filter (#6191)
Solution: set needs_autoescape=True when registering the filter

Without this patch, the disabling autoescape in the template does not work.
2018-10-10 10:36:04 +02:00
Daniel Bate
5feb835929 Feature/action docs sections (#6060)
* added ability to add sections to custom action documentation

* added tests to cover docs sections in custom actions

* added method specific docs test for action mapping

* added docs for custom action documentation
2018-10-10 10:29:29 +02:00
Tom Christie
6522d4ae20
Add OpenAPIRenderer by default, and add schema docs. (#6233)
* Add OpenAPIRenderer as a default for get_schema_view, and start adding schema docs

* Add optional pyyaml

* Updating schema docs
2018-10-04 14:05:55 +01:00
Xavier Ordoquy
b41a6cfa38 permissions: Allow permissions to be composed (#5753)
* permissions: Allow permissions to be composed

Implement a system to compose permissions with and / or.
This is performed by returning an `OperationHolder` instance that keeps the
permission classes and type of composition (and / or).
When called it will return a AND/OR instance that will then delegate the
permission check to the operands.

* permissions: Add documentation about composed permissions

* Fix documentation typo in permissions
2018-10-03 15:36:24 +01:00
Tom Christie
8908934928
Add OpenAPIRenderer and generate_schema management command. (#6229)
* Add OpenAPIRenderer and generate_schema command

* Add both OpenAPIRenderer and JSONOpenAPIRenderer

* Add flags to generate_schema command

* Fix syntax error

* Pull coreschema references into method, so they are only used if 'OpenAPIRenderer' is in use.

* generate_schema -> generateschema, and fix to OpenAPIRenderer

* Ensure that renderers generate bytes and generateschema outputs text

* Drop unused import
2018-10-03 15:28:04 +01:00
Jerome Leclanche
0eb2dc1137 Prohibit null characters in CharField by default (#6073)
* Implement an allow_null_bytes argument to CharField (default True)
* Switch to using native ProhibitNullCharactersValidator instead
2018-10-02 16:54:15 +02:00
Ryan P Kilby
66183389f6 Deprecate DjangoObjectPermissionsFilter (#6075) 2018-10-02 16:34:25 +02:00
Ryan P Kilby
903204cd79 Fix action support for ViewSet suffixes (#6081)
* Add suffix support for actions

Removes the newly introduced `action.name` in favor of leveraging the
View's `.get_view_name()` method, which supports both name and suffix.

* Fix view description func docstrings

* Test action decorator name & suffix kwargs

* Adjust 'extra action' docs
2018-10-02 16:22:21 +02:00
Jon Dufresne
878f9d2783 Prefer https:// for URLs when available throughout project (#6208) 2018-10-02 08:28:58 +02:00
Jon Dufresne
ed6340ee76 Remove unnecessary use of compat shim six.binary_type (#6189)
The type bytes is available on all supported Pythons. On Python 2.7, it
is an alias for str, same as six.binary_type. Makes the code more
forward compatible with Python 3.
2018-09-17 10:39:59 +02:00
Ryan P Kilby
fc6cbb5b26 Allow nullable BooleanField in Django 2.1 (#6183)
* Add tests for BooleanField when nullable

* Allow nullable BooleanField in Django 2.1

* Drop 'BooleanField.allow_null' check

* Remove conflicting false/null values
2018-09-13 17:25:03 +01:00
Jerome Leclanche
612a7b989f Fix Python 3.8 compatibility (#6154) 2018-09-10 21:12:32 -07:00
Jon Dufresne
4d57d46bf8 Prefer io.BytesIO over six; available on all supported Pythons (#6168)
On all supported Pythons, the io.BytesIO is always a stream
implementation using an in-memory bytes buffer.

Makes code slightly more forward compatible by reducing use of the six
module and promotes more forward compatible practices in the docs.
2018-09-09 11:53:41 +01:00
oliver
bcc565f387 Clean up unnecessary if statement (#6163) 2018-09-06 07:25:20 +01:00
Jon Dufresne
468cdd16ed Remove unnecessary models.py file (#6142)
Since Django 1.7, an empty models.py file is not required.

