encode/django-rest-framework
1
1
Fork 0
mirror of https://github.com/encode/django-rest-framework.git synced 2025-03-24 03:44:19 +03:00
Code Issues Packages Projects Releases Wiki Activity
4,317 Commits 15 Branches 132 Tags 114 MiB
a58cfe167d
Commit Graph

1806 Commits

Author SHA1 Message Date
Danilo Bargen
b187f53453 Changed return status for CSRF failures to HTTP 403 
By default, Django returns "HTTP 403 Forbidden" responses when CSRF
validation failed[1]. CSRF is a case of authorization, not of
authentication. Therefore `PermissionDenied` should be raised instead
of `AuthenticationFailed`.

[1] https://docs.djangoproject.com/en/dev/ref/contrib/csrf/#rejected-requests
 2014-09-23 14:16:08 +02:00
Tom Christie
5d80f7f932 allow_blank, allow_null 2014-09-22 17:46:02 +01:00
Tom Christie
5a95baf2a2 Tests & tweaks for ChoiceField 2014-09-22 16:52:57 +01:00
Tom Christie
b5454dd022 Tests and tweaks for choice fields 2014-09-22 16:50:04 +01:00
Tom Christie
e5f0a97595 More compat fixes 2014-09-22 16:45:06 +01:00
Tom Christie
5586b6581d Support format=None for date/time fields 2014-09-22 16:02:59 +01:00
Tom Christie
4db23cae21 Tweaks to DecimalField 2014-09-22 15:34:06 +01:00
Tom Christie
249253a144 Fix compat issues 2014-09-22 14:54:33 +01:00
Tom Christie
c54f394904 Ensure 'messages' in fields are respected in preference to default validator messages 2014-09-22 13:57:45 +01:00
Tom Christie
afb3f8ab0a Tests and tweaks for text fields 2014-09-22 13:26:47 +01:00
Tom Christie
af46fd6b00 Field tests and associated cleanup 2014-09-22 12:25:57 +01:00
Tom Christie
cf72b9a8b7 Moar tests 2014-09-19 16:43:13 +01:00
Tom Christie
20424251a3 Version 2.4.3 2014-09-19 14:26:28 +01:00
Tom Christie
88008c0a68 Merge branch 'master' into version-3.0 2014-09-19 14:05:50 +01:00
Piper Merriam
7f758d1cf6 Fix missing CSRF exemption on viewsets 2014-09-18 10:30:13 -06:00
Tom Christie
f90049316a Added a model update integration test 2014-09-18 15:47:27 +01:00
Tom Christie
106362b437 ModelSerializer.create() to handle many to many by default 2014-09-18 14:58:08 +01:00
Tom Christie
9fdb2280d1 First pass on ManyRelation 2014-09-18 14:23:00 +01:00
Tom Christie
87734be5f4 Configuration correctness tests on ModelSerializer 2014-09-18 12:17:21 +01:00
Tom Christie
5b7e4af0d6 get_base_field() refactor 2014-09-18 11:20:56 +01:00
Tom Christie
8c8d355e76 Update routers.py 2014-09-17 15:51:17 +01:00
Tom Christie
3376c37861 Merge pull request #1865 from mskrajnowski/default-router-listless-viewset 
DefaultRouter support for viewsets without an implemented default action
 2014-09-17 15:50:12 +01:00
José Padilla
de5fbf7d63 Update initial migration to work on Python 3 2014-09-17 10:23:53 -04:00
Tom Christie
c0155fd9dc Update comments 2014-09-17 14:11:53 +01:00
José Padilla
a37db382c6 Update authtoken latest Django 1.7 migration 2014-09-17 09:01:49 -04:00
Tom Christie
d196608d5a Fix nested model serializer base class 2014-09-15 13:55:09 +01:00
Tom Christie
40dc588a37 Drop label from serializer fields when not needed 2014-09-15 09:50:51 +01:00
Tom Christie
afb28a44ad Dealing with reverse relationships 2014-09-12 21:32:20 +01:00
Tom Christie
e6c88a4233 Drop usage of validatiors.EMPTY_VALUES 2014-09-12 19:54:27 +01:00
Tom Christie
0ac52e0808 Use Resolver404 instead of base Exception 2014-09-12 17:06:37 +01:00
Tom Christie
