Commit Graph

1165 Commits

Author SHA1 Message Date
Carlton Gibson
b2497fc245 Convert openapi.AutoSchema methods to public API. 2020-04-09 20:05:16 +02:00
Carlton Gibson
b1bfff4f1c Revert "Schemas: Improved decimal handling when mapping ChoiceField. (#7264)"
This reverts commit 1872bde462.
2020-04-09 19:35:46 +02:00
Dhaval Mehta
1872bde462
Schemas: Improved decimal handling when mapping ChoiceField. (#7264) 2020-04-09 19:18:00 +02:00
Clinton Blackburn
603aac7db1
Corrected OpenAPI schema type for DecimalField (#7254) 2020-04-09 19:16:17 +02:00
Dhaval Mehta
41f27c3b43
Schemas: Don't generate component for DELETE method. (#7229) 2020-04-09 19:10:50 +02:00
Ryan P Kilby
dd33ebb4e2
Add Request repr (#7239) 2020-03-29 12:01:14 +01:00
Ryan P Kilby
908f91d8ef
Set action for HEAD requests (#7223)
* Test viewset action attr

* Add 'head' to viewset actions map
2020-03-09 09:43:02 +00:00
Tom Christie
4a98533746
Fix - run test_head_request_against_viewset method (#7219) 2020-03-05 13:18:48 +00:00
Tom Christie
73f7bf4941
Extra action detection is too permissive. Add failing test + fix (#7217)
* Add failing test

* Add failing test++

* Make get_extra_action less permissive
2020-03-05 10:18:22 +00:00
Martin Desrumaux
6a23fa0649
OpenAPI: Make operationId camelCase, matching spec examples. (#7208) 2020-03-03 17:51:51 +01:00
Martin Desrumaux
609f708a27
Fix schema generation for ObtainAuthToken view. (#7211) 2020-03-03 13:27:34 +01:00
Martin Desrumaux
8aa8be7653
Implement OpenAPI Components (#7124) 2020-03-02 19:35:27 +01:00
Martin Desrumaux
797518af6d
OpenAPI: Warn user about duplicate operationIds. (#7207) 2020-03-02 16:44:06 +01:00
Martin Desrumaux
5b16a17242
OpenAPI: Allow customizing operation name. (#7190) 2020-03-02 16:40:18 +01:00
Mateusz Legięcki
94a09149b6
OpenAPI: Use 201 status code for POST requests. (#7206) 2020-03-02 16:32:26 +01:00
Dhaval Mehta
2a5c2f3f70
Added OpenAPI tags to schemas. (#7184) 2020-02-28 12:06:03 +01:00
Kevin Kennell
d7b218f5eb
decode base64 credentials as utf8; adjust tests (#7193)
* decode base64 credentials as utf8; adjust tests

* basicauth: add dedicated test for utf8 credentials

* basicauth: add fallback to latin-1 encoding if utf-8 fails
2020-02-17 16:10:52 +00:00
Thorsten
f81ca78642
Add file option to generateschema (#7130) 2020-02-12 20:35:54 +01:00
Thorsten
4137ef41ef
Disable yaml aliases for schema generation. (#7131) 2020-02-03 14:41:47 +01:00
Kentalot
79d37bce4c
OpenAPI: Include type key in schema object properties dict. (#7169) 2020-01-30 12:14:17 +01:00
Dhaval Mehta
bc4d52558b
Schemas: Add mapping of type for ChoiceField. (#7161) 2020-01-29 19:15:56 +01:00
Stella
160f912a60
Schemas: Handle default=false for boolean fields (#7165) 2020-01-29 10:20:51 +01:00
Kevin Brown
f8f8b3a1f1 Adjust test for ListField(IntegerField)
The `maximum` is valid here within the schema but it was not
previously being included because we were not copying over the
entire schema for the generated `IntegerField` previously.
2020-01-21 20:45:07 +01:00
Kevin Brown
b1048984a7 Add failing test for ListField schema generation
The `ListField` was generating a schema that contained `type=None`
when a `ChoiceField` was the child, since we are not currently able
to introspect the type of a `ChoiceField`.
2020-01-21 20:45:07 +01:00
Carlton Gibson
3b88312c33 Call get_schema(), rather than sub-method in schema tests. 2020-01-21 20:05:13 +01:00
Carlton Gibson
d0b9577605 Return valid OpenAPI schema even when empty. 2020-01-21 20:05:13 +01:00
Sebastian Pipping
373e521f36 Make CharField prohibit surrogate characters (#7026) (#7067)
* CharField: Detect and prohibit surrogate characters

* CharField: Cover handling of surrogate characters
2020-01-06 14:12:21 +00:00
Noam
ced37a56cb Avoid outputting callable defaults to schema. (#7105) 2020-01-03 13:49:46 +00:00
Ryan P Kilby
b8c369c4cf Fix serializer multiple inheritance bug (#6980)
* Expand declared filtering tests

- Test declared filter ordering
- Test multiple inheritance

* Fix serializer multiple inheritance bug

* Improve field order test to check for field types
2019-12-12 14:03:55 +00:00
Ryan P Kilby
236667b717 Fix UniqueTogetherValidator with field sources (#7086)
* Add failing tests for unique_together+source

* Fix UniqueTogetherValidator source handling

* Fix read-only+default+source handling

* Update test to use functional serializer

* Test UniqueTogetherValidator error+source
2019-12-12 13:02:30 +00:00
Ryan P Kilby
de9f1d56c4 Followup to set_context removal (#7076)
* Raise framework-specific deprecation warnings

- Use `RemovedInDRF313Warning` instead of DeprecationWarning
- Update to follow deprecation policy

* Pass serializer instead of model to validator

The `UniqueTogetherValidator` may need to access attributes on the
serializer instead of just the model instance. For example, this is
useful for handling field sources.

