Commit Graph

8833 Commits

Author SHA1 Message Date
juspence
cc3c89a11c
Remove a bit of inline CSS. Add CSP nonce where it might be required and is available. (#8783)
Co-authored-by: Craig Anderson <craiga@craiga.id.au>
2022-12-02 11:47:04 +06:00
Tom Christie
a02bb79d87
Update admin.py (#8534)
Use `autocomplete_fields` to keep the select user field manageable.
2022-12-02 11:40:15 +06:00
Floris Hoogenboom
614bd87b60
Fix bug in validators documentation (#8779)
Function validators seem to have to return their value (which will become part of `validated_data`) as part of their signature.
2022-12-01 22:13:14 +06:00
juspence
1ae812ea20
Make browsable API compatbile with strong CSP (#8784)
Co-authored-by: Alexander Bliskovsky <abliskovsky@fusionbox.com>
2022-11-29 20:49:41 +00:00
Luka Jeran
6ec6ddea9b
Avoid inline script execution for injecting CSRF token (#7016)
Scripts with type="application/json" or "text/plain" are not executed, so we can
use them to inject dynamic CSRF data, without allowing inline-script execution
in Content-Security-Policy.
2022-11-29 16:10:32 +00:00
T. Franzel
f0095b4de2
Remove Core API mentions from docs (#8780)
* remove coreapi generator mentions & hidden docs

* remove coreapi doc & redirect broken links to github snapshot
2022-11-28 14:41:08 +01:00
T. Franzel
5435b2c9f0
mitigate global dependency on inflection #8017 (#8781) 2022-11-28 09:11:10 +06:00
Thomas Irgang
3bf611787a
Register Django urls (#8778)
Without adding the URLs manually, the users and groups APIs were not usable.

My env:
(venv) ➜  tutorial pip freeze
asgiref==3.5.2
astroid==2.12.13
autopep8==2.0.0
dill==0.3.6
Django==4.1.3
djangorestframework==3.14.0
isort==5.10.1
lazy-object-proxy==1.8.0
mccabe==0.7.0
platformdirs==2.5.4
pycodestyle==2.10.0
pylint==2.15.6
pylint-django==2.5.3
pylint-plugin-utils==0.7
pytz==2022.6
sqlparse==0.4.3
tomli==2.0.1
tomlkit==0.11.6
wrapt==1.14.1
2022-11-27 18:53:48 +06:00
Giebisch
4ef0fc1ca0
Implemented Verbose Name Translation for TokenProxy (#8713) 2022-11-27 16:45:54 +06:00
Peter Thomassen
52f4139674
Properly handle OverflowError in DurationField deserialization (#8042)
Related: https://github.com/django/django/pull/8870/files
2022-11-24 17:27:45 +06:00
Shinya Ohyanagi
9e328a9549
Fix OpenAPI operation name plural appropriately (#8017) 2022-11-24 13:48:05 +06:00
hashlash
ebde56b932
Represent SafeString as plain string on schema rendering. (#8429)
* Use SafeString.represent_str to represent SafeString as str

* Add SafeString yaml rendering test
2022-11-23 20:42:06 +06:00
Denny Biasiolli
c0d95cb967
Fix #8771 - Checking for authentication even if _ignore_model_permissions = True (#8772) 2022-11-22 20:21:16 +06:00
T. Franzel
b87699c034
Update schema generation doc & add deprecation notice #8453 (#8773)
* Update schema generation doc & add deprecation notice #8453

* Update docs/topics/documenting-your-api.md

Co-authored-by: Tom Christie <tom@tomchristie.com>

* Update docs/topics/documenting-your-api.md

Co-authored-by: Tom Christie <tom@tomchristie.com>

* Update docs/topics/documenting-your-api.md

Co-authored-by: Tom Christie <tom@tomchristie.com>

Co-authored-by: T. Franzel <13507857+tfranzel@users.noreply.github.com>
Co-authored-by: Asif Saif Uddin <auvipy@gmail.com>
Co-authored-by: Tom Christie <tom@tomchristie.com>
2022-11-22 19:53:54 +06:00
Géry Ogam
fd7d3a7b92
Update 6-viewsets-and-routers.md (#8590)
* Update 6-viewsets-and-routers.md

* Update docs/tutorial/6-viewsets-and-routers.md

* Update docs/tutorial/6-viewsets-and-routers.md

* Update docs/tutorial/6-viewsets-and-routers.md

* Update docs/tutorial/6-viewsets-and-routers.md

* Update docs/tutorial/6-viewsets-and-routers.md

* Update docs/tutorial/6-viewsets-and-routers.md

* Update docs/tutorial/6-viewsets-and-routers.md

* Update docs/tutorial/6-viewsets-and-routers.md

* Update docs/tutorial/6-viewsets-and-routers.md

* Update docs/tutorial/6-viewsets-and-routers.md

* Update docs/tutorial/6-viewsets-and-routers.md

* Update docs/tutorial/6-viewsets-and-routers.md

Co-authored-by: Asif Saif Uddin <auvipy@gmail.com>
2022-11-22 14:39:26 +06:00
Subin Kim
8175f05c89
Added pagination settings test case (#8362) 2022-11-22 14:18:47 +06:00
Shi Pengtao
0ae3323bd2
fix 404 when page query parameter is empty string (#8578)
* fix 404 when page query parameter is empty string

