* permissions: Allow permissions to be composed
Implement a system to compose permissions with and / or.
This is performed by returning an `OperationHolder` instance that keeps the
permission classes and type of composition (and / or).
When called it will return a AND/OR instance that will then delegate the
permission check to the operands.
* permissions: Add documentation about composed permissions
* Fix documentation typo in permissions
* Add suffix support for actions
Removes the newly introduced `action.name` in favor of leveraging the
View's `.get_view_name()` method, which supports both name and suffix.
* Fix view description func docstrings
* Test action decorator name & suffix kwargs
* Adjust 'extra action' docs
On all supported Pythons, the io.BytesIO is always a stream
implementation using an in-memory bytes buffer.
Makes code slightly more forward compatible by reducing use of the six
module and promotes more forward compatible practices in the docs.
* Add failing test for extra action schemas
* Add ViewInspector setter to store instances
* Fix schema disabling for extra actions
* Add docs note about disabling schemas for actions
* View suffix already set by initializer
* Add 'name' and 'description' attributes to ViewSet
ViewSets may now provide their `name` and `description` attributes
directly, instead of relying on view introspection to derive them.
These attributes may also be provided with the view's initkwargs.
The ViewSet `name` and `suffix` initkwargs are mutually exclusive.
The `action` decorator now provides the `name` and `description` to
the view's initkwargs. By default, these values are derived from the
method name and its docstring. The `name` may be overridden by providing
it as an argument to the decorator.
The `get_view_name` and `get_view_description` hooks now provide the
view instance to the handler, instead of the view class. The default
implementations of these handlers now respect the `name`/`description`.
* Add 'extra actions' to ViewSet & browsable APIs
* Update simple router tests
Removed old test logic around link/action decorators from `v2.3`. Also
simplified the test by making the results explicit instead of computed.
* Add method mapping to ViewSet actions
* Document extra action method mapping
* Update the http signature auth library ref link
It seems that the djangorestframework-httpsignature package is outdated
and there is updated fork named drf-httpsig.
* Fixing the link ref format in the http signature section
* Revert "Non-required fields with 'allow_null=True' should not imply a default value (#5639)"
This reverts commit 905a5579df.
Closes#5708
* Add test for allow_null + required=False
Ref #5708: allow_null should imply default=None, even for non-required fields.
* Re-order allow_null and default in field docs
default is prior to allow_null. allow_null implies an outgoing default=None.
* Adjust allow_null note.
* Always exclude read_only fields from _writable_fields
* Remove `read_only` from `CreateOnlyDefault` example.
In this context (without mentioning `save`) now slightly misleading.
Calling dict.keys() is unnecessary. The two are functionally equivalent
on modern Pythons.
Inspired by Lennart Regebro's talk "Prehistoric Patterns in Python" from
PyCon 2017.
https://www.youtube.com/watch?v=V5-JH23Vk0I