* Fix framework deprecation warning in test

* Remove outdated validator attribute
2019-12-11 08:44:08 +00:00
Ryan P Kilby
90eaf51839
Update framework deprecation warnings (#7075)
- Bump version numbers for deprecation warnings
- Drop deprecated features
2019-12-04 16:18:38 -08:00
Hasan Ramezani
4d9f9eb192 Changed default widget for TextField with choices to select (#6892) 2019-12-04 12:24:49 -08:00
Tom Christie
070cff5a03
Drop set_context() (#7062)
* Do not persist the context in validators

Fixes encode/django-rest-framework#5760

* Drop set_context() in favour of 'requires_context = True'
2019-12-03 11:16:27 +00:00
Tom Christie
7fbbfe2c60
Django 3 compat (#7058)
* First pass at Django 3.0 compat

* Drop Guardian for 1.11 tests, since we're installing an incompatible version

* Fix ROOT_URLCONF override in test case

* Fix typo

Co-Authored-By: Rémy HUBSCHER <hubscher.remy@gmail.com>

* Linting
2019-11-21 11:55:53 +00:00
Tom Christie
fe840a34ff
Escape hyperlink URLs on lookup (#7059)
* Escape hyperlink URLs on lookup

* Rename duplicate test
2019-11-21 11:38:40 +00:00
Yann Savary
0d3d548aa5 OpenAPI: Fixed generation when title or version not provided. (#6912) 2019-11-06 21:54:12 +01:00
Yann Savary
7c3477dcda OpenAPI: Ported docstring operation description from CoreAPI inspector. (#6898) 2019-11-06 21:52:02 +01:00
Kentalot
becb962160 OpenAPI: Use int64 format for large integers. (#7018) 2019-11-06 21:46:19 +01:00
Dima Knivets
8b06ce72d7 OpenAPI: Map renderers/parsers for request/response media-types. (#6865) 2019-11-06 21:44:51 +01:00
Erwan Rouchet
39bd6cc5cb Set the proper JSON schema type for HStoreFields in OpenAPI schemas (#6914) 2019-10-27 21:13:01 -04:00
Chris Guo
5ee970c090 Fix docs typos (#7015) 2019-10-24 11:31:12 -07:00
Ryan P Kilby
a8c86be660
Update linter requirements (#7010) 2019-10-22 11:18:51 -07:00
Sergey
43397a81ae Fixed decimal snan deserialization (#7002)
* Added test case causes exception in DecimalField deserialization

* Fixed NaN checking which throws exception with sNaN value
2019-10-22 10:06:37 +01:00
Chris Guo
a734e58d44 Fix docs typos (#7006) 2019-10-21 15:11:12 -07:00
Guilherme Munarolo
0fd72f17ee Fixed crash deleting required schema parameter key on PATCH requests. (#6944)
Closes #6941
2019-10-10 08:50:20 +02:00
Konstantinos Tselepakis
30e56f62ba Fix nested write of non-relational fields (#6916) 2019-10-03 09:33:37 -07:00
Yann Savary
e57c1505fc Replaced 'TODO' hardcoded version info by a parameter with default '0.1.0' (#6899) 2019-09-03 16:07:30 +02:00
Peter J. Farrell
b3f032fb8f Fixed #6875 -- Made OpenAPI Schema operationId casing consistent. (#6876) 2019-09-03 16:05:43 +02:00
Dima Knivets
1cc4be47b4 Fixed min/max attributes for serializers.ListField (#6866) 2019-09-03 15:43:54 +02:00
Reupen Shah
f8c16441fa Add support for pagination in OpenAPI response schemas (#6867)
Refs #6846

This provides a way for pagination classes to add pagination properties (`count`, `next`, `results` etc.) to OpenAPI response schemas.

A new method `get_paginated_response_schema()` has been added to `BasePagination`. This method is intended to mirror `get_paginated_response()` (which takes a `list` and wraps it in a `dict`). 

Hence, `get_paginated_response_schema()` takes an unpaginated response schema (of type `array`) and wraps that with a schema object of type `object` containing the relevant properties that the pagination class adds to responses.

The default implementation of `BasePagination.get_paginated_response_schema()` simply passes the schema through unmodified, for backwards compatibility.
2019-09-03 15:25:44 +02:00
Christopher Grebs
5a8736ae45 Handle 'None' return value of wait() properly during throttling. (#6837) 2019-08-12 11:36:05 -07:00
Dima Knivets
a142467586 Fixed incorrect OpenAPI response schema generation for a DELETE method in generic views (#6860) 2019-08-09 15:02:41 +02:00
Chris Vigelius
f7dc6b5656 OpenAPI: Added required description to responses. (#6850) 2019-08-07 22:09:27 +02:00
Chris Vigelius
0ebfbfdf81 OpenAPI: only include non-empty required property. (#6851)
Closes #6834
2019-08-07 21:40:21 +02:00
Reupen Shah
b45ff07294 Use an array type for list view response schemas
This is the first part of #6846.

Previously, the response schema for list views was an object representing a single item. However, list views return a list of items, and hence it should be an array.

Further work will need to be done to support how pagination classes modify list responses.

