Commit Graph

3502 Commits

Author SHA1 Message Date
Yury V. Zaytsev
4bb9a3c484 Fix XSS caused by disabled autoescaping in the default DRF Browsable API view templates (#6330)
* Add test that verifies that HTML is correctly escaped in Browsable API views

* Fix `urlize_quoted_links` tag to avoid double escaping in autoescape mode

* Fix XSS in default DRF Browsable API template by re-enabling autoescape
2019-01-16 12:36:25 +00:00
Adrien Brunet
e3bd4b9048 Fix #1811: take limit_choices_to into account with FK (#6371)
* Fix issue1811: take limit_choices_to into account with FK

* Issue 1811: Add tests to illustrate issue

* Filter queryset only if limit_choices_to exists

* Move test_relations_with_limited_querysets file within test_relations_pk

* move limit_choices_to logic from relations.py to utils/field_mapping.py

* move limit_choices_to above other check to avoid conflicts
2019-01-08 13:49:47 +00:00
Stephen Finucane
c052a86c7b compat: (py2) urlparse = urllib.parse (py3) (#6262)
* compat: (py2) urlparse = urllib.parse (py3)

We were mistakenly importing the 'urlparse' function from the Python 2
'urlparse' module, as opposed to the module itself. Correct this.

Signed-off-by: Stephen Finucane <stephen@that.guru>
Closes: #6261

* compat: Remove 'compat.urlparse'

We can just use Django's vendored six library, like we do everywhere
else.

Signed-off-by: Stephen Finucane <stephen@that.guru>
2019-01-08 12:03:02 +00:00
Carlton Gibson
587058e3c2 Allow run_validators() to handle non-dict types. (#6365)
Fixes #6053.

Original test case thanks to Vincent Delaitre in #6242.
2019-01-08 11:39:30 +00:00
Yaser Khahani
0cf18c4163 Use Default Version in URLPathVersioning if 'version' Didn't Specified by Client (#6380)
* Use Default Version in URLPathVersioning if 'version' Didn't Passed

* Clean Code
2019-01-08 11:34:54 +00:00
Alf
963ce306f3 Added "allow_unicode" to generated kwargs for ModelSerializer SlugField (#6315) 2018-12-19 15:37:52 +01:00
HoangYell
b61806e3b3 add "js-tooltip" class to "POST" button (#6344)
the tool tip of "POST" button is different from other buttons, since it loses the "js-tooltip" class.
2018-12-03 12:10:05 +00:00
Benjamin Pereto
5a54f897ec FIX: openapi schema title should be a string not a tuple (#6259) 2018-11-28 12:45:26 +00:00
Xavier Ordoquy
74574217a4 Fix composable permissions
In some cases we end with an operation between two `OperandHolder`.
This didn't work as it didn't knew how to deal with | or &
This fixes by adding those operations.
2018-11-27 15:29:44 +01:00
takaaki shimbo
0f5dfe8b3c Fix typo in schemas (#6332)
* Fix typo in generators.py

* Fix typo in inspectors.py

* message line too long

* Change backslash to multiline strings

* Removed trailing whitespace from assertion message
2018-11-26 10:14:59 -08:00
Mark Davidoff
6f2c0dbf4d
permissions must return a boolean
`x and y` actually returns object y when both are true. the means P & IsAuthenticated will fail with TypeError: unsupported operand type(s) for &: 'instance' and 'bool' as IsAuthenticated now returns a CallableBool which does not overload __ror__
2018-10-28 14:12:39 -07:00
Tom Christie
2c9c0f1b7f
Version 3.9 (#6247)
* Release notes to 5174a26ec9

* Update version for v3.9.0

* Removed exclude_from_schema per deprecation policy.

* Updated list_route() and detail_route() deprecations.

* Weakened to PendingDeprecationWarning for `base_name`

cc @rpkilby.

* Add (beginning of) 3.9 release announcement.

@tomchristie: Input on OpenAPI and What’s Next very welcome! :)

* Add announcement section for Extra Actions in Browsable API

* Update release notes and add deprecation note for Django Guardian backend.

* Add release note for #6073

* Add release notes to dd19a44583

* Adding release notes

* Update 3.9 announcement

* Add Oct 18 release date
2018-10-18 10:38:46 +01:00
Dennis Kliban
dd19a44583 Problem: autoescape not getting passed to urlize_quoted_links filter (#6191)
Solution: set needs_autoescape=True when registering the filter

Without this patch, the disabling autoescape in the template does not work.
2018-10-10 10:36:04 +02:00
Daniel Bate
5feb835929 Feature/action docs sections (#6060)
* added ability to add sections to custom action documentation

* added tests to cover docs sections in custom actions

* added method specific docs test for action mapping

* added docs for custom action documentation
2018-10-10 10:29:29 +02:00
Tom Christie
6522d4ae20
Add OpenAPIRenderer by default, and add schema docs. (#6233)
* Add OpenAPIRenderer as a default for get_schema_view, and start adding schema docs

* Add optional pyyaml

* Updating schema docs
2018-10-04 14:05:55 +01:00
Xavier Ordoquy
b41a6cfa38 permissions: Allow permissions to be composed (#5753)
* permissions: Allow permissions to be composed

Implement a system to compose permissions with and / or.
This is performed by returning an `OperationHolder` instance that keeps the
permission classes and type of composition (and / or).
When called it will return a AND/OR instance that will then delegate the
permission check to the operands.

* permissions: Add documentation about composed permissions

* Fix documentation typo in permissions
2018-10-03 15:36:24 +01:00
Tom Christie
8908934928
Add OpenAPIRenderer and generate_schema management command. (#6229)
* Add OpenAPIRenderer and generate_schema command

* Add both OpenAPIRenderer and JSONOpenAPIRenderer

* Add flags to generate_schema command

* Fix syntax error

* Pull coreschema references into method, so they are only used if 'OpenAPIRenderer' is in use.

* generate_schema -> generateschema, and fix to OpenAPIRenderer

* Ensure that renderers generate bytes and generateschema outputs text

* Drop unused import
2018-10-03 15:28:04 +01:00
Jerome Leclanche
0eb2dc1137 Prohibit null characters in CharField by default (#6073)
* Implement an allow_null_bytes argument to CharField (default True)
* Switch to using native ProhibitNullCharactersValidator instead
2018-10-02 16:54:15 +02:00
Ryan P Kilby
66183389f6 Deprecate DjangoObjectPermissionsFilter (#6075) 2018-10-02 16:34:25 +02:00
Ryan P Kilby
903204cd79 Fix action support for ViewSet suffixes (#6081)
* Add suffix support for actions

Removes the newly introduced `action.name` in favor of leveraging the
View's `.get_view_name()` method, which supports both name and suffix.

* Fix view description func docstrings

* Test action decorator name & suffix kwargs

* Adjust 'extra action' docs
2018-10-02 16:22:21 +02:00
Jon Dufresne
878f9d2783 Prefer https:// for URLs when available throughout project (#6208) 2018-10-02 08:28:58 +02:00
Jon Dufresne
ed6340ee76 Remove unnecessary use of compat shim six.binary_type (#6189)
The type bytes is available on all supported Pythons. On Python 2.7, it
is an alias for str, same as six.binary_type. Makes the code more
forward compatible with Python 3.
2018-09-17 10:39:59 +02:00
Ryan P Kilby
fc6cbb5b26 Allow nullable BooleanField in Django 2.1 (#6183)
* Add tests for BooleanField when nullable

* Allow nullable BooleanField in Django 2.1

* Drop 'BooleanField.allow_null' check

* Remove conflicting false/null values
2018-09-13 17:25:03 +01:00
Jerome Leclanche
612a7b989f Fix Python 3.8 compatibility (#6154) 2018-09-10 21:12:32 -07:00
Jon Dufresne
4d57d46bf8 Prefer io.BytesIO over six; available on all supported Pythons (#6168)
On all supported Pythons, the io.BytesIO is always a stream
implementation using an in-memory bytes buffer.

