Commit Graph

4245 Commits

Author SHA1 Message Date
Tom Christie
aa84432f9b Merge pull request #1896 from dbrgn/csrf_response
Changed return status for CSRF failures to HTTP 403
2014-09-23 14:30:35 +01:00
Tom Christie
0404f09a7e NullBooleanField 2014-09-23 14:30:17 +01:00
Tom Christie
f22d0afc3d Tests for field choices 2014-09-23 14:15:00 +01:00
Danilo Bargen
b187f53453 Changed return status for CSRF failures to HTTP 403
By default, Django returns "HTTP 403 Forbidden" responses when CSRF
validation failed[1]. CSRF is a case of authorization, not of
authentication. Therefore `PermissionDenied` should be raised instead
of `AuthenticationFailed`.

[1] https://docs.djangoproject.com/en/dev/ref/contrib/csrf/#rejected-requests
2014-09-23 14:16:08 +02:00
Tom Christie
5d80f7f932 allow_blank, allow_null 2014-09-22 17:46:02 +01:00
Tom Christie
5a95baf2a2 Tests & tweaks for ChoiceField 2014-09-22 16:52:57 +01:00
Tom Christie
b5454dd022 Tests and tweaks for choice fields 2014-09-22 16:50:04 +01:00
Tom Christie
e5f0a97595 More compat fixes 2014-09-22 16:45:06 +01:00
Tom Christie
5586b6581d Support format=None for date/time fields 2014-09-22 16:02:59 +01:00
Tom Christie
4db23cae21 Tweaks to DecimalField 2014-09-22 15:34:06 +01:00
Tom Christie
249253a144 Fix compat issues 2014-09-22 14:54:33 +01:00
Tom Christie
c54f394904 Ensure 'messages' in fields are respected in preference to default validator messages 2014-09-22 13:57:45 +01:00
Tom Christie
afb3f8ab0a Tests and tweaks for text fields 2014-09-22 13:26:47 +01:00
Tom Christie
af46fd6b00 Field tests and associated cleanup 2014-09-22 12:25:57 +01:00
Tom Christie
cf72b9a8b7 Moar tests 2014-09-19 16:43:13 +01:00
Tom Christie
b361c54c5c Test rejigging 2014-09-19 15:46:32 +01:00
Tom Christie
c0150e619c Add BaseSerializer heading 2014-09-19 14:59:59 +01:00
Tom Christie
88008c0a68 Merge branch 'master' into version-3.0 2014-09-19 14:05:50 +01:00
Tom Christie
6d73b5969a Initial release notes 2014-09-19 14:02:17 +01:00
Tom Christie
12ccb0fe8a Test tweaking 2014-09-19 09:09:26 +01:00
Tom Christie
1e9ea377e3 Merge pull request #1887 from pipermerriam/piper/decorate_as_view_response_from_viewsets
Fix missing CSRF exemption on viewsets
2014-09-18 19:13:47 +01:00
Tom Christie
ddbd3cb659 Merge pull request #1882 from mattjmorrison/patch-2
Clarify "raised inside REST framework"
2014-09-18 18:11:26 +01:00
Piper Merriam
7f758d1cf6 Fix missing CSRF exemption on viewsets 2014-09-18 10:30:13 -06:00
Tom Christie
f90049316a Added a model update integration test 2014-09-18 15:47:27 +01:00
Tom Christie
106362b437 ModelSerializer.create() to handle many to many by default 2014-09-18 14:58:08 +01:00
Tom Christie
9fdb2280d1 First pass on ManyRelation 2014-09-18 14:23:00 +01:00
Tom Christie
3bc628edc0 Test for custom fields 2014-09-18 13:07:38 +01:00
Tom Christie
87734be5f4 Configuration correctness tests on ModelSerializer 2014-09-18 12:17:21 +01:00
Tom Christie
5b7e4af0d6 get_base_field() refactor 2014-09-18 11:20:56 +01:00
Matthew J Morrison
764366b2e1 Fixed code formatting 2014-09-17 11:29:15 -05:00
Tom Christie
8c8d355e76 Update routers.py 2014-09-17 15:51:17 +01:00
Tom Christie
3376c37861 Merge pull request #1865 from mskrajnowski/default-router-listless-viewset
DefaultRouter support for viewsets without an implemented default action
2014-09-17 15:50:12 +01:00
Tom Christie
543c6c8e35 Merge pull request #1883 from jpadilla/master
Update authtoken latest Django 1.7 migration
2014-09-17 15:49:27 +01:00
José Padilla
de5fbf7d63 Update initial migration to work on Python 3 2014-09-17 10:23:53 -04:00
Tom Christie
c0155fd9dc Update comments 2014-09-17 14:11:53 +01:00
José Padilla
a37db382c6 Update authtoken latest Django 1.7 migration 2014-09-17 09:01:49 -04:00
Matthew J Morrison
e5af0bbb35 Clarify "raised inside REST framework"
I ran into an issue today where I was not seeing the rest_framework.views.exception_handler do what I thought it should be doing. It turned out that I had imported View from rest_framework.views rather than importing APIView from rest_framework.views. The phrase "raised inside REST framework" was confusing as I was debugging this issue. I was unsure if that meant that I could raise those exceptions in my code or if it had to originate from within framework code.

I'm not sure if the proposed wording is ideal, I just wanted to point out what I found to be confusing.
2014-09-17 07:49:54 -05:00
Tom Christie
92fb08bc6d Merge pull request #1874 from sheppard/patch-3
add wq.db router and django-rest-pandas renderers
2014-09-16 09:08:07 +01:00
S. Andrew Sheppard
3725a1e77d add wq.db router and django-rest-pandas renderers 2014-09-15 14:46:09 -05:00
Tom Christie
4ddc661b01 Tests for through relationships 2014-09-15 14:05:58 +01:00
Tom Christie
d196608d5a Fix nested model serializer base class 2014-09-15 13:55:09 +01:00
Tom Christie
0c15b97b33 Tests for reverse relationships 2014-09-15 13:48:03 +01:00
Tom Christie
c1e2a9cba6 Clean up field mapping tests 2014-09-15 13:38:28 +01:00
Tom Christie
3cf7ed10d2 Fix erronous import 2014-09-15 13:10:58 +01:00
Tom Christie
40dc588a37 Drop label from serializer fields when not needed 2014-09-15 09:50:51 +01:00
Tom Christie
cefeb23b25 Merge pull request #1871 from jpadilla/third-party-docs
Add Third Party Resources Topic section
2014-09-14 16:52:53 +01:00
José Padilla
915dfb9b3d Update third-party-resources.md 2014-09-14 10:19:54 -04:00
José Padilla
4871dbdc73 Add invitation to add new content 2014-09-13 16:20:37 -04:00
José Padilla
1390b6801e Include third party resources link in home page 2014-09-13 16:20:16 -04:00
José Padilla
96c21b81f5 Add Third Party Resources Topic section 2014-09-13 13:53:40 -04:00