There should be no change for views not determined to be list views.
2019-08-07 20:40:22 +02:00
Min ho Kim
0e1c5d3132 Fix typos (#6835) 2019-07-25 10:04:01 -07:00
Chris Vigelius
ca727872c8 OpenAPI schemas: Ensure lazy field descriptions are converted to str(). (#6832) 2019-07-25 15:30:20 +02:00
Daniel Alvarez
659375ffe6 Fixed a typo on the ExampleValidatedAPIView
Cherry-picked from #6819
2019-07-24 11:13:30 +02:00
Carlton Gibson
1b66d1b819 Move serializer field introspection tests to correct test case.
From SchemaGenerator tests to Operation Introspection.
2019-07-24 11:13:30 +02:00
Carlton Gibson
e309a4f0b8 Fix OpenAPI path generation with common prefixes.
Closes #6675. Closes #6823.
2019-07-24 11:13:30 +02:00
Carlton Gibson
30a21a98dc Add test for OpenAPI SchemaGenerator url argument. 2019-07-24 11:13:30 +02:00
Carlton Gibson
178a2dc786 Correct OpenAPI test for common prefixes. 2019-07-24 11:13:30 +02:00
Daniel Alvarez
2138f558ce Added mapping of ListField.child type for OpenAPI Schemas. 2019-07-24 11:09:57 +02:00
Aarni Koskela
5c922fb39d JSONEncoder: ensure empty listlikes remain lists, not dicts (#6794) 2019-07-09 11:41:05 +01:00
Ryan P Kilby
bd6a1b3b6c Fix dotted-source field checking on serializer write (#6786)
* Add tests for raise_errors_on_nested_writes

* Fix dotted-source field checking on serializer write

The code was previously checking the validated data for the field's
attribute name, however, the data contain the first source attr.
2019-07-08 11:10:18 +01:00
Ryan P Kilby
976739206c Don't render extra actions when unauthenticated (#6775) 2019-07-04 14:54:16 +01:00
Ryan P Kilby
e4e75f1c7c
Strip null characters from search param (#6774) 2019-07-02 11:33:48 -07:00
Ryan P Kilby
da06240257
Fix ModelField max_length argument (#6773) 2019-07-01 19:14:45 -07:00
Karambir Singh Nain
a7778897ad Fix ArrayField kwargs mapping for blank/allow_empty (#6758)
Postgres ArrayField blank=True should allow empty Lists in Serializer
2019-07-01 17:34:34 -07:00
Reupen Shah
3242adf058 Enforce allow_empty=False during partial validation of parent serializer (#6512)
Refs #6509

This enforces allow_empty=True when a ListSerializer is a child of another serializer and partial validation is being performed on the parent serializer.

This is because partial validation should allow fields to be omitted, but should not cause values that are invalid without partial validation to become valid.

This effectively reverts #4222. None of the tests added in that PR fail if the associated change is removed, so I‘m not sure what that PR was trying to fix.
2019-07-01 13:30:16 +01:00
Michael
79b2350b54 [fields] Format error message only if params exist (#6624)
This prevents exceptions when the error message contains `%`, but is
not intended for formatting.  Django itself does the same:
6866c91b63/django/core/exceptions.py (L168-L169)

Fixes encode/django-rest-framework#6622
2019-07-01 13:28:16 +01:00
Ryan P Kilby
7179ea9984 Raise exception when field source is a built-in (#6766) 2019-07-01 13:25:47 +01:00
Ryan P Kilby
91ea138406 Allow redundant SerializerMethodField method names (#6767) 2019-07-01 13:22:03 +01:00
Ryan P Kilby
c04d6eac43
Update pytest (#6768)
* Update pytest to 5.x

* Ensure test de-monkeypatches auth on failure

* Fix pytest.raises compat issue
2019-06-30 19:08:52 -07:00
Kryštof Řeháček
6a95451d72 Fixes #6751 - ModelSerializer fields does not get updated correctly when signals are connected to some fields (#6752)
* fixes #6751

* reverted condition

* save instance before setting m2m fields

* added comment why m2m fields are saved after instance

* removed blank line

* added test for the issue 6751
2019-06-22 09:14:15 +01:00
Alan Crosswell
819c46ea80 Add --generator_class CLI option to generateschema (#6735)
* add --generator_class CLI option to generateschema
* Add test for generateschema —generator_class flag.
2019-06-09 14:43:54 +02:00
Alan Crosswell
2d65f82dd7 Generate OpenAPI schema field types from validators. (#6674) 2019-06-09 14:42:56 +02:00
Alan Crosswell
a63860fc8b Corrected openapi.SchemaGenerator path prefixes. (#6724) 2019-06-09 14:29:55 +02:00
Hasan Ramezani
60bcc93202 Remove duplicate test in tests/test_utils.py (#6736) 2019-06-07 14:45:34 +01:00
Ran Benita
c2293e9f25 Improve performance of lazy validation message formatting (#6709) 2019-05-29 11:32:03 -07:00
Rodolfo Carvalho
62ed1f8270 Use yaml.safe_load instead of load (#6719)
Use of PyYAML's yaml.load function without specifying the Loader
parameter has been deprecated, see https://msg.pyyaml.org/load.

Earlier versions of PyYAML already had the alternative safe_load
function, which limits the loader to a subset of YAML constructs, that
is enough for what we need here.

Fixes #6677
2019-05-29 09:51:24 -07:00
Raffaele Salmaso
514033815d Allow JSONField encoder customization. (#6713) 2019-05-24 12:47:35 +01:00
Mathieu Pillard
afb678433b Always call all throttling classes on the view when checking throttles (#6711) 2019-05-23 14:42:29 +01:00
Ryan P Kilby
19ca86d8d6
Fix lazy translation of ListField errors (#6708)
* Test init for fields w/ lazy translations
* Fix lazy translations for ListField
2019-05-22 19:41:53 -07:00
Ryan P Kilby
db37512a6e
Remove 3.10 deprecations (#6687)
* Remove DjangoObjectPermissionsFilter
* Remove detail_route/list_route
* Bump deprecation warning versions
2019-05-21 10:36:55 -07:00
Ran Benita
ccd9b71c0a Don't cache _readable_fields and _writable_fields (#6689)
It might be useful for a serializer with many many fields which uses
read_only and write_only on a large percentage of the fields. But the
memory usage and statefulness it adds are not worth it for the common
case.
2019-05-21 15:45:31 +01:00
Ryan P Kilby
1b8141a4aa
Fix nullable source='*' fields (#6659) 2019-05-20 14:58:02 -07:00
Joachim Jablon
43a9cc1b7a Fix CursorPagination when objects get deleted between calls (#6504) (#6593)
* Added regression tests (#6504)