Makes code slightly more forward compatible by reducing use of the six
module and promotes more forward compatible practices in the docs.
2018-09-09 11:53:41 +01:00
oliver
bcc565f387 Clean up unnecessary if statement (#6163) 2018-09-06 07:25:20 +01:00
Jon Dufresne
468cdd16ed Remove unnecessary models.py file (#6142)
Since Django 1.7, an empty models.py file is not required.

See
https://docs.djangoproject.com/en/dev/releases/1.7/#app-loading-refactor

> It is possible to omit models.py entirely if an application doesn’t
> have any models.
2018-08-28 09:51:28 +02:00
Craig de Stigter
81fa4b4f75 Fix CSRF cookie check failure when using session auth with django 1.11.6+ (#6113)
Test included. Fixes #6088
2018-08-07 08:18:56 +01:00
Oleg
2fab7838ef Improve ModelSerializer.create() error message. (#6112) 2018-08-06 20:11:55 +02:00
Oleg
8b5e830bce Handle models without .objects manager in ModelSerializer. (#6111)
* Handle models without .objects manager in ModelSerializer.

* Improvements according to review comments.
2018-08-06 14:30:43 +02:00
Ryan P Kilby
38b3d0109b Only catch TypeError/ValueError for object lookups (#6028)
* Only catch TypeError/ValueError for object lookups

* Test wrapped TypeError/ValueError handling

* Raise NotImplementedError in tests instead of pass
2018-07-06 12:18:17 +02:00
Ryan P Kilby
a628a2dbce Drop Django 1.10 support (#5657)
* Remove Django 1.10 from CI

* Remove Django 1.10 compat code
2018-07-06 12:14:31 +02:00
Ryan P Kilby
9b8af04e7f Move guardian imports out of compat (#6054) 2018-07-06 11:32:02 +02:00
Ryan P Kilby
7095021db7 Rename base_name => basename for consistency's sake (#5990)
* Rename base_name => basename for consistency

* Update tests to use basename
2018-07-06 11:03:12 +02:00
Ryan P Kilby
f89cc066bc Admin renderer urls (#5988)
* Make admin detail link have small width

* Disable admin detail link when no URL

* Add 'AdminRenderer.get_result_url'

Attempts to reverse the result's detail view URL.
2018-07-06 10:58:26 +02:00
Daniel Hahler
3578bd6883 get_error_detail: use error_dict/error_list (#5785) 2018-07-06 10:44:58 +02:00
Ryan P Kilby
6511b52cca Fix schemas for extra actions (#5992)
* Add failing test for extra action schemas

* Add ViewInspector setter to store instances

* Fix schema disabling for extra actions

* Add docs note about disabling schemas for actions
2018-07-06 10:35:36 +02:00
Ryan P Kilby
0148a9f8da Improvements to ViewSet extra actions (#5605)
* View suffix already set by initializer

* Add 'name' and 'description' attributes to ViewSet

ViewSets may now provide their `name` and `description` attributes
directly, instead of relying on view introspection to derive them.
These attributes may also be provided with the view's initkwargs.

The ViewSet `name` and `suffix` initkwargs are mutually exclusive.

The `action` decorator now provides the `name` and `description` to
the view's initkwargs. By default, these values are derived from the
method name and its docstring. The `name` may be overridden by providing
it as an argument to the decorator.

The `get_view_name` and `get_view_description` hooks now provide the
view instance to the handler, instead of the view class. The default
implementations of these handlers now respect the `name`/`description`.

* Add 'extra actions' to ViewSet & browsable APIs

* Update simple router tests

Removed old test logic around link/action decorators from `v2.3`. Also
simplified the test by making the results explicit instead of computed.

* Add method mapping to ViewSet actions

* Document extra action method mapping
2018-07-06 10:33:10 +02:00
Eduardo GP
ff4429fad4 fix e.indexOf is not a function error (#5982) 2018-05-11 21:49:29 +01:00
Craig de Stigter
9629886915 Fixed AttributeError from items filter when value is None (#5981) 2018-05-11 08:50:08 +02:00
Ryan O’Hara
a11938ce96 Fixed instance being overwritten in pk-only optimization try/except block (#5747) 2018-04-24 16:15:38 +02:00
Noam
7268643b25 min_value/max_value support in DurationField (#5643)
* Added min_value/max_value field arguments to DurationField.
* Made field mapping use mix/max kwargs for DurationField validators.
2018-04-24 09:24:05 +02:00
Sascha P
7d64b7016d Removed input value from deault_error_message (#5881) 2018-04-20 16:00:27 +02:00
Jimmy Merrild Krag
4260531b6c Render descriptions (from help_text) using safe (#5869)
To allow embedded HTML, and make consistent with other usages.

Fixes #5715.
2018-04-20 15:51:27 +02:00
Jimmy Merrild Krag
5ee0e5df83 Correct schema parsing for JSONField (#5878)
Fixes #5873.
* Use Object type. 
* Add test for field_to_schema
2018-04-20 15:47:20 +02:00
Craig Anderson
2ebd479759 Allow hashing of ErrorDetail to fix #5919 (#5932) 2018-04-20 15:32:37 +02:00
Christian Kreuzberger
f148e4e259 Ensure that html forms (multipart form data) respect optional fields (#5927) 2018-04-20 15:11:52 +02:00
Tom Christie
7e705246ca
Ensure docs sidebar can scroll to bottom. (#5949)
Closes #5948
2018-04-20 12:11:48 +01:00
Ryan P Kilby
7078afa42c Change ISO 8601 date format to exclude year/month (#5936) 2018-04-14 05:23:31 +01:00
Carlton Gibson
fb802c0910
Update version and notes for 3.8.2 release. (#5923) 2018-04-06 15:41:11 +02:00
Carlton Gibson
42eb5a4342
Fix read_only + default unique_together validation. (#5922)
* Add test for read_only + default unique_together validation.
* Fix read_only + default validation
2018-04-06 15:20:54 +02:00
gsvr
32caca4dd3 Import coreapi from rest_framework.compat, not directly. (#5921) 2018-04-05 15:07:49 +02:00
Carlton Gibson
bc353452f4
Bump version and release notes for 3.8.1 (#5916) 2018-04-04 21:10:34 +02:00
Ryan P Kilby
cba426b34c Use old url_name behavior in route decorators (#5915)
* Wrap action decorator for old url_name behavior
2018-04-04 20:50:42 +02:00
Carlton Gibson
fc588f539b
Version 3.8 Release (#5769) 2018-04-03 15:35:26 +02:00
Carlton Gibson
1befab795a
Added generic 500 and 400 JSON error handlers. (#5904)
* Added generic 500 and 400 JSON error handlers.
* Docs for generic error views.
2018-04-03 09:16:36 +02:00
Andrew Tallos
36119cad31 Enable OrderingFilter to handle an empty tuple (or list) for the 'ordering' field. (#5899) 2018-03-26 12:22:45 +01:00
Craig de Stigter
a5072778e9 Don't show hidden fields in metadata (#5854)
HiddenField is meant to be hidden, but we discovered it showing up in OPTIONS requests
2018-03-23 22:47:10 +00:00
Charlie McBride
a7e2a7bfcd Add LimitOffsetPagination.get_count to allow method override (#5846)
* Add LimitOffsetPagination.get_count to allow method override

* Format method docstring
2018-03-23 22:25:43 +00:00
George-Cristian Bîrzan
85c588b0c1 #5848 Allow traversing nullable related fields (#5849) 2018-03-20 22:02:22 +01:00
Carlton Gibson
6c0c69ed65
Correct allow_null behaviour when required=False (#5888)
* Revert "Non-required fields with 'allow_null=True' should not imply a default value (#5639)"
    This reverts commit 905a5579df.
    Closes #5708

* Add test for allow_null + required=False
    Ref #5708: allow_null should imply default=None, even for non-required fields.