See
https://docs.djangoproject.com/en/dev/releases/1.7/#app-loading-refactor

> It is possible to omit models.py entirely if an application doesn’t
> have any models.
2018-08-28 09:51:28 +02:00
Craig de Stigter
81fa4b4f75 Fix CSRF cookie check failure when using session auth with django 1.11.6+ (#6113)
Test included. Fixes #6088
2018-08-07 08:18:56 +01:00
Oleg
2fab7838ef Improve ModelSerializer.create() error message. (#6112) 2018-08-06 20:11:55 +02:00
Oleg
8b5e830bce Handle models without .objects manager in ModelSerializer. (#6111)
* Handle models without .objects manager in ModelSerializer.

* Improvements according to review comments.
2018-08-06 14:30:43 +02:00
Ryan P Kilby
38b3d0109b Only catch TypeError/ValueError for object lookups (#6028)
* Only catch TypeError/ValueError for object lookups

* Test wrapped TypeError/ValueError handling

* Raise NotImplementedError in tests instead of pass
2018-07-06 12:18:17 +02:00
Ryan P Kilby
a628a2dbce Drop Django 1.10 support (#5657)
* Remove Django 1.10 from CI

* Remove Django 1.10 compat code
2018-07-06 12:14:31 +02:00
Ryan P Kilby
9b8af04e7f Move guardian imports out of compat (#6054) 2018-07-06 11:32:02 +02:00
Ryan P Kilby
7095021db7 Rename base_name => basename for consistency's sake (#5990)
* Rename base_name => basename for consistency

* Update tests to use basename
2018-07-06 11:03:12 +02:00
Ryan P Kilby
f89cc066bc Admin renderer urls (#5988)
* Make admin detail link have small width

* Disable admin detail link when no URL

* Add 'AdminRenderer.get_result_url'

Attempts to reverse the result's detail view URL.
2018-07-06 10:58:26 +02:00
Daniel Hahler
3578bd6883 get_error_detail: use error_dict/error_list (#5785) 2018-07-06 10:44:58 +02:00
Ryan P Kilby
6511b52cca Fix schemas for extra actions (#5992)
* Add failing test for extra action schemas

* Add ViewInspector setter to store instances

* Fix schema disabling for extra actions

* Add docs note about disabling schemas for actions
2018-07-06 10:35:36 +02:00
Ryan P Kilby
0148a9f8da Improvements to ViewSet extra actions (#5605)
* View suffix already set by initializer

* Add 'name' and 'description' attributes to ViewSet

ViewSets may now provide their `name` and `description` attributes
directly, instead of relying on view introspection to derive them.
These attributes may also be provided with the view's initkwargs.

The ViewSet `name` and `suffix` initkwargs are mutually exclusive.

The `action` decorator now provides the `name` and `description` to
the view's initkwargs. By default, these values are derived from the
method name and its docstring. The `name` may be overridden by providing
it as an argument to the decorator.

The `get_view_name` and `get_view_description` hooks now provide the
view instance to the handler, instead of the view class. The default
implementations of these handlers now respect the `name`/`description`.

* Add 'extra actions' to ViewSet & browsable APIs

* Update simple router tests

Removed old test logic around link/action decorators from `v2.3`. Also
simplified the test by making the results explicit instead of computed.

* Add method mapping to ViewSet actions

* Document extra action method mapping
2018-07-06 10:33:10 +02:00
Eduardo GP
ff4429fad4 fix e.indexOf is not a function error (#5982) 2018-05-11 21:49:29 +01:00
Craig de Stigter
9629886915 Fixed AttributeError from items filter when value is None (#5981) 2018-05-11 08:50:08 +02:00
Ryan O’Hara
a11938ce96 Fixed instance being overwritten in pk-only optimization try/except block (#5747) 2018-04-24 16:15:38 +02:00
Noam
7268643b25 min_value/max_value support in DurationField (#5643)
* Added min_value/max_value field arguments to DurationField.
* Made field mapping use mix/max kwargs for DurationField validators.
2018-04-24 09:24:05 +02:00
Sascha P
7d64b7016d Removed input value from deault_error_message (#5881) 2018-04-20 16:00:27 +02:00
Jimmy Merrild Krag
4260531b6c Render descriptions (from help_text) using safe (#5869)
To allow embedded HTML, and make consistent with other usages.