Co-Authored-By: Tom Quinonero <tq@3yourmind.com>

* Fix CursorPagination when objects get deleted between calls (#6504)

Co-Authored-By: Tom Quinonero <tq@3yourmind.com>
2019-05-20 14:41:31 +01:00
Carlton Gibson
37f210a455
Added OpenAPI Schema Generation. (#6532)
Co-authored-by: Lucidiot <lucidiot@protonmail.com>
Co-authored-by: dongfangtianyu <dongfangtianyu@qq.com>
2019-05-13 16:07:03 +02:00
gaetano-guerriero
a7c577cb31 Dict field allow empty (#6583)
* dict field: support allow_empty option

* document ListField allow_empty option

* document HStoreField allow_empty parameter
2019-05-09 09:18:20 +01:00
Jorrit
3a21b390ff
Fix test with STRICT_JSON setting
Test is not overriding the intended setting, should be nested inside settings.REST_FRAMEWORK
2019-05-08 16:48:45 +02:00
Asif Saif Uddin
50a24d6d7f Drop Python 3.4 support (#6620) 2019-05-06 11:35:58 -07:00
Jon Dufresne
f669395dd8 Fix BytesWarning in test_schemas.py (#6638) 2019-05-01 16:47:01 -07:00
Jon Dufresne
5e1619bc9e Remove unnecessary assignments immediately before a return statement (#6619)
Cleans up the pattern:

    ...
    myvar = <expression>
    return myvar

To:

    ...
    return <expression>
2019-05-01 07:51:54 +02:00
Jon Dufresne
3f19e66d9f Replace all usage ugettext functions with the non-u versions (#6634)
On Python 3, the ugettext functions are a simple aliases of their non-u
counterparts (the 'u' represents Python 2 unicode type). Starting with
Django 3.0, the u versions will be deprecated.

https://docs.djangoproject.com/en/dev/releases/3.0/#id2

> django.utils.translation.ugettext(), ugettext_lazy(), ugettext_noop(),
> ungettext(), and ungettext_lazy() are deprecated in favor of the
> functions that they’re aliases for:
> django.utils.translation.gettext(), gettext_lazy(), gettext_noop(),
> ngettext(), and ngettext_lazy().
2019-05-01 07:49:54 +02:00
Jon Dufresne
513a49d63b Drop default 'utf-8' to .encode()/.decode() (#6633)
A Python 3 cleanup that allows for less noise in the code.

https://docs.python.org/3/library/stdtypes.html#bytes.decode
https://docs.python.org/3/library/stdtypes.html#str.encode
2019-05-01 07:49:16 +02:00
Jon Dufresne
734ca7ca8c Remove unneeded repo() test (#6632) 2019-05-01 07:46:30 +02:00
Jon Dufresne
b4e80ac721 Remove unnecessary coerce to str() in test_decorators.py (#6637)
Was added only for Python 2 compatibility.
2019-05-01 07:45:16 +02:00
Jon Dufresne
ff86f09f74 Remove unnecessary compatibility shims from rest_framework/compat.py (#6631)
For Python 3, collections.abc.Mapping and collections.abc.MutableMapping
are always available from the stdlib.
2019-05-01 07:44:33 +02:00
Carlton Gibson
0407a0df8a
Dropped Python 2 compatibility. (#6615)
Thanks to Jon Dufresne (@jdufresne) for review.

Co-authored-by: Asif Saif Uddin <auvipy@gmail.com>
Co-authored-by: Rizwan Mansuri <Rizwan@webbyfox.com>
2019-04-30 17:53:44 +02:00
Jon Dufresne
1a0a8dde00 Correct misspelled module 'typing' (#6616)
https://docs.python.org/3/library/typing.html
2019-04-30 09:44:01 +01:00
Asif Saif Uddin
29cbe574a3 Fix DeprecationWarning in tests (#6551) 2019-04-05 14:27:07 -07:00
Turfa Auliarachman
d784e42207 Fix basename deprecation warnings in tests (#6529) 2019-03-25 10:42:27 -07:00
Kevin Brown
86c72bb226 Fix schema generation of ManyRelatedField to detect the child type (#6489)
* Introspect ManyRelatedField data type recursively

For all `ManyRelatedField` objects, we were assuming that the inner type was always a `String`. While this may be true for the default output, a `ManyRelatedField` is a wrapper for a lot of other classes which includes more than just strings. This should allow us to document lists of things other than strings.

* Added test for schemas for many-to-many fields

This adds a test that makes sure we generate the schema for a many-to-many field such that it actually has the right type. For some reason we did not previously have any tests for schema generation that included them, so hopefully this will prevent any future issues from popping up.