* Re-order allow_null and default in field docs
    default is prior to allow_null. allow_null implies an outgoing default=None.

* Adjust allow_null note.
2018-03-20 21:24:39 +01:00
Carlton Gibson
c2b24f83a3
Alter read_only+default behaviour (#5886)
* Always exclude read_only fields from _writable_fields

* Remove `read_only` from `CreateOnlyDefault` example.
      In this context (without mentioning `save`) now slightly misleading.
2018-03-20 21:09:31 +01:00
gthieleb
9e08a7cbec Fixed schema for UUIDField in SimpleMetadata. (#5872)
* fix schema for UUIDField

* Add unit test for d4c8f2db
2018-03-13 15:49:15 +01:00
Oliver Newman
d2994e0596 Fix comment typo in ModelSerializer (#5844) 2018-02-21 16:39:53 +01:00
Carlton Gibson
e34fd995cd
Made TemplateHTMLRenderer render IntegerField inputs when value is 0. (#5834)
* Fix 0 value IntegerField in TemplateHTMLRenderer

Signed-off-by: Nikhil Sheoran <nikhilsheoran96@gmail.com>

* Remove unnecessary `field.value != “”` check

* Adjust test case

Uses `vertical` templates only.
2018-02-16 16:48:20 +01:00
Carlton Gibson
da535d31dd
Fixed active timezone handling for non ISO8601 datetimes. (#5833)
* Add failing test for to_representation with explicit default timezone

See discussion here:
    https://github.com/encode/django-rest-framework/pull/5435#issuecomment-364054509

* Always run enforce_timezone
2018-02-16 16:47:49 +01:00
Daniel Hahler
2854679f56 Upgrade isort (#5817)
* Fix isort

* runtests: add --diff to ISORT_ARGS

* requirements-codestyle: bump isort to 4.3.3

* isort: move config to setup.cfg
2018-02-14 20:12:14 +00:00
Kent Kawashima
d82b332a09 Changes ternary conditionals to be PEP308 compliant (#5827) 2018-02-14 14:06:09 +00:00
Carlton Gibson
7d0d22ffaa Use single copy of static assets. Update jQuery (#5823)
* Move font-awesome to top level.

* Use top-level jQuery & Bootstrap

* Update to jQuery v3.3.1

Compatible with Bootstrap v3.3.7
c.f. https://github.com/twbs/bootstrap/issues/16834#issuecomment-251996660

* Re-add bootstrap-theme
2018-02-12 14:14:44 +00:00
Ryan P Kilby
1bc826e6fd
Fix authtoken views imports (#5818) 2018-02-07 14:46:17 -05:00
Ryan P Kilby
c456b3c510 Fix request formdata handling (#5800)
* Rename 'wsgi' request test to more accurate 'http'

* Test duplicate request stream parsing

* Fix setting post/files on the underlying request
2018-02-05 16:24:13 +01:00
Paulo Scardine
0d5a3a00b0 Add schema to ObtainAuthToken
Add encoding parameter to ManualSchema

Closes #5676

* Fixed lint errors
* Added docs for ManualSchema encoding parameter
2018-02-05 16:16:42 +01:00
Jeremy Lainé
a8d129b7da Represent serializer DictField as an Object in schema
DictFields were incorrectly being output as String in the schema.
This pull request outputs an Object instead and adds a unit test.

Update s/detail_route/action/ after rebase
2018-02-01 16:23:24 +01:00
Jeremy Lainé
27f32faee4 Fix schema generation for PrimaryKeyRelatedField (#5764)
By default all subclasses of RelatedField are output as string fields in
the schema, which works well for StringRelatedField, SlugRelatedField or
HyperlinkedRelatedField.

Handle the common case of a PrimaryKeyRelatedField pointing to an
AutoField.
2018-02-01 16:14:35 +01:00
Si Feng
df77f7bb9d Make 404 & 403 responses consistent with exceptions.APIException output (#5763) 2018-01-30 22:10:02 +00:00
Daniel Hahler
769bc1336f ErrorDetail: add __eq__/__ne__ and __repr__ (#5787)
This adds `__eq__` to handle `code` in comparisons.

When comparing an ErrorDetail to a string (missing `code` there) the
ErrorDetail's `code` is ignored, but otherwise it is taken into account.
2018-01-30 08:45:09 +01:00
Jon Dufresne
052a20cd7b Load 'static' instead of 'staticfiles' in templates (#5773) 2018-01-26 00:43:55 -05:00
Ryan P Kilby
73203e6b59 Rework dynamic list/detail actions (#5705)
* Merge list/detail route decorators into 'action'

* Merge dynamic routes, add 'detail' attribute

* Add 'ViewSet.get_extra_actions()'

* Refactor dynamic route checking & collection

* Refactor dynamic route generation

* Add 'ViewSet.detail' initkwarg

* Fixup schema test

* Add release notes for dynamic action changes

* Replace list/detail route decorators in tests

* Convert tabs to spaces in router docs

* Update docs

* Make 'detail' a required argument of 'action'

* Improve router docs
2018-01-25 09:40:49 +01:00
Carlton Gibson
a540acdc95
Allowed customising API documentation code samples (#5752)
* Allowed additional languages in API documentation

* Documented renderer_classes parameter and customising languages.
2018-01-25 09:39:03 +01:00
Jeremy Lainé
588b61e171 Remove unreachable code from ManualSchema (#5766)
ManualSchema.get_link had two return statements. Prune the second
(unreachable) return.
2018-01-24 08:52:33 +01:00
Ryan P Kilby
2709de1310 Add HStoreField, postgres fields tests (#5654)
* Test postgres field mapping

* Add HStoreField

* Ensure 'HStoreField' child is a 'CharField'

* Add HStoreField docs
2018-01-15 15:52:30 +01:00
Jon Dufresne
d3f3c3d9c1 Prefer https protocol for links in docs when available 2018-01-15 15:15:21 +01:00
Jon Dufresne
ffe3dbb1b1 Perfer iter(dict) over iter(dict.keys()) (#5736)
Calling dict.keys() is unnecessary. The two are functionally equivalent
on modern Pythons.

Inspired by Lennart Regebro's talk "Prehistoric Patterns in Python" from
PyCon 2017.

https://www.youtube.com/watch?v=V5-JH23Vk0I
2018-01-08 09:49:46 +00:00
Jon Dufresne
c1848d765d Drop compat workaround for unsupported Python 3.2 (#5734) 2018-01-08 10:45:29 +01:00
Jon Dufresne
06e2ad0b7d Remove unused compat._resolve_model() (#5733)
Last use removed in c674687782.
2018-01-08 09:19:08 +00:00
Ryan P Kilby
b65967711c Formalize URLPatternsTestCase (#5703)
* Add formalized URLPatternsTestCase

* Update versioning tests w/ new URLPatternsTestCase

* Cleanup router tests urlpatterns

* Add docs for URLPatternsTestCase
2018-01-02 11:14:25 +01:00
David De Sousa
6b0bf72bb8 using rsplit to get module and classname for imports (#5712) 2018-01-02 10:59:08 +01:00
Ryan P Kilby
b7ed645927 Disable HTML inputs for dict/list fields (#5702) 2018-01-02 10:50:49 +01:00
Ryan P Kilby
6bd773e7f8 Improve composite field child errors (#5655)
* Fixup DictField test descriptions

* Nest ListField/DictField errors under the idx/key

* Add nested ListField/DictField tests
2018-01-02 10:45:59 +01:00
Xavier Ordoquy
955a6b902b Add 3.7.7 release notes 2017-12-21 12:45:54 +01:00
Tom Christie
65791d8c79 Version 3.7.5. Add missing .ico to packaging. 2017-12-21 10:17:59 +00:00
Tom Christie
3a22b1d1f0 Version 3.7.5 2017-12-21 10:03:41 +00:00
Carlton Gibson
a81e60ff39
Version 3.7.4 Release (#5650)
* Update version for 3.7.4 Release

* Add release notes to 01587b9eb1

* Django 2.0 is now final.

