Commit Graph

3323 Commits

Author SHA1 Message Date
Jon Dufresne
9d06e43d05 Replace type('') with six.text_type (#6482)
As all source files import unicode_literals, type('') is always
equivalent to six.text_type (str on Python 3 and unicode on Python 2).
Removes the need to call type(), is more explicit, and will be easier to
catch places to change for when it is time to eventually drop Python 2.
2019-03-05 12:11:46 +01:00
Carlton Gibson
ac4c78967a Update version for v3.9.2 release. 2019-03-03 20:16:16 +01:00
Jon Dufresne
7eac86688a Remove executable bit from static assets (#6484)
These files are simply static assets and do not require an executable
bit. They are never intended to be executed as standalone scripts.
2019-03-03 18:39:08 +00:00
Carlton Gibson
94593b3a50
Introduce RemovedInDRF…Warning classes to simplify deprecations. (#6480)
Closes #6290.
2019-03-03 09:20:45 +01:00
Jon Dufresne
a216d02ce0 Merge multiple isinstance() calls to one (#6481)
https://docs.python.org/3/library/functions.html#isinstance

> If classinfo is a tuple of type objects (or recursively, other such
> tuples), return true if object is an instance of any of the types.
2019-03-02 20:48:03 +00:00
Andrzej Górski
317174b163 Avoided calling distinct on annotated fields in SearchFilter. (#6240)
Fixes #6094
2019-02-25 16:59:25 +01:00
Adrien Brunet
2daf6f1341 Add negation ~ operator to permissions composition (#6361) 2019-02-25 15:33:40 +01:00
Frédéric Massart
94fbfcb6fd Added lazy evaluation to composed permissions. (#6463)
Refs #6402.
2019-02-25 13:47:02 +01:00
Carlton Gibson
8a29c53226 Allowed Q objects in limit_choices_to introspection. (#6472)
Closes #6470.
2019-02-25 10:49:29 +00:00
Charlie Hornsby
07c5c968ce Fix DeprecationWarning when accessing collections.abc classes via collections (#6268)
* Use compat version of collections.abc.Mapping

Since the Mapping class will no longer be available to import directly
from the collections module in Python 3.8, we should use the
compatibility helper introduced in #6154 in the fields module.

* Alias and use compat version of collections.abc.MutableMapping

Since the MutableMapping class will no longer be available to import
directly from the collections module in Python 3.8, we should create an
alias for it in the compat module and use that instead.
2019-02-25 09:17:04 +01:00
Allan Reyes
d110454d4c Added SearchFilter.get_search_fields() hook. (#6279) 2019-02-19 17:18:14 +01:00
Si Feng
1ece516d2d Adjusted field validators to accept iterables. (#6282)
Closes 6280.
2019-02-19 16:38:20 +01:00
jeffrey k eliasen
eb3180173e Made templates compatible with session-based CSRF. (#6207) 2019-02-19 12:15:03 +01:00
Carlton Gibson
190f6201cb
Update Django Guardian dependency. (#6430)
* Update Django Guardian dependency.
* Skip testing Guardian on PY2. See https://github.com/django-guardian/django-guardian/issues/602
2019-01-31 15:59:19 +01:00
Carlton Gibson
bd9a799e16
Fixed SchemaView to reset renderer on exception. (#6429)
Fixes #6258.
2019-01-31 15:28:01 +01:00
Carlton Gibson
f54a220d8f
Corrected coreapi CLI code example generation. (#6428)
Remove “> “ when rendering template.
Closes #6333.
2019-01-31 11:36:40 +01:00
Andy Babic
87ade870c3 Added 'request_forms' block to base.html (#6340) 2019-01-24 16:30:46 +01:00
Carlton Gibson
8d20e10218
Deferred schema renderer creation to avoid requiring pyyaml. (#6416)
Closes #6366.
2019-01-24 16:01:06 +01:00
Carlton Gibson
f539c0dbd1
Removed incorrect DictField docstring. (#6417)
Closes #6363.
2019-01-24 15:18:22 +01:00
Sébastien Diemer
822b85ac36 routers: invalidate _urls cache on register (#6407)
see https://github.com/encode/django-rest-framework/issues/5660

Trying to register new routes on a router after having accessed the
router `urls` attribute leads to surprising results.
The route is added without error to the router's `registry` but the urls
are not updated, because they are cached in `_urls`.
This commit invalidates the cache after each new registration.
2019-01-17 13:07:57 +00:00
Tom Christie
453196e9c3
Version 3.9.1 (#6405)
* Version 3.9.1