This should serve as a regression test for the `items` field on to-many relationships, which was previously forced to a `String` even though in most cases it is a different inner type within the array.
2019-03-07 11:26:03 +01:00
Jon Dufresne
9d06e43d05 Replace type('') with six.text_type (#6482)
As all source files import unicode_literals, type('') is always
equivalent to six.text_type (str on Python 3 and unicode on Python 2).
Removes the need to call type(), is more explicit, and will be easier to
catch places to change for when it is time to eventually drop Python 2.
2019-03-05 12:11:46 +01:00
Carlton Gibson
94593b3a50
Introduce RemovedInDRF…Warning classes to simplify deprecations. (#6480)
Closes #6290.
2019-03-03 09:20:45 +01:00
Andrzej Górski
317174b163 Avoided calling distinct on annotated fields in SearchFilter. (#6240)
Fixes #6094
2019-02-25 16:59:25 +01:00
Adrien Brunet
2daf6f1341 Add negation ~ operator to permissions composition (#6361) 2019-02-25 15:33:40 +01:00
Xtreak
739b0a272a Fix DeprecationWarning in tests when accessing collections.abc classes via collections (#6473) 2019-02-25 15:22:45 +01:00
Frédéric Massart
94fbfcb6fd Added lazy evaluation to composed permissions. (#6463)
Refs #6402.
2019-02-25 13:47:02 +01:00
Carlton Gibson
8a29c53226 Allowed Q objects in limit_choices_to introspection. (#6472)
Closes #6470.
2019-02-25 10:49:29 +00:00
Allan Reyes
d110454d4c Added SearchFilter.get_search_fields() hook. (#6279) 2019-02-19 17:18:14 +01:00
Si Feng
1ece516d2d Adjusted field validators to accept iterables. (#6282)
Closes 6280.
2019-02-19 16:38:20 +01:00
jeffrey k eliasen
eb3180173e Made templates compatible with session-based CSRF. (#6207) 2019-02-19 12:15:03 +01:00
kuter
e8b4bb1471 Added tests for generateschema management command. (#6442) 2019-02-14 17:51:10 +01:00
Carlton Gibson
59fcbc6dd5 Add migration for generic relations Tag model. 2019-02-14 15:57:20 +01:00
Carlton Gibson
481ae69df3 Add migration for CustomToken test model.
Move authentication tests to sub-app to enable this.
2019-02-14 15:57:20 +01:00
Carlton Gibson
cb4cbb61f2 Fix search filter tests against Django 2.2.
Django 2.2 enables foreign key constraint checking on SQLite.
2019-02-14 15:57:20 +01:00
Carlton Gibson
bd9a799e16
Fixed SchemaView to reset renderer on exception. (#6429)
Fixes #6258.
2019-01-31 15:28:01 +01:00
Carlton Gibson
f54a220d8f
Corrected coreapi CLI code example generation. (#6428)
Remove “> “ when rendering template.
Closes #6333.
2019-01-31 11:36:40 +01:00
Sébastien Diemer
822b85ac36 routers: invalidate _urls cache on register (#6407)
see https://github.com/encode/django-rest-framework/issues/5660

Trying to register new routes on a router after having accessed the
router `urls` attribute leads to surprising results.
The route is added without error to the router's `registry` but the urls
are not updated, because they are cached in `_urls`.
This commit invalidates the cache after each new registration.
2019-01-17 13:07:57 +00:00
Yury V. Zaytsev
4bb9a3c484 Fix XSS caused by disabled autoescaping in the default DRF Browsable API view templates (#6330)
* Add test that verifies that HTML is correctly escaped in Browsable API views

* Fix `urlize_quoted_links` tag to avoid double escaping in autoescape mode

* Fix XSS in default DRF Browsable API template by re-enabling autoescape
2019-01-16 12:36:25 +00:00
Adrien Brunet
e3bd4b9048 Fix #1811: take limit_choices_to into account with FK (#6371)
* Fix issue1811: take limit_choices_to into account with FK

* Issue 1811: Add tests to illustrate issue

* Filter queryset only if limit_choices_to exists

* Move test_relations_with_limited_querysets file within test_relations_pk

* move limit_choices_to logic from relations.py to utils/field_mapping.py

* move limit_choices_to above other check to avoid conflicts
2019-01-08 13:49:47 +00:00
Carlton Gibson
587058e3c2 Allow run_validators() to handle non-dict types. (#6365)
Fixes #6053.

Original test case thanks to Vincent Delaitre in #6242.
2019-01-08 11:39:30 +00:00
Alf
963ce306f3 Added "allow_unicode" to generated kwargs for ModelSerializer SlugField (#6315) 2018-12-19 15:37:52 +01:00
Xavier Ordoquy
74574217a4 Fix composable permissions
In some cases we end with an operation between two `OperandHolder`.
This didn't work as it didn't knew how to deal with | or &
This fixes by adding those operations.
2018-11-27 15:29:44 +01:00
Mark Davidoff
1f13b6f6b2 use actual user instead of fake user in permission composition test 2018-10-29 10:45:40 -07:00
Mark Davidoff
fc08e0189f
update tests to reflect that django now returns a callable for is_authenticated 2018-10-29 08:26:20 -07:00
Tom Christie
2c9c0f1b7f
Version 3.9 (#6247)
* Release notes to 5174a26ec9

* Update version for v3.9.0

* Removed exclude_from_schema per deprecation policy.

* Updated list_route() and detail_route() deprecations.

* Weakened to PendingDeprecationWarning for `base_name`

cc @rpkilby.

* Add (beginning of) 3.9 release announcement.

@tomchristie: Input on OpenAPI and What’s Next very welcome! :)

* Add announcement section for Extra Actions in Browsable API

* Update release notes and add deprecation note for Django Guardian backend.

* Add release note for #6073

* Add release notes to dd19a44583

* Adding release notes

* Update 3.9 announcement

* Add Oct 18 release date
2018-10-18 10:38:46 +01:00
Dennis Kliban
dd19a44583 Problem: autoescape not getting passed to urlize_quoted_links filter (#6191)
Solution: set needs_autoescape=True when registering the filter

Without this patch, the disabling autoescape in the template does not work.
2018-10-10 10:36:04 +02:00
Daniel Bate
5feb835929 Feature/action docs sections (#6060)
* added ability to add sections to custom action documentation

* added tests to cover docs sections in custom actions

* added method specific docs test for action mapping

* added docs for custom action documentation
2018-10-10 10:29:29 +02:00
Xavier Ordoquy
b41a6cfa38 permissions: Allow permissions to be composed (#5753)
* permissions: Allow permissions to be composed

Implement a system to compose permissions with and / or.
This is performed by returning an `OperationHolder` instance that keeps the
permission classes and type of composition (and / or).
When called it will return a AND/OR instance that will then delegate the
permission check to the operands.