* Add trove classifer for Django 2.0

* Finalise release notes for v3.7.4

* Set release date: December 20, 2017

* Update Transifex

* Add release note for #5691

* Move Issue links to bottom
2017-12-20 15:28:31 +01:00
Cristi Vîjdea
6de12e574e Fix format_suffix_patterns behavior with Django 2 path() routes (#5691)
* Add failing test for #5672

* Add get_original_route to complement get_regex_pattern

* [WIP] Fix path handling

* needs more tests
* maybe needs some refactoring

* Add django 2 variant for all tests and fix trailing slash bug

* Add more combinations to mixed path test
2017-12-20 13:17:54 +01:00
Tilmann Becker
d38b94fd74 Fix URL pattern parsing in schema generation (#5689)
* Fix url parsing in schema generation

- Call `str(pattern)` to get non-escaped route
- Strip converters from path to comply with uritemplate format. 
   Background: https://github.com/encode/django-rest-framework/issues/5675#issuecomment-352829363

Fixes #5675
2017-12-20 09:10:28 +01:00
Pavlin Gergov
21a9740156 Fix typo in docstring (#5678) 2017-12-19 08:45:33 +01:00
Carlton Gibson
791539acec
Add DEFAULT_SCHEMA_CLASS setting (#5658)
* Add test for new setting

* Add DefaultSchema utility

* Add new setting to docs
2017-12-14 11:24:21 +01:00
Carlton Gibson
4a200d5e66
Fix override_settings compat (#5668)
* Add test checking override_settings compat

* Refresh APISettings, rather than replace

Fix suggested by @daggaz https://github.com/encode/django-rest-framework/issues/2466#issuecomment-344297213
2017-12-14 10:33:48 +01:00
Ryan P Kilby
7855d3bd8b Add '.basename' and '.reverse_action()' to ViewSet (#5648)
* Router sets 'basename' on ViewSet

* Add 'ViewSet.reverse_action()' method

* Test router setting initkwargs
2017-12-04 11:55:49 +01:00
Carlton Gibson
a0cdba6277
Extract method for manual_fields processing (#5633)
* Extract method for `manual_fields` processing

Allows reuse of logic to replace Field instances in a field list by `Field.name`.

Adds a utility function for the logic plus a wrapper method on `AutoSchema`.

Closes #5632

* Manual fields suggestions (#2)

* Use OrderedDict in inspectors

* Move empty check to 'update_fields()'

* Make 'update_fields()' an AutoSchema staticmethod

* Add 'AutoSchema.get_manual_fields()'

* Conform '.get_manual_fields()' to other methods

* Add test for update_fields

* Make sure `manual_fields` is a list.

(As documented to be)

* Add docs for new AutoSchema methods.

* `get_manual_fields`
* `update_fields`

* Add release notes for PR.
2017-12-04 09:07:43 +01:00
Ryan P Kilby
daba5e9ba5 Fix Serializer.data when provided invalid 'data' (#5646)
* Test serializer/API renderer for invalid datatype

* Fix Serializer.data with invalid input datatype
2017-12-04 08:39:55 +01:00
Rômulo Oliveira
905a5579df Non-required fields with 'allow_null=True' should not imply a default value (#5639)
Ref #5518.
2017-12-01 09:54:25 +01:00
Akshar Raaj
224d8cfb9d Serializer._declared_fields enable modifying fields on a serializer
instance without affecting every other serializer instance.
2017-11-27 13:38:18 +05:30
Ryan P Kilby
5c19652080 Fix whitespace in imports 2017-11-25 21:10:30 -05:00
Ryan P Kilby
7b58a2c124 Fix bare except statements 2017-11-25 21:06:13 -05:00
Ryan P Kilby
c63e35cb09 Fix AttributeError hiding on request authenticators (#5600)
* Update assertion style in user logout test

* Apply middlewares to django request object

* Fix test for request auth hiding AttributeErrors

* Re-raise/wrap auth attribute errors

* Fix test for py2k

* Add docs for WrappedAttributeError
2017-11-23 08:58:04 +01:00
Ryan P Kilby
a91361dd2f Perform type check on passed request argument (#5618)
* Add test for wrapped request instance

* Add 'request' argument type check to Request init

* Fix metadata tests' request object
2017-11-23 08:57:31 +01:00
Sander Steffann
d71bd57b64 SchemaJSRenderer renders invalid Javascript (#5607)
* SchemaJSRenderer renders invalid Javascript

Under Py3 the base64.b64encode() method returns a binary object, which gets rendered as `b'...'` in schema.js. This results in the output becoming:

    var coreJSON = window.atob('b'eyJf...'');

which is invalid Javascript. Because base64 only uses ASCII characters it is safe to decode('ascii') it. Under Py2 this will result in a unicode object, which is fine. Under Py3 it results in a string, which is also fine. This solves the problem and results in a working schema.js output.

* Add regression test for #5608

* Add regression test for #5608

* Apparently the linter on Travis wants the imports in a different order than on my box...
2017-11-22 15:47:03 +01:00
Ryan P Kilby
1a667f420d Reimplement request attribute access w/ __getattr__ (#5617)
* Add tests for proxying WSGIRequest attributes in Request.

* Add request attribute exception test

* Reimplement request attribute access
2017-11-22 11:42:59 +01:00
Michał Bielawski
134a6f66f9 Fixed schema generation for filter backends (#5613) 2017-11-22 00:11:59 -05:00
Ryan P Kilby
a3df1c1199 Test Serializer exclude for declared fields (#5599)
* Test current behavior of exclude+declared field

* Assert declared fields are not present in exclude
2017-11-20 09:51:16 +01:00
Jon Dufresne
ff556a91fd Remove references to unsupported Django versions in docs and code (#5602)
Per the trove classifiers, DRF only supports Django versions 1.10+. Can
drop documentation, code comments, and workarounds for older Django
versions.
2017-11-20 09:35:54 +01:00
Ryan P Kilby
9f66e8badd Fix request body/POST access (#5590)
* Modernize middleware tests

* Added a failing test for #5582

* Set data ref on underlying django request
2017-11-15 20:58:37 +01:00
Ryan P Kilby
15024f3f07 Remove set_rollback() from compat (#5591)
* Remove Django 1.6 transaction compat

* Move set_rollback from compat => views
2017-11-14 09:55:59 +01:00
Éric Araujo
265375c104 add missing template change for #5584 (#5587) 2017-11-11 08:43:00 +01:00
Éric Araujo
57ad208dc6 add pygments CSS block in browsable API views (#5584) 2017-11-10 09:42:21 +01:00
Ryan P Kilby
8d7ce3726d Compat cleanup (#5581)
* Reenable flake8 on compat, cleanup style/imports