b73a205cc0 Tests for relational fields (not including many=True) 2014-09-12 17:03:42 +01:00
Tom Christie
79715f01f8 Coerce dates etc to ISO_8601 in seralizer, by default. 2014-09-12 12:10:22 +01:00
Tom Christie
22af49bf8f Tidy up JSONEncoder 2014-09-12 11:50:20 +01:00
Tom Christie
5e39e159ee UNICODE_JSON and COMPACT_JSON settings 2014-09-12 11:38:22 +01:00
Tom Christie
250755def7 Clean up relational fields queryset usage 2014-09-12 10:59:51 +01:00
Tom Christie
6db3356c4d NON_FIELD_ERRORS_KEY setting 2014-09-12 10:21:35 +01:00
Tom Christie
0d354e8f92 to_internal_value() and to_representation() 2014-09-12 09:49:35 +01:00
Tom Christie
adcb64ab41 MethodField -> SerializerMethodField 2014-09-12 09:12:56 +01:00
Tom Christie
1e53eb0aa2 DecimalFields should still be quantized even without coerce_to_string 2014-09-11 21:57:32 +01:00
Tom Christie
040bfcc09c NotImplemented stubs for Field, and DecimalField improvements 2014-09-11 21:48:54 +01:00
Tom Christie
a751871991 no longer tightly coupled to private queryset API 2014-09-11 20:50:26 +01:00
Tom Christie
55650a743d no longer tightly coupled to private queryset API 2014-09-11 20:49:10 +01:00
Tom Christie
19b8f779de Throttles now use Retry-After header and no longer support the custom style 2014-09-11 20:43:44 +01:00
Tom Christie
bf52d04f4c Nice manager representations on serializer classes 2014-09-11 20:37:27 +01:00
Tom Christie
ab40780dc2 Tidy up lookup_class 2014-09-11 20:22:32 +01:00
Tom Christie
3318f75a71 Improve memory address removal for serializer representations 2014-09-11 13:50:53 +01:00
Tom Christie
54ccf7230d Improve memory address removal for serializer representations 2014-09-11 13:43:46 +01:00
Tom Christie
de301f3b66 Merge master 2014-09-11 13:20:44 +01:00
Marek Skrajnowski
ae84438530 Added DefaultRouter support (and test) for viewsets without the default action implemented, which is usually the list action. 2014-09-11 12:42:36 +02:00
Joe Binney
37d01f6088 Fix grammar in login error message 2014-09-10 20:27:52 -07:00
Tom Christie
80ba047347 Compat fixes 2014-09-10 16:57:22 +01:00
Tom Christie
01c8c0cad9 Added help_text argument to fields 2014-09-10 13:52:16 +01:00
Tom Christie
234369aefd Tweaks 2014-09-10 08:53:33 +01:00
Tom Christie
b1c07670ca Fleshing out serializer fields 2014-09-09 17:46:28 +01:00
Xavier Ordoquy
015a8122c7 Merge pull request #1852 from GVRV/bugfix/apiroot_get_regression 
Make sure APIRoot.get can take on args, kwargs so router can be embedded...
 2014-09-09 07:19:16 +02:00
Gaurav Dadhania
1a885b9e16 Make sure APIRoot.get can take on args, kwargs so router can be embedded within any URL pattern. 2014-09-09 05:42:52 +05:30
Tom Christie
21980b800d More test sorting 2014-09-08 14:24:05 +01:00
Tom Christie
168710813c Merge pull request #1844 from adamsc64/issue_1533 
Fixed #1533 - Resolved issue with integer keys on nested choices never v...
 2014-09-08 10:15:26 +01:00
Hamish Campbell
826d76a8c7 Stop the API Client converting empty lists/dicts to empty strings 2014-09-08 12:16:20 +12:00
Christopher Adams
613a301a36 Fixed #1533 - Resolved issue with integer keys on nested choices never validating. 
- Added unit test for nested `choices` argument.
- Added unit test for non-nested `choices` argument.
 2014-09-06 17:13:28 -04:00
Tom Christie
e8fac28d88 Merge pull request #1818 from tituomin/serializer-subclass-mapping 
Better mapping for custom model fields to serializer fields.