* permissions: Add documentation about composed permissions

* Fix documentation typo in permissions
2018-10-03 15:36:24 +01:00
Jerome Leclanche
0eb2dc1137 Prohibit null characters in CharField by default (#6073)
* Implement an allow_null_bytes argument to CharField (default True)
* Switch to using native ProhibitNullCharactersValidator instead
2018-10-02 16:54:15 +02:00
Ryan P Kilby
66183389f6 Deprecate DjangoObjectPermissionsFilter (#6075) 2018-10-02 16:34:25 +02:00
Ryan P Kilby
903204cd79 Fix action support for ViewSet suffixes (#6081)
* Add suffix support for actions

Removes the newly introduced `action.name` in favor of leveraging the
View's `.get_view_name()` method, which supports both name and suffix.

* Fix view description func docstrings

* Test action decorator name & suffix kwargs

* Adjust 'extra action' docs
2018-10-02 16:22:21 +02:00
Ryan P Kilby
fc6cbb5b26 Allow nullable BooleanField in Django 2.1 (#6183)
* Add tests for BooleanField when nullable

* Allow nullable BooleanField in Django 2.1

* Drop 'BooleanField.allow_null' check

* Remove conflicting false/null values
2018-09-13 17:25:03 +01:00
Ryan P Kilby
7f77340b33
Add Python 3.7 support (#6141) 2018-09-10 21:44:23 -07:00
Jon Dufresne
4d57d46bf8 Prefer io.BytesIO over six; available on all supported Pythons (#6168)
On all supported Pythons, the io.BytesIO is always a stream
implementation using an in-memory bytes buffer.

Makes code slightly more forward compatible by reducing use of the six
module and promotes more forward compatible practices in the docs.
2018-09-09 11:53:41 +01:00
Craig de Stigter
81fa4b4f75 Fix CSRF cookie check failure when using session auth with django 1.11.6+ (#6113)
Test included. Fixes #6088
2018-08-07 08:18:56 +01:00
Oleg
2fab7838ef Improve ModelSerializer.create() error message. (#6112) 2018-08-06 20:11:55 +02:00
Oleg
8b5e830bce Handle models without .objects manager in ModelSerializer. (#6111)
* Handle models without .objects manager in ModelSerializer.

* Improvements according to review comments.
2018-08-06 14:30:43 +02:00
Ryan P Kilby
33f8910b26
Fix deprecation warnings in tests (#6076)
* Fix deprecated arguments in schema tests

* Update optional reqs, fixing markdown deprecation
2018-07-09 23:56:52 -04:00
Ryan P Kilby
38b3d0109b Only catch TypeError/ValueError for object lookups (#6028)
* Only catch TypeError/ValueError for object lookups

* Test wrapped TypeError/ValueError handling

* Raise NotImplementedError in tests instead of pass
2018-07-06 12:18:17 +02:00
Ryan P Kilby
a628a2dbce Drop Django 1.10 support (#5657)
* Remove Django 1.10 from CI

* Remove Django 1.10 compat code
2018-07-06 12:14:31 +02:00
Ryan P Kilby
9b8af04e7f Move guardian imports out of compat (#6054) 2018-07-06 11:32:02 +02:00
Ryan P Kilby
7095021db7 Rename base_name => basename for consistency's sake (#5990)
* Rename base_name => basename for consistency

* Update tests to use basename
2018-07-06 11:03:12 +02:00
Ryan P Kilby
f89cc066bc Admin renderer urls (#5988)
* Make admin detail link have small width

* Disable admin detail link when no URL

* Add 'AdminRenderer.get_result_url'

Attempts to reverse the result's detail view URL.
2018-07-06 10:58:26 +02:00
Daniel Hahler
3578bd6883 get_error_detail: use error_dict/error_list (#5785) 2018-07-06 10:44:58 +02:00
Ryan P Kilby
6511b52cca Fix schemas for extra actions (#5992)
* Add failing test for extra action schemas

* Add ViewInspector setter to store instances

* Fix schema disabling for extra actions

* Add docs note about disabling schemas for actions
2018-07-06 10:35:36 +02:00
Ryan P Kilby
0148a9f8da Improvements to ViewSet extra actions (#5605)
* View suffix already set by initializer

* Add 'name' and 'description' attributes to ViewSet

ViewSets may now provide their `name` and `description` attributes
directly, instead of relying on view introspection to derive them.
These attributes may also be provided with the view's initkwargs.

The ViewSet `name` and `suffix` initkwargs are mutually exclusive.

The `action` decorator now provides the `name` and `description` to
the view's initkwargs. By default, these values are derived from the
method name and its docstring. The `name` may be overridden by providing
it as an argument to the decorator.

The `get_view_name` and `get_view_description` hooks now provide the
view instance to the handler, instead of the view class. The default
implementations of these handlers now respect the `name`/`description`.

* Add 'extra actions' to ViewSet & browsable APIs

* Update simple router tests

Removed old test logic around link/action decorators from `v2.3`. Also
simplified the test by making the results explicit instead of computed.

* Add method mapping to ViewSet actions

* Document extra action method mapping
2018-07-06 10:33:10 +02:00
Daniel Hahler
56967dbd90 Fix upload parser test (#6044) 2018-07-05 23:52:32 -04:00
Ryan P Kilby
0e10d32fb1
Add NotImplementedError to coverage exclusion (#6057) 2018-06-24 17:56:31 -04:00
Ryan P Kilby
c5ab65923f
tests/test_permissions.py: do not add view perm for dj21 (#6055) 2018-06-23 07:31:06 -04:00
Ryan P Kilby
1a170438d2 Add "optionals not required" build (#6047) 2018-06-22 10:16:57 +02:00
Daniel Hahler
a44cb67988 tests: fix usage of transaction.non_atomic_requests (#6043) 2018-06-21 14:44:58 -04:00
Craig de Stigter
9629886915 Fixed AttributeError from items filter when value is None (#5981) 2018-05-11 08:50:08 +02:00
Daniel Hahler
275c157341 tests: remove some dead code, use assert 0 for never called methods (#5973)
* tests: remove some dead code, use `assert 0` for never called methods