* Cleanup compat urls imports

* Refactor compat url pattern/resolver imports

* Add comment re dropping pytz compat

... when dropping Django 1.10

* Strip whitespace

Grrr. GitHub web editor 😡
2017-11-10 09:41:03 +01:00
Jon Dufresne
f9c67f04d4 Clean up all whitespace throughout project (#5578)
* Remove trailing whitespace from lines
* Remove trailing nad leading whitespace from files

Allows for cleaner diffs in future changes. For editors that
automatically clean up whitespace on save, will avoid unrelated line
changes in diffs.
2017-11-09 20:57:53 +01:00
Jon Dufresne
f8e8381c00 Drop compat wrapper for TimeDelta.total_seconds() (#5577)
TimeDelta.total_seconds() was introduced in Python 2.7 and 3.2. It is
available on all supported Python versions.

https://docs.python.org/2/library/datetime.html#datetime.timedelta.total_seconds
https://docs.python.org/3/library/datetime.html#datetime.timedelta.total_seconds
2017-11-09 09:03:48 +01:00
Jon Dufresne
ea81000160 Remove ulrparse compatability shim; use six instead
The urlparse shim in compat.py duplicates Django's bundled six. Can rely
on upstream instead of duplicating their works. Unifies shim with other
files already using six.
2017-11-08 21:30:33 -08:00
Carlton Gibson
0f33e63e10
Update version and release notes for v3.7.3 (#5568) 2017-11-06 16:32:12 +01:00
Xavier Ordoquy
d6a8e02021 Move django.contrib.auth import out of compat.
Fixed some regressions where compat was imported during app loading and
led to importing django.contrib.auth.models which ended in a
`AppRegistryNotReady` exception.
2017-11-06 09:57:51 -05:00
Carlton Gibson
3dc40f9572
Version 3.7.2 Release (#5563)
* Begin release notes for 3.7.2

* Add release notes fro merged issues.

* Finalise release notes

* Increment version number to 3.7.2

* Update translations
2017-11-06 12:05:08 +01:00
Yuri Nikulin
7a278b3540 fix processing unicode symbols in query_string by Python 2 (#5552)
* fix processing unicode symbols in query_string by Python 2

* Add comments for encoded test strings.

* Add file encoding for Python 2.
2017-11-06 11:46:37 +01:00
Sergei Azarkin
d49d796c85 Change ImageField validation pattern, use validators from DjangoImageField (#5539) 2017-11-06 11:14:37 +01:00
Jon Dufresne
0552810410 Use dict and set literals instead of calls to dict() and set() (#5559)
Set literals are available on all supported Python versions. They are
idiomatic and always faster:

$ python3 -m timeit '{}'
10000000 loops, best of 3: 0.0357 usec per loop
$ python3 -m timeit 'dict()'
10000000 loops, best of 3: 0.104 usec per loop

$ python3 -m timeit '{1, 2, 3}'
10000000 loops, best of 3: 0.0754 usec per loop
$ python3 -m timeit 'set([1, 2, 3])'
1000000 loops, best of 3: 0.228 usec per loop
2017-11-06 10:03:01 +01:00
Jon Dufresne
f77e794dc8 Fix all BytesWarning caught during tests (#5561)
Running the tests with bytes warning enabled shows some bytes/str
mixups. Fix them all.

Some examples of mixing usage:

str(b'foo') -- calling str() on bytes
b'foo' == 'foo' -- compare str with bytes
'foo' + b'bar' -- concatenating str and bytes
2017-11-06 10:02:48 +01:00
Carlton Gibson
331c31370f
Add rounding parameter to DecimalField (#5562)
* Adding rounding parameter to DecimalField.

* Using standard `assert` instead of `self.fail()`.

* add testcase and PEP8 multilines fix

* flake8 fixes

* Use decimal module constants in tests.

* Add docs note for `rounding` parameter.
2017-11-06 09:55:09 +01:00
Carlton Gibson
565c722762
Add interactive docs error template (#5548) 2017-11-06 09:04:07 +01:00
Stephen Chisholm
93e75ec138 Catch OverflowError for "out of range" datetimes (#5546)
* Add test for #5545 
* Catch OverflowError for "out of range" datetimes
2017-10-31 10:17:08 +01:00
Tom Christie
2b6245db53
Ensure Location header is strictly a 'str', not subclass. Closes #5541 (#5544) 2017-10-30 13:08:52 +00:00
Ryan P Kilby
5009aeff18 Fields with 'allow_null=True' should imply a default serialization value (#5518)
* Add test for dotted source + allow_null

* Field 'allow_null' implies 'default=None'

* Field 'allow_null' provides serialization default
2017-10-30 10:17:53 +01:00
Carlton Gibson
1f693c331e Fix dotted source ordering (#5533)
* replaced '.' for '__' in dotted ordering sources

* Add test for non-dotted source.
2017-10-25 11:46:21 +02:00
Carlton Gibson
7261ae653a Schema: Exclude OPTIONS/HEAD for ViewSet actions (#5532)
Closes #5528.

Viewset custom actions (@detail_route etc) OPTIONS (and HEAD) methods were not being excluded from Schema Generations.

This PR adds a test reproducing the reported error and adjusts `EndpointEnumerator.get_allowed_methods()` to filter ViewSet actions in the same way as other `APIView`s
2017-10-25 10:56:40 +02:00
Jamie Cockburn
efb047fa07 JSONField renders as textarea (#5529) (#5530) 2017-10-25 10:55:41 +02:00
Jamie Cockburn
91fa8b923a Stop JSONBoundField mangling invalid JSON (#5526) (#5527) 2017-10-25 10:54:38 +02:00
Carlton Gibson
1c9ad52cb6 Clarify pagination system check (#5524)
* Add `id` to allow silencing.
* Expand `hint` to clarify.

Ref #5170 Closes #5523
2017-10-23 12:31:59 +02:00
andrewhannum
916a4a27ef Interactive docs - make bottom sidebar items sticky (#5516) 2017-10-23 12:02:04 +02:00
Matteo Nastasi
9ec81e32da substitute '@@' code block delimiter with triple backtick, more con… (#5513)
* substitute '@@' code block delimiter with triple back-tick,  more consistent with other markdown extensions

* remove development print and allow spaces between triple backtick and syntax name in codeblock

* update comparison content for markdown test
2017-10-20 11:39:29 +02:00
Jason Kraus
22a71a6322 include date and date-time format for swagger 2 schema generation (#5511) 2017-10-20 09:14:33 +02:00
Dustin Wyatt
e704dd2e40 Add import for TextLexer. (#5512)
If pygments did not recognize the language name it was being passed,
this would raise a `NameError` because `TextLexer` import was missing.
2017-10-18 20:53:05 +02:00
Mariusz Felisiak
1a526c153e Fixed Django 2.1 compatibility due to removal of django.contrib.auth.login()/logout() views. (#5510) 2017-10-18 09:46:27 +02:00
Carlton Gibson
80320ed615 Version 3.7.1 Release (#5505)
* Release notes for 3.7.1

* Update version to 3.7.1
2017-10-16 15:11:54 +02:00
Marcin
5d7b6e5b2f Fixed issues with schema name collisions (#5486)
* Fixed issues with schema name collisions

* Fixed mutating issues in python 3

* Optimized solution

* Fixed isort

* Removed not needed cast

* Fix for key collision

* Added preferred key to preserve if available

* Add accidently removed test
2017-10-16 11:32:48 +02:00
Carlton Gibson
c7fb60bcd4 Django 2.0a1 compat (#5503)
* Update remaing `include` calls

Missed as part of #5481 cleanup.