Fixes #5715.
2018-04-20 15:51:27 +02:00
Jimmy Merrild Krag
5ee0e5df83 Correct schema parsing for JSONField (#5878)
Fixes #5873.
* Use Object type. 
* Add test for field_to_schema
2018-04-20 15:47:20 +02:00
Craig Anderson
2ebd479759 Allow hashing of ErrorDetail to fix #5919 (#5932) 2018-04-20 15:32:37 +02:00
Christian Kreuzberger
f148e4e259 Ensure that html forms (multipart form data) respect optional fields (#5927) 2018-04-20 15:11:52 +02:00
Tom Christie
7e705246ca
Ensure docs sidebar can scroll to bottom. (#5949)
Closes #5948
2018-04-20 12:11:48 +01:00
Ryan P Kilby
7078afa42c Change ISO 8601 date format to exclude year/month (#5936) 2018-04-14 05:23:31 +01:00
Carlton Gibson
fb802c0910
Update version and notes for 3.8.2 release. (#5923) 2018-04-06 15:41:11 +02:00
Carlton Gibson
42eb5a4342
Fix read_only + default unique_together validation. (#5922)
* Add test for read_only + default unique_together validation.
* Fix read_only + default validation
2018-04-06 15:20:54 +02:00
gsvr
32caca4dd3 Import coreapi from rest_framework.compat, not directly. (#5921) 2018-04-05 15:07:49 +02:00
Carlton Gibson
bc353452f4
Bump version and release notes for 3.8.1 (#5916) 2018-04-04 21:10:34 +02:00
Ryan P Kilby
cba426b34c Use old url_name behavior in route decorators (#5915)
* Wrap action decorator for old url_name behavior
2018-04-04 20:50:42 +02:00
Carlton Gibson
fc588f539b
Version 3.8 Release (#5769) 2018-04-03 15:35:26 +02:00
Carlton Gibson
1befab795a
Added generic 500 and 400 JSON error handlers. (#5904)
* Added generic 500 and 400 JSON error handlers.
* Docs for generic error views.
2018-04-03 09:16:36 +02:00
Andrew Tallos
36119cad31 Enable OrderingFilter to handle an empty tuple (or list) for the 'ordering' field. (#5899) 2018-03-26 12:22:45 +01:00
Craig de Stigter
a5072778e9 Don't show hidden fields in metadata (#5854)
HiddenField is meant to be hidden, but we discovered it showing up in OPTIONS requests
2018-03-23 22:47:10 +00:00
Charlie McBride
a7e2a7bfcd Add LimitOffsetPagination.get_count to allow method override (#5846)
* Add LimitOffsetPagination.get_count to allow method override

* Format method docstring
2018-03-23 22:25:43 +00:00
George-Cristian Bîrzan
85c588b0c1 #5848 Allow traversing nullable related fields (#5849) 2018-03-20 22:02:22 +01:00
Carlton Gibson
6c0c69ed65
Correct allow_null behaviour when required=False (#5888)
* Revert "Non-required fields with 'allow_null=True' should not imply a default value (#5639)"
    This reverts commit 905a5579df.
    Closes #5708

* Add test for allow_null + required=False
    Ref #5708: allow_null should imply default=None, even for non-required fields.

* Re-order allow_null and default in field docs
    default is prior to allow_null. allow_null implies an outgoing default=None.

* Adjust allow_null note.
2018-03-20 21:24:39 +01:00
Carlton Gibson
c2b24f83a3
Alter read_only+default behaviour (#5886)
* Always exclude read_only fields from _writable_fields

* Remove `read_only` from `CreateOnlyDefault` example.
      In this context (without mentioning `save`) now slightly misleading.
2018-03-20 21:09:31 +01:00
gthieleb
9e08a7cbec Fixed schema for UUIDField in SimpleMetadata. (#5872)
* fix schema for UUIDField

* Add unit test for d4c8f2db
2018-03-13 15:49:15 +01:00
Oliver Newman
d2994e0596 Fix comment typo in ModelSerializer (#5844) 2018-02-21 16:39:53 +01:00
Carlton Gibson
e34fd995cd
Made TemplateHTMLRenderer render IntegerField inputs when value is 0. (#5834)
* Fix 0 value IntegerField in TemplateHTMLRenderer

Signed-off-by: Nikhil Sheoran <nikhilsheoran96@gmail.com>

* Remove unnecessary `field.value != “”` check

* Adjust test case

Uses `vertical` templates only.
2018-02-16 16:48:20 +01:00
Carlton Gibson
da535d31dd
Fixed active timezone handling for non ISO8601 datetimes. (#5833)
* Add failing test for to_representation with explicit default timezone

See discussion here:
    https://github.com/encode/django-rest-framework/pull/5435#issuecomment-364054509

* Always run enforce_timezone
2018-02-16 16:47:49 +01:00
Daniel Hahler
2854679f56 Upgrade isort (#5817)
* Fix isort

* runtests: add --diff to ISORT_ARGS

* requirements-codestyle: bump isort to 4.3.3

* isort: move config to setup.cfg
2018-02-14 20:12:14 +00:00
Kent Kawashima
d82b332a09 Changes ternary conditionals to be PEP308 compliant (#5827) 2018-02-14 14:06:09 +00:00
Carlton Gibson
7d0d22ffaa Use single copy of static assets. Update jQuery (#5823)
* Move font-awesome to top level.