* fixup! tests: remove some dead code, use `assert 0` for never called methods
2018-05-08 13:28:46 +01:00
Daniel Hahler
fca39f9dbb tests: fix test_write_only_fields not being executed (#5971)
This adds the required `test_` prefix.
2018-05-08 09:27:35 +01:00
Daniel Hahler
e79610af3a tests: fix skipping with TestPosgresFieldsMapping (#5965)
`pytest.mark.skipUnless` does not exist, it was confused with
`unittest.skipUnless` probably.
2018-05-03 13:31:46 +01:00
Ryan O’Hara
a11938ce96 Fixed instance being overwritten in pk-only optimization try/except block (#5747) 2018-04-24 16:15:38 +02:00
Noam
7268643b25 min_value/max_value support in DurationField (#5643)
* Added min_value/max_value field arguments to DurationField.
* Made field mapping use mix/max kwargs for DurationField validators.
2018-04-24 09:24:05 +02:00
Sascha P
7d64b7016d Removed input value from deault_error_message (#5881) 2018-04-20 16:00:27 +02:00
Jimmy Merrild Krag
5ee0e5df83 Correct schema parsing for JSONField (#5878)
Fixes #5873.
* Use Object type. 
* Add test for field_to_schema
2018-04-20 15:47:20 +02:00
Craig Anderson
2ebd479759 Allow hashing of ErrorDetail to fix #5919 (#5932) 2018-04-20 15:32:37 +02:00
Christian Kreuzberger
f148e4e259 Ensure that html forms (multipart form data) respect optional fields (#5927) 2018-04-20 15:11:52 +02:00
Ryan P Kilby
7078afa42c Change ISO 8601 date format to exclude year/month (#5936) 2018-04-14 05:23:31 +01:00
Carlton Gibson
42eb5a4342
Fix read_only + default unique_together validation. (#5922)
* Add test for read_only + default unique_together validation.
* Fix read_only + default validation
2018-04-06 15:20:54 +02:00
gsvr
32caca4dd3 Import coreapi from rest_framework.compat, not directly. (#5921) 2018-04-05 15:07:49 +02:00
Ryan P Kilby
cba426b34c Use old url_name behavior in route decorators (#5915)
* Wrap action decorator for old url_name behavior
2018-04-04 20:50:42 +02:00
Carlton Gibson
fc588f539b
Version 3.8 Release (#5769) 2018-04-03 15:35:26 +02:00
Carlton Gibson
1befab795a
Added generic 500 and 400 JSON error handlers. (#5904)
* Added generic 500 and 400 JSON error handlers.
* Docs for generic error views.
2018-04-03 09:16:36 +02:00
Craig de Stigter
a5072778e9 Don't show hidden fields in metadata (#5854)
HiddenField is meant to be hidden, but we discovered it showing up in OPTIONS requests
2018-03-23 22:47:10 +00:00
George-Cristian Bîrzan
85c588b0c1 #5848 Allow traversing nullable related fields (#5849) 2018-03-20 22:02:22 +01:00
Carlton Gibson
6c0c69ed65
Correct allow_null behaviour when required=False (#5888)
* Revert "Non-required fields with 'allow_null=True' should not imply a default value (#5639)"
    This reverts commit 905a5579df.
    Closes #5708

* Add test for allow_null + required=False
    Ref #5708: allow_null should imply default=None, even for non-required fields.

* Re-order allow_null and default in field docs
    default is prior to allow_null. allow_null implies an outgoing default=None.

* Adjust allow_null note.
2018-03-20 21:24:39 +01:00
Carlton Gibson
c2b24f83a3
Alter read_only+default behaviour (#5886)
* Always exclude read_only fields from _writable_fields

* Remove `read_only` from `CreateOnlyDefault` example.
      In this context (without mentioning `save`) now slightly misleading.
2018-03-20 21:09:31 +01:00
Carlton Gibson
247cf096d4
Test using model objects for dotted source default (#5880)
… when path components may be null.

Ref #5375, #5727
2018-03-16 14:51:37 +01:00
gthieleb
9e08a7cbec Fixed schema for UUIDField in SimpleMetadata. (#5872)
* fix schema for UUIDField

* Add unit test for d4c8f2db
2018-03-13 15:49:15 +01:00
Chandrakant Gopalan
20f1203aac
Add admin to installed apps to avoid test failures.
The tests look for the "admin" app in the list of apps. If not present, running `runtests.py` gives the following error:
```
LookupError: No installed app with label 'admin'.
```
Adding admin to `INSTALLED_APPS` fixes it.
2018-03-09 13:04:15 -05:00
Carlton Gibson
e34fd995cd
Made TemplateHTMLRenderer render IntegerField inputs when value is 0. (#5834)
* Fix 0 value IntegerField in TemplateHTMLRenderer

Signed-off-by: Nikhil Sheoran <nikhilsheoran96@gmail.com>

* Remove unnecessary `field.value != “”` check

* Adjust test case

Uses `vertical` templates only.
2018-02-16 16:48:20 +01:00
Carlton Gibson
da535d31dd
Fixed active timezone handling for non ISO8601 datetimes. (#5833)
* Add failing test for to_representation with explicit default timezone

See discussion here:
    https://github.com/encode/django-rest-framework/pull/5435#issuecomment-364054509

* Always run enforce_timezone
2018-02-16 16:47:49 +01:00
Daniel Hahler
2854679f56 Upgrade isort (#5817)
* Fix isort

* runtests: add --diff to ISORT_ARGS

* requirements-codestyle: bump isort to 4.3.3

* isort: move config to setup.cfg
2018-02-14 20:12:14 +00:00
Ryan P Kilby
c456b3c510 Fix request formdata handling (#5800)
* Rename 'wsgi' request test to more accurate 'http'

* Test duplicate request stream parsing

* Fix setting post/files on the underlying request
2018-02-05 16:24:13 +01:00
Jeremy Lainé
a8d129b7da Represent serializer DictField as an Object in schema
DictFields were incorrectly being output as String in the schema.
This pull request outputs an Object instead and adds a unit test.