* Upgrade bootstrap

* Release notes for 3.9.1
2019-01-16 13:27:35 +00:00
Yury V. Zaytsev
4bb9a3c484 Fix XSS caused by disabled autoescaping in the default DRF Browsable API view templates (#6330)
* Add test that verifies that HTML is correctly escaped in Browsable API views

* Fix `urlize_quoted_links` tag to avoid double escaping in autoescape mode

* Fix XSS in default DRF Browsable API template by re-enabling autoescape
2019-01-16 12:36:25 +00:00
Adrien Brunet
e3bd4b9048 Fix #1811: take limit_choices_to into account with FK (#6371)
* Fix issue1811: take limit_choices_to into account with FK

* Issue 1811: Add tests to illustrate issue

* Filter queryset only if limit_choices_to exists

* Move test_relations_with_limited_querysets file within test_relations_pk

* move limit_choices_to logic from relations.py to utils/field_mapping.py

* move limit_choices_to above other check to avoid conflicts
2019-01-08 13:49:47 +00:00
Stephen Finucane
c052a86c7b compat: (py2) urlparse = urllib.parse (py3) (#6262)
* compat: (py2) urlparse = urllib.parse (py3)

We were mistakenly importing the 'urlparse' function from the Python 2
'urlparse' module, as opposed to the module itself. Correct this.

Signed-off-by: Stephen Finucane <stephen@that.guru>
Closes: #6261

* compat: Remove 'compat.urlparse'

We can just use Django's vendored six library, like we do everywhere
else.

Signed-off-by: Stephen Finucane <stephen@that.guru>
2019-01-08 12:03:02 +00:00
Carlton Gibson
587058e3c2 Allow run_validators() to handle non-dict types. (#6365)
Fixes #6053.

Original test case thanks to Vincent Delaitre in #6242.
2019-01-08 11:39:30 +00:00
Yaser Khahani
0cf18c4163 Use Default Version in URLPathVersioning if 'version' Didn't Specified by Client (#6380)
* Use Default Version in URLPathVersioning if 'version' Didn't Passed

* Clean Code
2019-01-08 11:34:54 +00:00
Alf
963ce306f3 Added "allow_unicode" to generated kwargs for ModelSerializer SlugField (#6315) 2018-12-19 15:37:52 +01:00
HoangYell
b61806e3b3 add "js-tooltip" class to "POST" button (#6344)
the tool tip of "POST" button is different from other buttons, since it loses the "js-tooltip" class.
2018-12-03 12:10:05 +00:00
Benjamin Pereto
5a54f897ec FIX: openapi schema title should be a string not a tuple (#6259) 2018-11-28 12:45:26 +00:00
Xavier Ordoquy
74574217a4 Fix composable permissions
In some cases we end with an operation between two `OperandHolder`.
This didn't work as it didn't knew how to deal with | or &
This fixes by adding those operations.
2018-11-27 15:29:44 +01:00
takaaki shimbo
0f5dfe8b3c Fix typo in schemas (#6332)
* Fix typo in generators.py

* Fix typo in inspectors.py

* message line too long

* Change backslash to multiline strings

* Removed trailing whitespace from assertion message
2018-11-26 10:14:59 -08:00
Mark Davidoff
6f2c0dbf4d
permissions must return a boolean
`x and y` actually returns object y when both are true. the means P & IsAuthenticated will fail with TypeError: unsupported operand type(s) for &: 'instance' and 'bool' as IsAuthenticated now returns a CallableBool which does not overload __ror__
2018-10-28 14:12:39 -07:00
Tom Christie
2c9c0f1b7f
Version 3.9 (#6247)
* Release notes to 5174a26ec9

* Update version for v3.9.0

* Removed exclude_from_schema per deprecation policy.

* Updated list_route() and detail_route() deprecations.

* Weakened to PendingDeprecationWarning for `base_name`

cc @rpkilby.

* Add (beginning of) 3.9 release announcement.

@tomchristie: Input on OpenAPI and What’s Next very welcome! :)

* Add announcement section for Extra Actions in Browsable API

* Update release notes and add deprecation note for Django Guardian backend.