 2014-09-06 07:20:31 +01:00
Tom Christie
5bbfef36f4 Merge pull request #1838 from jbittel/fix-encoded-filename-rfc6266 
Support RFC6266 encoded filenames
 2014-09-06 07:13:12 +01:00
Jason Bittel
3f7fad2e5a Refactor disposition unpacking for clarity 2014-09-05 16:27:55 -07:00
José Padilla
c9d4497d81 Use force_text from compat 2014-09-05 15:58:53 -07:00
José Padilla
d44a8f24ff Merge remote-tracking branch 'poswald/view-description-as-promise' into view-description-as-promise 2014-09-05 15:34:16 -07:00
Jason Bittel
c8e475023c Fix encoded filename parsing to allow for lang 2014-09-05 15:22:43 -07:00
Jason Bittel
bcd8a24db1 Refactor encoded filename feature per #1531 2014-09-05 14:56:54 -07:00
Vladislav Vlastovskiy
bcca9ed0fd Removed use encoding available only in py3 2014-09-05 14:52:01 -07:00
Vladislav Vlastovskiy
8a9f34b838 Added get filename as encoded 
This filename described in RFC 6266
 2014-09-05 14:50:16 -07:00
José Padilla
ab213cbc41 Remove order_by from AutoFilterSet 2014-09-05 11:43:49 -07:00
Tom Christie
d934824bff Workin on 2014-09-05 16:29:46 +01:00
Tom Christie
2b47c6b700 Merge pull request #1834 from piotrjakimiak/master 
Fix returning None when allow_none is True in CharField
 2014-09-05 13:57:34 +01:00
Piotr Jakimiak
c3b841ae44 Use Serializer instead of ModelSerializer 2014-09-05 14:08:11 +02:00
Tom Christie
7dce364a35 Merge pull request #1829 from cezar77/login-form-errors 
Display validation errors on login form
 2014-09-05 12:59:26 +01:00
Cezar Pendarovski
2531b5cd86 Remove light gray bordering from the well with general message error 2014-09-05 13:28:47 +02:00
Piotr Jakimiak
6022b9ddd4 Fix comment 2014-09-05 12:00:17 +02:00
Piotr Jakimiak
d9633c6817 Fix returning None when allow_none is True in CharField 2014-09-05 11:08:34 +02:00
Cezar Pendarovski
34b3ee9ea1 Place general error message in well 2014-09-05 11:06:30 +02:00
Cezar Pendarovski
d3ee26ba99 Change bootstrap class warning to error 2014-09-05 10:55:49 +02:00
Tom Christie
2e632e5af2 Merge pull request #1820 from carltongibson/login-dropdown 
Hide login link in browsable API if the login view is not registered.
 2014-09-05 09:07:14 +01:00
Cezar Pendarovski
6106701c06 Input fields get hightlighted if login fails and username is persisted 2014-09-05 09:38:54 +02:00
Cezar Pendarovski
3bc858c30b General message error goes above submit button 2014-09-04 17:51:45 +02:00
Cezar Pendarovski
ea259e8bde Error messages are displayed below the input fields 2014-09-04 16:01:27 +02:00
Cezar Pendarovski
d56efb8f82 Display validation errors on login form 2014-09-04 15:26:00 +02:00
Carlton Gibson
ef1fb3d8df Prefer format and use named blocks 2014-09-04 08:54:50 +02:00
dpanesso
1ab782a430 Using user.get_username() instead of user.username. 
This solves an error when using a auth model that does not have a username field.
 2014-09-03 23:38:03 -05:00
Piper Merriam
fc9be55d43 Alter CSRF exemption implementation 
The previous implementation of decorating `APIView.dispach` with the
`csrf_exempt` decorator allowed for an easy-to-make mistake where
someone could override the `dispatch` method on a view and inadvertantly
remove the csrf exemption of their api view.

By moving the decoration of the view into the `as_view` logic, it
becomes much more difficult to make this mistake.
 2014-09-03 09:50:31 -06:00
Tom Christie
f08afe162c Version 2.4.2 2014-09-03 16:35:17 +01:00
Tom Christie
c1036c1753 More test passing 2014-09-03 16:34:09 +01:00
Michał Jaworski
afe9b37f60 remove rogue print 2014-09-03 17:21:56 +02:00
Michał Jaworski
9195ccb97f Use explicit many=True for object_serializer instantiation in PaginationSerializer and add catch dummy 'many' kwarg on DefaultObjectSerializer 2014-09-03 16:52:41 +02:00
Carlton Gibson
4947303f20 Moved li tags inside optional_login 
as per https://github.com/tomchristie/django-rest-framework/pull/1820#discussion_r16987993
 2014-09-03 09:54:36 +02:00
Tom Christie
f2852811f9 Getting tests passing 2014-09-02 17:41:23 +01:00
Tom Christie
ec096a1cac Add relations and get tests running 2014-09-02 15:07:56 +01:00
Carlton Gibson
fa0ef17737 Remove Login Dropdown when Auth Views are not registered. 
Fixes #1738
 2014-09-02 14:53:37 +02:00
Timo Tuominen
e437520217 Generator implementation of class mapping. 2014-09-01 17:02:48 +03:00
Timo Tuominen
582f6fdd4b Add utility function to match classes in dictionary. 2014-09-01 15:54:33 +03:00
Timo Tuominen
ae84b8b0e8 Traverse the method resolution order when mapping serializer fields. 2014-09-01 15:03:39 +03:00
Timo Tuominen
82d4b20832 Add subclass matching to serializer field mapping. 2014-09-01 15:02:49 +03:00
Carlton Gibson
14877464f6 Merge pull request #1816 from carltongibson/regression-login-template 
Regression for #1810: Test login view renders
 2014-09-01 10:31:07 +02:00