Update s/detail_route/action/ after rebase
2018-02-01 16:23:24 +01:00
Jeremy Lainé
27f32faee4 Fix schema generation for PrimaryKeyRelatedField (#5764)
By default all subclasses of RelatedField are output as string fields in
the schema, which works well for StringRelatedField, SlugRelatedField or
HyperlinkedRelatedField.

Handle the common case of a PrimaryKeyRelatedField pointing to an
AutoField.
2018-02-01 16:14:35 +01:00
Daniel Hahler
769bc1336f ErrorDetail: add __eq__/__ne__ and __repr__ (#5787)
This adds `__eq__` to handle `code` in comparisons.

When comparing an ErrorDetail to a string (missing `code` there) the
ErrorDetail's `code` is ignored, but otherwise it is taken into account.
2018-01-30 08:45:09 +01:00
Ryan P Kilby
73203e6b59 Rework dynamic list/detail actions (#5705)
* Merge list/detail route decorators into 'action'

* Merge dynamic routes, add 'detail' attribute

* Add 'ViewSet.get_extra_actions()'

* Refactor dynamic route checking & collection

* Refactor dynamic route generation

* Add 'ViewSet.detail' initkwarg

* Fixup schema test

* Add release notes for dynamic action changes

* Replace list/detail route decorators in tests

* Convert tabs to spaces in router docs

* Update docs

* Make 'detail' a required argument of 'action'

* Improve router docs
2018-01-25 09:40:49 +01:00
Ryan P Kilby
2709de1310 Add HStoreField, postgres fields tests (#5654)
* Test postgres field mapping

* Add HStoreField

* Ensure 'HStoreField' child is a 'CharField'

* Add HStoreField docs
2018-01-15 15:52:30 +01:00
Jon Dufresne
ffe3dbb1b1 Perfer iter(dict) over iter(dict.keys()) (#5736)
Calling dict.keys() is unnecessary. The two are functionally equivalent
on modern Pythons.

Inspired by Lennart Regebro's talk "Prehistoric Patterns in Python" from
PyCon 2017.

https://www.youtube.com/watch?v=V5-JH23Vk0I
2018-01-08 09:49:46 +00:00
Jon Dufresne
06e2ad0b7d Remove unused compat._resolve_model() (#5733)
Last use removed in c674687782.
2018-01-08 09:19:08 +00:00
Ryan P Kilby
68519c092f Test staticfiles (#5701)
* Remove 'MIDDLEWARE_CLASSES' compat setting

* Remove 'django.setup()' compat import

* Move '--no-pkgroot' handling to conftest

* Add staticfiles handling to dist build
2018-01-02 11:35:56 +01:00
Ryan P Kilby
351503907c Add exception translation test (#5700) 2018-01-02 11:28:45 +01:00
Ryan P Kilby
b65967711c Formalize URLPatternsTestCase (#5703)
* Add formalized URLPatternsTestCase

* Update versioning tests w/ new URLPatternsTestCase

* Cleanup router tests urlpatterns

* Add docs for URLPatternsTestCase
2018-01-02 11:14:25 +01:00
Ryan P Kilby
6bd773e7f8 Improve composite field child errors (#5655)
* Fixup DictField test descriptions

* Nest ListField/DictField errors under the idx/key

* Add nested ListField/DictField tests
2018-01-02 10:45:59 +01:00
Cristi Vîjdea
6de12e574e Fix format_suffix_patterns behavior with Django 2 path() routes (#5691)
* Add failing test for #5672

* Add get_original_route to complement get_regex_pattern

* [WIP] Fix path handling

* needs more tests
* maybe needs some refactoring

* Add django 2 variant for all tests and fix trailing slash bug

* Add more combinations to mixed path test
2017-12-20 13:17:54 +01:00
Tilmann Becker
d38b94fd74 Fix URL pattern parsing in schema generation (#5689)
* Fix url parsing in schema generation

- Call `str(pattern)` to get non-escaped route
- Strip converters from path to comply with uritemplate format. 
   Background: https://github.com/encode/django-rest-framework/issues/5675#issuecomment-352829363

Fixes #5675
2017-12-20 09:10:28 +01:00
Carlton Gibson
791539acec
Add DEFAULT_SCHEMA_CLASS setting (#5658)
* Add test for new setting

* Add DefaultSchema utility

* Add new setting to docs
2017-12-14 11:24:21 +01:00
Carlton Gibson
4a200d5e66
Fix override_settings compat (#5668)
* Add test checking override_settings compat

* Refresh APISettings, rather than replace

Fix suggested by @daggaz https://github.com/encode/django-rest-framework/issues/2466#issuecomment-344297213
2017-12-14 10:33:48 +01:00
Ryan P Kilby
7855d3bd8b Add '.basename' and '.reverse_action()' to ViewSet (#5648)
* Router sets 'basename' on ViewSet

* Add 'ViewSet.reverse_action()' method

* Test router setting initkwargs
2017-12-04 11:55:49 +01:00
Carlton Gibson
a0cdba6277
Extract method for manual_fields processing (#5633)
* Extract method for `manual_fields` processing

Allows reuse of logic to replace Field instances in a field list by `Field.name`.

Adds a utility function for the logic plus a wrapper method on `AutoSchema`.

Closes #5632

* Manual fields suggestions (#2)

* Use OrderedDict in inspectors

* Move empty check to 'update_fields()'

* Make 'update_fields()' an AutoSchema staticmethod

* Add 'AutoSchema.get_manual_fields()'

* Conform '.get_manual_fields()' to other methods

* Add test for update_fields

* Make sure `manual_fields` is a list.

(As documented to be)

* Add docs for new AutoSchema methods.

* `get_manual_fields`
* `update_fields`

* Add release notes for PR.
2017-12-04 09:07:43 +01:00