* Add release note for #6073

* Add release notes to dd19a44583

* Adding release notes

* Update 3.9 announcement

* Add Oct 18 release date
2018-10-18 10:38:46 +01:00
Dennis Kliban
dd19a44583 Problem: autoescape not getting passed to urlize_quoted_links filter (#6191)
Solution: set needs_autoescape=True when registering the filter

Without this patch, the disabling autoescape in the template does not work.
2018-10-10 10:36:04 +02:00
Daniel Bate
5feb835929 Feature/action docs sections (#6060)
* added ability to add sections to custom action documentation

* added tests to cover docs sections in custom actions

* added method specific docs test for action mapping

* added docs for custom action documentation
2018-10-10 10:29:29 +02:00
Tom Christie
6522d4ae20
Add OpenAPIRenderer by default, and add schema docs. (#6233)
* Add OpenAPIRenderer as a default for get_schema_view, and start adding schema docs

* Add optional pyyaml

* Updating schema docs
2018-10-04 14:05:55 +01:00
Xavier Ordoquy
b41a6cfa38 permissions: Allow permissions to be composed (#5753)
* permissions: Allow permissions to be composed

Implement a system to compose permissions with and / or.
This is performed by returning an `OperationHolder` instance that keeps the
permission classes and type of composition (and / or).
When called it will return a AND/OR instance that will then delegate the
permission check to the operands.

* permissions: Add documentation about composed permissions

* Fix documentation typo in permissions
2018-10-03 15:36:24 +01:00
Tom Christie
8908934928
Add OpenAPIRenderer and generate_schema management command. (#6229)
* Add OpenAPIRenderer and generate_schema command

* Add both OpenAPIRenderer and JSONOpenAPIRenderer

* Add flags to generate_schema command

* Fix syntax error

* Pull coreschema references into method, so they are only used if 'OpenAPIRenderer' is in use.

* generate_schema -> generateschema, and fix to OpenAPIRenderer

* Ensure that renderers generate bytes and generateschema outputs text

* Drop unused import
2018-10-03 15:28:04 +01:00
Jerome Leclanche
0eb2dc1137 Prohibit null characters in CharField by default (#6073)
* Implement an allow_null_bytes argument to CharField (default True)
* Switch to using native ProhibitNullCharactersValidator instead
2018-10-02 16:54:15 +02:00
Ryan P Kilby
66183389f6 Deprecate DjangoObjectPermissionsFilter (#6075) 2018-10-02 16:34:25 +02:00
Ryan P Kilby
903204cd79 Fix action support for ViewSet suffixes (#6081)
* Add suffix support for actions

Removes the newly introduced `action.name` in favor of leveraging the
View's `.get_view_name()` method, which supports both name and suffix.

* Fix view description func docstrings

* Test action decorator name & suffix kwargs

* Adjust 'extra action' docs
2018-10-02 16:22:21 +02:00
Jon Dufresne
878f9d2783 Prefer https:// for URLs when available throughout project (#6208) 2018-10-02 08:28:58 +02:00
Jon Dufresne
ed6340ee76 Remove unnecessary use of compat shim six.binary_type (#6189)
The type bytes is available on all supported Pythons. On Python 2.7, it
is an alias for str, same as six.binary_type. Makes the code more
forward compatible with Python 3.
2018-09-17 10:39:59 +02:00
Ryan P Kilby
fc6cbb5b26 Allow nullable BooleanField in Django 2.1 (#6183)
* Add tests for BooleanField when nullable

* Allow nullable BooleanField in Django 2.1

* Drop 'BooleanField.allow_null' check

* Remove conflicting false/null values
2018-09-13 17:25:03 +01:00
Jerome Leclanche
612a7b989f Fix Python 3.8 compatibility (#6154) 2018-09-10 21:12:32 -07:00
Jon Dufresne
4d57d46bf8 Prefer io.BytesIO over six; available on all supported Pythons (#6168)
On all supported Pythons, the io.BytesIO is always a stream
implementation using an in-memory bytes buffer.

Makes code slightly more forward compatible by reducing use of the six
module and promotes more forward compatible practices in the docs.
2018-09-09 11:53:41 +01:00
oliver
bcc565f387 Clean up unnecessary if statement (#6163) 2018-09-06 07:25:20 +01:00
Jon Dufresne
468cdd16ed Remove unnecessary models.py file (#6142)
Since Django 1.7, an empty models.py file is not required.

See
https://docs.djangoproject.com/en/dev/releases/1.7/#app-loading-refactor

> It is possible to omit models.py entirely if an application doesn’t
> have any models.
2018-08-28 09:51:28 +02:00
Craig de Stigter
81fa4b4f75 Fix CSRF cookie check failure when using session auth with django 1.11.6+ (#6113)
Test included. Fixes #6088
2018-08-07 08:18:56 +01:00
Oleg
2fab7838ef Improve ModelSerializer.create() error message. (#6112) 2018-08-06 20:11:55 +02:00