* Provide app_name in include_docs_urls

* Update remaining get_regex_pattern usages

* Allow functools.partial in is_simple_callable check
2017-10-16 11:31:13 +02:00
Ryan P Kilby
cbfa444454 Fix HiddenField stripping in BrowsableAPIRenderer (#5499) 2017-10-16 09:35:53 +02:00
Maxim Kuznetsov
c91b081837 Support URLPattern and URLResolver from Django 2.0 (#5500)
* Support URLPattern and URLResolver from Django 2.0

* fix import order
2017-10-16 09:33:31 +02:00
Levi Payne
41188dfba0 Interactive documentation always uses false for boolean fields in requests (#5492) 2017-10-11 21:11:44 +02:00
Carlton Gibson
eb3d078a2c Version 3.7: Announcement etc (#5437)
* Set version number for 3.7.0 release

* Rename release notes section

Moved issue links to top for easier access.
(Can move back later)

* Add release note for #5273

* Add release note for #5440

* Add release note for #5265

Strict JSON handling

* Add release note for #5250

* Add release notes for #5170

* Add release notes for #5443

* Add release notes for #5448

* Add release notes for #5452

* Add release not for #5342

* Add release notes for 5454

* Add release notes for #5058 & #5457

Remove Django 1.8 & 1.9 from README and setup.py

* Release notes for merged 3.6.5 milestone tickets

Tickets migrated to 3.7.0 milestone.

* Add release notes for #5469

* Add release notes from AM 2ndOct

* Add final changes to the release notes.

* Add date and milestone link

Move issue links back to bottom.

* Update translations from transifex

* Begin releae anouncement

* Add release note for #5482

* 3.7 release announcement & related docs.
2017-10-06 13:18:31 +02:00
Carlton Gibson
b2ca2c1911 Remove deprecated schema code from DefaultRouter (#5482) 2017-10-05 21:29:56 +02:00
Carlton Gibson
c674687782 Remove Django 1.8 & 1.9 compatibility code (#5481)
* Identify code that needs to be pulled out of/removed from compat.py

* Extract modern code from get_names_and_managers in compat.py and remove compat code

* Extract modern code from is_authenticated() in compat.py and remove.

* Extract modern code from is_anonymous() in compat.py and remove

* Extract modern code from get_related_model() from compat.py and remove

* Extract modern code from value_from_object() in compat.py and remove

* Update postgres compat

JSONField now always available.

* Remove DecimalValidator compat

* Remove get_remote_field compat

* Remove template_render compat

Plus isort.

* Remove set_many compat

* Remove include compat
2017-10-05 20:41:38 +02:00
Carlton Gibson
2edeb74e0e Have is_list_view recognise RetrieveModel… views (#5480)
Fixes #5165
2017-10-05 20:41:14 +02:00
Carlton Gibson
d8da6bb29b Update coreapi JS to 0.1.1 (#5479)
Ref #5059
2017-10-05 13:40:28 +02:00
Jascha Geerds
161dc2df2c Call Django's authenticate function with the request object (#5295)
As of Django 1.11 the `authenticate` function accepts a request as an
additional argument. This commit fixes compatibility between newer Django
versions and custom authentication backends which already depend on the request
object.

See also:

[Django 1.11 release](https://docs.djangoproject.com/en/1.11/releases/1.11/)

```
authenticate() now passes a request argument to the authenticate() method of
authentication backends. Support for methods that don’t accept request as the
first positional argument will be removed in Django 2.1.
```
2017-10-05 10:43:49 +01:00
Carlton Gibson
d138f30a86 Fix naming collisions in Schema Generation (#5464)
* Add failing tests for #4704

* Add generic view based test case.

* Adjust insert_into to raise ValueError
2017-10-05 11:06:09 +02:00
Jerome Leclanche
cc7f4f543f Fix missing six.text_type() call on APIException.__str__ (#5476)
Pull up method from subclass to superclass

The call was added in 426547c61c
to allow for dict-style arguments to ValidationError but does not
apply to other APIException descendants.
2017-10-04 09:00:21 +02:00
Carlton Gibson
dc4a98fbe8 Fix documentation data rendering (#5472)
* Add failing test for #5395

* Add data filter for use in templates

Closes #5395

* Fix isort
2017-10-02 13:26:44 +02:00
Matteo Nastasi
063534ae50 Docstrings highlighting with pygments (#5462)
* add 'docstrings-with-pygments' feature without packages checks and tests

* move syntax_highlight doc filter in compatibility module and define it conditionally

* typo fixed

* add test for optional code highlight ('pygments' and 'markdown' packages must be installed)
2017-10-02 11:44:29 +02:00
Matteo Nastasi
efc427dfc8 Reuse 'apply_markdown' function in 'render_markdown' templatetag func (#5469)
* reused 'apply_markdown' function in 'render_markdown' templatetag function

* typo fixed
2017-10-02 08:59:53 +02:00
Ryan P Kilby
018e43e908 Remove old django-filter templates (#5465) 2017-09-29 15:42:24 +01:00
Thierry Bastian
760268ade2 Fixed a deprecation warning (#5058) 2017-09-27 10:51:45 +02:00
Carlton Gibson
b1c6ea1240 Adjust schema get_filter_fields rules to match framework (#5454)
Closes #5237

Generics/ModelViewset performs filtering on: list, retrieve, put, patch and destroy (plus method equivalents).

i.e. on list plus anything that calls `get_object`.

This PR makes schema generation follow that.

It adds `AutoSchema._allows_filters()` which can be overridden in subclasses.

I’ve made this initially “private” so we can make quick changes if needs be in a 3.7.1 etc.
2017-09-27 09:13:10 +02:00
Rokker Ruslan
ab7e5c4551 Added default value for 'detail' param into 'ValidationError' exception (#5342) 2017-09-26 10:24:30 +02:00
John Eskew
607e4edca7 Defer translated string evaluation on validators. (#5452)
* Customize validators to defer error string evaluation.

* Add docstring for `CustomValidatorMessage`
2017-09-26 10:02:20 +02:00
Ryan P Kilby
50acb9b2fe Fix warning in AutoSchema.get_serializer_fields() (#5451) 2017-09-25 21:09:54 +02:00
Sigve Sebastian Farstad
bf0fbd5df1 Catch APIException in doc generation (#5443)
The documentation generator calls view.get_serializer() in order to
inspect it for documentation generation. However, if get_serializer()
throws an APIException (e.g. PermissionDenied), it doesn't get caught at
the call site, but instead propagates up and aborts the entire view.
With the try/except in this commit, the documentation generator instead
gratiously ignores that particular view and moves on to the next one
instead. Practical concequences of this commit is that the docs no
longer break if any view's get_serializer(..) throws an APIException.
2017-09-25 18:28:36 +02:00
Katharyn Garcia
5333565fe6 allow custom authentication and permission classes for docs view 2017-09-25 16:17:25 +02:00
Matt Davis
107e8b3d23 Make DEFAULT_PAGINATION_CLASS None by default. (#5170)
* Changes to the paginator defaults and settings

Require a default paginator be specified when using the page size
setting.
https://github.com/encode/django-rest-framework/issues/5168

* DRF-5168 import warnings

missed this in last commit

* Add a system checks file

Add a check for pagination settings for the 3.7 upgrade cycle.

* more compatible import approach

* missing bactic

* revised language and approach to import the system check

Adds a rest framework app config.

* Adjust doc wording
2017-09-25 15:36:30 +02:00
Kris Dorosz
60b9e58a12 Add support for page_size parameter in CursorPaginator class 2017-09-25 11:25:51 +02:00
Carlton Gibson
e29ad1e7b3 JSONEncoder: Don’t strip microseconds from time
Closes #4749.