* Use top-level jQuery & Bootstrap

* Update to jQuery v3.3.1

Compatible with Bootstrap v3.3.7
c.f. https://github.com/twbs/bootstrap/issues/16834#issuecomment-251996660

* Re-add bootstrap-theme
2018-02-12 14:14:44 +00:00
Ryan P Kilby
1bc826e6fd
Fix authtoken views imports (#5818) 2018-02-07 14:46:17 -05:00
Ryan P Kilby
c456b3c510 Fix request formdata handling (#5800)
* Rename 'wsgi' request test to more accurate 'http'

* Test duplicate request stream parsing

* Fix setting post/files on the underlying request
2018-02-05 16:24:13 +01:00
Paulo Scardine
0d5a3a00b0 Add schema to ObtainAuthToken
Add encoding parameter to ManualSchema

Closes #5676

* Fixed lint errors
* Added docs for ManualSchema encoding parameter
2018-02-05 16:16:42 +01:00
Jeremy Lainé
a8d129b7da Represent serializer DictField as an Object in schema
DictFields were incorrectly being output as String in the schema.
This pull request outputs an Object instead and adds a unit test.

Update s/detail_route/action/ after rebase
2018-02-01 16:23:24 +01:00
Jeremy Lainé
27f32faee4 Fix schema generation for PrimaryKeyRelatedField (#5764)
By default all subclasses of RelatedField are output as string fields in
the schema, which works well for StringRelatedField, SlugRelatedField or
HyperlinkedRelatedField.

Handle the common case of a PrimaryKeyRelatedField pointing to an
AutoField.
2018-02-01 16:14:35 +01:00
Si Feng
df77f7bb9d Make 404 & 403 responses consistent with exceptions.APIException output (#5763) 2018-01-30 22:10:02 +00:00
Daniel Hahler
769bc1336f ErrorDetail: add __eq__/__ne__ and __repr__ (#5787)
This adds `__eq__` to handle `code` in comparisons.

When comparing an ErrorDetail to a string (missing `code` there) the
ErrorDetail's `code` is ignored, but otherwise it is taken into account.
2018-01-30 08:45:09 +01:00
Jon Dufresne
052a20cd7b Load 'static' instead of 'staticfiles' in templates (#5773) 2018-01-26 00:43:55 -05:00
Ryan P Kilby
73203e6b59 Rework dynamic list/detail actions (#5705)
* Merge list/detail route decorators into 'action'

* Merge dynamic routes, add 'detail' attribute

* Add 'ViewSet.get_extra_actions()'

* Refactor dynamic route checking & collection

* Refactor dynamic route generation

* Add 'ViewSet.detail' initkwarg

* Fixup schema test

* Add release notes for dynamic action changes

* Replace list/detail route decorators in tests

* Convert tabs to spaces in router docs

* Update docs

* Make 'detail' a required argument of 'action'

* Improve router docs
2018-01-25 09:40:49 +01:00
Carlton Gibson
a540acdc95
Allowed customising API documentation code samples (#5752)
* Allowed additional languages in API documentation

* Documented renderer_classes parameter and customising languages.
2018-01-25 09:39:03 +01:00
Jeremy Lainé
588b61e171 Remove unreachable code from ManualSchema (#5766)
ManualSchema.get_link had two return statements. Prune the second
(unreachable) return.
2018-01-24 08:52:33 +01:00
Ryan P Kilby
2709de1310 Add HStoreField, postgres fields tests (#5654)
* Test postgres field mapping

* Add HStoreField

* Ensure 'HStoreField' child is a 'CharField'

* Add HStoreField docs
2018-01-15 15:52:30 +01:00
Jon Dufresne
d3f3c3d9c1 Prefer https protocol for links in docs when available 2018-01-15 15:15:21 +01:00