This is the matching commit to the fix for `datetime` in #4256
2017-09-25 10:10:44 +02:00
Ryan P Kilby
ea894cd90a Add docstring to json wrapper module 2017-09-25 09:08:20 +02:00
Ryan P Kilby
c98223f231 Pass on invalid value (Inf, NaN) encoding in JSONBoundField 2017-09-25 09:08:20 +02:00
Ryan P Kilby
901657e7e8 Add banned imports to prevent standard json import 2017-09-25 09:08:20 +02:00
Ryan P Kilby
8ab75a2f01 Add 'STRICT_JSON' API setting.
STRICT_JSON controls the renderer & parser behavior on whether or not
to accept non-standard float values (NaN, Infinity).
2017-09-25 09:08:20 +02:00
Ryan P Kilby
d740bae95a Update json imports 2017-09-25 09:08:20 +02:00
Ryan P Kilby
b64f8066c0 Add json util wrapper, failing JSONField test 2017-09-25 09:08:20 +02:00
Ryan P Kilby
f6c19e5eac Remove DjangoFilterBackend and associated tests 2017-09-20 16:47:54 +02:00
Carlton Gibson
7d6d043531 Fix DateTimeField TZ handling (#5435)
* Add failing TZ tests for DateTimeField

- tests "current" timezone activation
- tests output for non-UTC timezones

* Update DateTimeField TZ aware/naive test output

* Fix DateTimeField TZ handling

* Add Release Note for BC change
2017-09-20 12:15:15 +02:00
Jeremy Nauta
c0a48622e1 Allow ChoiceField.choices to be set dynamically (#5426)
## Description

The `choices` field for the `ChoiceField` class should be able to be edited after `ChoiceField.__init__` is called.

```
field = ChoiceField(choices=[1,2])
field.choices = [1]  # Should no longer allow `2` as a choice
```

Currently, you must update `choices`, `grouped_choices`, and `choice_strings_to_values` to achieve this. This P/R keeps `grouped_choices` and `choice_strings_to_values` in sync whenever the `choices` are edited.
2017-09-20 11:33:50 +02:00
Carlton Gibson
7b1582e00e Allow schema = None. Deprecate exclude_from_schema (#5422)
* Add tests for schema exclusions

* Move exclusion check to should_include_endpoint

* Update docs

* Switch to using `schema = None`

* Test PendingDeprecationWarnings

* Add note to release notes.

* s/deprecated/pending deprecation/

* Add PR link to release notes

* Correct typo in test class name

* Test 'exclude_from_schema' deprecation warning message (#1)

* Correct deprecation warning message
2017-09-20 11:29:47 +02:00
Carlton Gibson
efff9ff338 5378 fix schema generation markdown (#5421)
* Test case for #5240
* Remove unnecessary strip()  from get_description

Closes #5240

* Adjust test case
2017-09-14 12:20:41 +01:00
Carlton Gibson
d54df8c438 Refactor schema generation to allow per-view customisation (#5354)
* Initial Refactor Step

* Add descriptor class
* call from generator
* proxy back to generator for implementation.

* Move `get_link` to descriptor

* Move `get_description` to descriptor

* Remove need for generator in get_description

* Move get_path_fields to descriptor

* Move `get_serializer_fields` to descriptor

* Move `get_pagination_fields` to descriptor

* Move `get_filter_fields` to descriptor

* Move `get_encoding` to descriptor.

* Pass just `url` from SchemaGenerator to descriptor

* Make `view` a property

Encapsulates check for a view instance.

* Adjust API Reference docs

* Add `ManualSchema` class

* Refactor to `ViewInspector` plus `AutoSchema`

The interface then is **just** `get_link()`

* Add `manual_fields` kwarg to AutoSchema

* Add schema decorator for FBVs

* Adjust comments

* Docs: Provide full params in example

Ref feedback b52e372f8f (r137254795)

* Add docstring for ViewInstpector.__get__ descriptor method.

Ref https://github.com/encode/django-rest-framework/pull/5354#discussion_r137265022

* Make `schemas` a package.

* Split generators, inspectors, views.

* Adjust imports

* Rename to EndpointEnumerator

* Adjust ManualSchema to take `fields`

… and `description`.

Allows `url` and `action` to remain dynamic

* Add package/module docstrings
2017-09-14 09:46:34 +01:00
Tom Christie
5ea810d526 Drop unnecessary TODO notes. 2017-09-14 09:44:59 +01:00
Sergei Azarkin
9aaea2586b Fix authtoken managment command (#5415)
* Fix authtoken managment command username param
2017-09-12 14:03:29 +01:00
Carlton Gibson
71ad99e0b2 Merge pull request #5388 from founders4schools/fix/named-source
Fix ModelSerializer custom named fields with source on model
2017-09-04 17:24:36 +02:00
jhg14
3c1bf6bfd5 Add failing test for named attribute
Fix test crudely

Remove comment
2017-09-04 15:44:04 +01:00
Igor Tokarev
79be20a7c6 Updated supported values for the NullBooleanField (#5387)
* Updated supported values for the NullBooleanField.
* Added check for unhashable types in NullBooleanField.
2017-09-04 10:11:53 +01:00
Daniele Varrazzo
e42eb42d49 Don't make the content mandatory in the generic content form (#5372)
Sometimes, probably in the upgrade from Django 1.9 to 1.10, a post with
empty content is forbidden by javascript, with the message "Please fill
in this field". Filling the form with '{}' allows an application/json
request to be submitted.

The API call itself works perfectly well with a post with empty content:
the interface shouldn't make assumptions about it.
2017-09-04 10:04:48 +01:00
Carlton Gibson
7cd59147ea Merge pull request #5376 from rpkilby/django-perms-queryset
DjangoModelPermissions should perform auth check before accessing the view's queryset
2017-09-04 08:24:40 +02:00
Ryan P Kilby
23b2d8099b Unify QS handling for model/object permissions 2017-09-01 13:56:39 -04:00
Daniel Hahler
fff3db5517 Fix doc for ErrorDetail 2017-08-31 12:19:03 +02:00
Carlton Gibson
27c382c98d Merge pull request #5351 from rpkilby/requestfactory-contenttype
Unexpected result when passing empty body to RequestFactory
2017-08-31 12:13:49 +02:00
Ryan P Kilby
0ec915e623 Force content_type inclusion in APIRequestFactory 2017-08-31 05:45:12 -04:00
Ryan P Kilby
07258ca032 Remove None handling from fields.get_attribute() 2017-08-30 17:42:12 -04:00
Denis Untevskiy
c8773671e7 + Rejecting anonymous in DjangoModelPermissions *before* the .get_queryset call 2017-08-30 17:10:39 -04:00
Carlton Gibson
6a3b8cfa4c Adjust wording 2017-08-22 20:44:19 +02:00
Felipe Bidu
6f2c3bcb12 Further clarifying the message when get_queryset returns None to include the class name that was called 2017-08-22 12:13:22 -03:00
Felipe Bidu
5fd01d06ab Adding a more explicit error message when a view does have a get_queryset method but it returned nothing 2017-08-22 11:00:19 -03:00
Carlton Gibson
fed85bc29d Merge pull request #5344 from carltongibson/3.6.4-release
Release notes etc for 3.6.4
2017-08-22 08:55:38 +02:00
Daniel Hahler
e389336ad7 docs/link.html: fix/remove undefined template var "schema" 2017-08-21 14:47:43 +02:00
Carlton Gibson
1a7ed29639 Update version number 2017-08-21 12:06:14 +02:00
Carlton Gibson
d875fb3272 Update compiled translations. 2017-08-21 12:05:25 +02:00
Carlton Gibson
68d818fcc7 Update content from Transifex 2017-08-21 12:02:14 +02:00
Carlton Gibson
d2286ba658 Merge pull request #5326 from limdauto/limdauto-patch-1
Fix introspection of list field in schema
2017-08-21 10:09:57 +02:00
Carlton Gibson
4d5e846ca7 Merge pull request #5334 from Woile/woile-nested-docs-fix
Fix docs multiple nested and multiple methods
2017-08-18 11:05:06 +02:00
kycool
c868378c71 Update fields.py
modify to_choices_dict document
2017-08-18 12:12:01 +08:00
Woile
a1546cc266 [NEW] Tests for templatetags.schema_links 2017-08-17 21:14:26 +02:00
Woile
11bc1fe282 Fix JS data binding 2017-08-17 12:33:59 +02:00
Woile
ed38371c3a Fix docs multiple nested and multiple methods 2017-08-15 16:59:50 +02:00
Lim H
32a0b62508 Fix introspection of list field in schema 2017-08-12 18:59:03 +01:00
Alexander Dutton
e80b78d1cb RemoteUserAuthentication, docs, and tests (#5306)
RemoteUserAuthentication, docs, and tests
2017-08-11 10:35:00 +01:00
Yury V. Zaytsev
96d6a9a6da Docs: update link in pagination.py (#5321)
The blog post referenced in the documentation has been since moved to a new location.
2017-08-09 15:19:43 -04:00
Ryan P Kilby
26ebb88306 Revert 3288 (#5313)
* Add regression test for #2505. Thanks @pySilver!

* Add regression test for #5087

* Revert "Cached the field's root and context property."

This reverts commit 792005806b.
2017-08-07 16:52:09 +01:00
minusf
9ec89141ee typo: may -> many 2017-07-20 23:42:51 +02:00
Erick Delfin
089887d56e Simplified chained comparisons and minor code fixes (#5276) 2017-07-16 17:12:29 +01:00
Ryan P Kilby
d1cfec8d87 Fix SearchFilter to-many behavior by ANDing cond's 2017-07-10 14:50:47 -04:00
Tom Christie
6d4d4dfd04 Ensure closables in request.FILES get closed. (#5262)
Ensure closables on `.FILES` get closed.
2017-07-10 13:42:02 +01:00
elmccarthy
b905197f24 Fix issue #5258 (#5259)
Sanitize serializer.data to remove hidden fields before rendering template JSON instance to raw data form.

* Fix lint issues
2017-07-10 11:43:36 +01:00
Tom Christie
39f6f1137c Merge pull request #5261 from encode/validation-error-on-invalid-timezone-parsing
Raise validation error on invalid timezone parsing.
2017-07-10 11:27:28 +01:00
Tom Christie
fbb3490989 Merge pull request #5188 from andreagrandi/auth-token-cmd
Add Django manage command to create a DRF user Token
2017-07-10 10:35:05 +01:00
Tom Christie
c7e2bad524 Merge pull request #5189 from myrubapa/master
Fix API documentation templates do not check for user authentication #5162
2017-07-10 10:28:33 +01:00
Tom Christie
bf7fcc495b Raise validation error on invalid timezone parsing. 2017-07-10 10:14:31 +01:00
Tom Christie
3dab905656 Merge pull request #5231 from dmmatson/feature/slugfield-allow-unicode
Fixed tests on Windows. Added unicode support to SlugField
2017-07-07 12:41:52 +01:00
dmmatson
302a9d089e Fixed tests on Windows. Added unicode support to SlugField 2017-06-23 23:11:17 -06:00
Venelin Stoykov
0e5d26fa6a Fixed #5228 Set ViewSet args/kwargs/request before dispatch 2017-06-22 16:22:17 +03:00
José Padilla
9e72736af8 Merge pull request #5219 from blueyed/fix-doc-_authenticate
doc: fix documentation for Request._authenticate
2017-06-17 09:21:00 -04:00
Tom Christie
b069b0d33a Merge pull request #5176 from levic/browsable-api-multipart-form-data
Fix browsable API not supporting multipart/form-data correctly
2017-06-16 15:08:27 +01:00
Levi Cameron
5cbfcbc56f Fix regex typo allowing '[' in boundary string 2017-06-16 21:53:06 +10:00
Daniel Hahler
fe95ab675b doc: fix documentation for Request._authenticate
It does not return anything.
2017-06-16 13:23:26 +02:00
Tom Christie
598e5877cd Merge pull request #5192 from matteius/DRF-5135-one-to-one-pk
Special case for when OneToOneField is also primary key.
2017-06-16 12:06:12 +01:00
Dan Koch
4701f12c3e Quote nested API parameters in api.js
I sometimes have parameter names with a period (.) in them, to represent nested objects, e.g. containerobj.inner_param. The Javascript was throwing an error in the browsable API when interacting with those parameters.
2017-06-13 16:01:02 -04:00
Daniel Hahler
515fe928d5 Use stacklevel=2 with DeprecationWarnings
This makes the warnings refer to the code where it is used, which makes
it easier to find and fix.
2017-06-12 14:59:29 +02:00
Andrea Grandi
d2459710ca Implement option to reset User token 2017-06-03 11:58:01 +01:00
Andrea Grandi
34c38e0cfe Use self.sdtout and CommandError to print output 2017-06-03 11:06:14 +01:00
Andrea Grandi
cf196a4424 Get UserModel from get_user_model and do not infer the natural key 2017-06-03 10:38:01 +01:00
Pierre Sassoulas
903ef4917a Feat - Added aria-label and a new region for accessibility purpose
Navigating the page with a reader is easier is there is aria-label
and region.

https://www.w3.org/WAI/
2017-06-02 09:49:00 +02:00
Andrea Grandi
be590d61c0 Handle invalid User situation 2017-05-31 23:01:35 +01:00
Levi Cameron
6b8d6019ea Fix boundary detection regex not handling spaces inside boundary marker correctly 2017-05-31 13:18:17 +10:00
Matt Davis
6115815108 Special case for when OneToOneField is also primary key.
https://github.com/encode/django-rest-framework/issues/5135
2017-05-30 13:57:45 -04:00
Levi Cameron
1c44ef2b11 Improvements to code clarity 2017-05-30 10:43:33 +10:00
Bekhzod Tillakhanov
c96fa224c7 Fix ul inner li 2017-05-30 00:29:11 +05:00
Bekhzod Tillakhanov
84e22cc2f3 Scheme fix when unauth and Flask8 lint fix 2017-05-30 00:15:07 +05:00
Andrea Grandi
d198b1abe6 Add Django manage command to create a DRF user Token 2017-05-29 17:07:50 +01:00
Tom Christie
9c9525b130 Merge pull request #5187 from mathpresso-mom/list_route_regex
Fix list_route, detail_route with kwargs contains curly bracket in url_path
2017-05-29 13:47:19 +01:00
이동환
0ad017a573 requested changes 2017-05-29 20:55:06 +09:00
Tom Christie
823eea2d59 Merge pull request #5147 from imdark/patch-1
Improve memory footprint when reading large JSON requests.
2017-05-29 11:55:53 +01:00
Tom Christie
e2157fbf7c Merge pull request #5174 from tadhg-ohiggins/html_cutoff_none
Fix exception when HTML_CUTOFF is set to None
2017-05-29 11:54:03 +01:00
Dryice Liu
04adfb9c94 make sure max_length is in FileField kwargs 2017-05-28 04:14:56 +08:00
이동환
e6c9f89a12 Fixed curly bracket in regexp of @list_route 2017-05-25 19:13:45 +09:00
Levi Cameron
94c37c09c5 Fix browsable API not supporting multipart/form-data correctly
- Autodetect missing boundary parameter for Content-Type header
- textarea value normalises EOL chars to \n when multipart/form-data requires \r\n
2017-05-25 20:07:34 +10:00