* Update pagination.py

* Update pagination.py

Co-authored-by: Tom Christie <tom@tomchristie.com>
2022-11-22 12:37:31 +06:00
954
03c2ef1787
Fixes instance check in ListSerializer.to_representation (#8726) (#8727)
* Fixes 'RelatedManager' object is not iterable in ListSerializer.to_representation.(#8726)

* Change to only BaseManager

* Commit unit test

* Update tests/test_serializer_lists.py

* Update tests/test_serializer_lists.py

* Update tests/test_serializer_lists.py

* Update tests/test_serializer_lists.py

* Update tests/test_serializer_lists.py

* Update tests/test_serializer_lists.py

* Format import

* Format import

Co-authored-by: Asif Saif Uddin <auvipy@gmail.com>
2022-11-22 12:01:01 +06:00
Jason Joy Atsu Winmorre
9e56f54efb
FloatField will crash if the input is a number that is too big (#8725)
* FloatField will crash if the input is a number that is too big

* Added Unit test for float field overflow error catch

* Removed random import

* Removed additional imported ValidationError

* Update rest_framework/fields.py

* Update tests/test_fields.py

Co-authored-by: Asif Saif Uddin <auvipy@gmail.com>
2022-11-22 11:15:25 +06:00
smt-insens
dc300aa4e0
[FIX] add missing DurationField to SimpleMetada label_lookup (#8702) 2022-11-21 20:33:19 +06:00
Asif Saif Uddin
751808c59b
converted assertion to pytest style in test status (#8769) 2022-11-21 11:32:07 +00:00
Paolo Melchiorre
2a2b092864
Fix #8751 - Add support to Python 3.11 (#8752) 2022-11-21 11:47:21 +01:00
Asif Saif Uddin
cac89ae65d
update minimum version to psycopg2-binary>=2.9.5 (#8767) 2022-11-18 15:32:10 +00:00
Asif Saif Uddin
21fdf066b4
pytest versions update (#8745)
* pytest versions update

* pytest>=7.0.0,<8.0

* pytest>=7.2.0,<8.0

* pytest>=6.2.0,<8.0
2022-11-18 11:09:05 +00:00
Manos
df60510db5
Add 3rd party entry for rest-framework-roles (#8755) 2022-11-17 14:13:18 +00:00
Ilaletdinov Almaz
3e052376ac
Added http 102, 103, 421, and 425 status codes in documentation (#8763) 2022-11-17 13:13:09 +00:00
Clemens Wolff
759fc6f42e
Make request consistently available in pagination classes (#8764)
* Store request in CursorPagination field

* Define request at start of pagination entrypoint
2022-11-17 12:47:47 +00:00
Henrik Wahlgren
d5f228dd00
Possibility to remove trailing zeros on DecimalFields representation (#6514)
* Added normalize parameter to DecimalField to be able to strip trailing zeros. Fixes #6151.

* Updated docs to include normalize option on DecimalField

* Fixed linting error in test_fields

* Removed comment and renamed normalize to normalize_output as suggested in code review

Co-authored-by: Tom Christie <tom@tomchristie.com>
2022-11-16 14:31:50 +00:00
Stanislav Levin
78cdae6999
Fix Pytest's deprecation warnings about nose usage (#8758)
Pytest 7.2.0 deprecated plain `setup` and `teardown` functions and
methods as nose idioms:
https://docs.pytest.org/en/latest/changelog.html#pytest-7-2-0-2022-10-23

`setup` can be safely replaced with `setup_method`:
https://docs.pytest.org/en/stable/deprecations.html#setup-teardown

Fixes: https://github.com/encode/django-rest-framework/issues/8757
Signed-off-by: Stanislav Levin <slev@altlinux.org>

Signed-off-by: Stanislav Levin <slev@altlinux.org>
2022-11-15 12:29:15 +00:00
Lewis M. Kabui
ae7a2b0dfa
Remove extraneous word "Both" (#8740)
* Remove extraneous word "Both"

* Update Multiparser docs

Co-authored-by: Lewis Kabui <lewisemm@users.noreply.github.com>
2022-11-10 10:31:06 +00:00
Thomas
1142ee5fc1
Update jobs.md (#8737)
Update remoteok.io to remoteok.com
Add pyjobs.com
2022-11-02 11:10:45 +00:00
Géry Ogam
2510456817
Update quickstart.md (#8575)
* Update quickstart.md

* Use PEP 8 compliant import

* Remove unauthorized password by Django (too common)
2022-10-20 15:32:25 +01:00
Francisco Couzo
041b88f8bb
Improve style, fix some typos (#8405)
* Improve style, fix some typos

* Update docs/api-guide/fields.md

Co-authored-by: Tom Christie <tom@tomchristie.com>

Co-authored-by: Tom Christie <tom@tomchristie.com>
2022-10-19 11:20:11 +01:00
Elton Maiyo
e354331743
Fixes typo (#8719) 2022-10-19 11:11:09 +01:00
Den
35c5be6ec2
Add a method for getting serializer field name (OpenAPI) (#7493)
* Add a method for getting serializer field name

* Add docs and test

Co-authored-by: Tom Christie <tom@tomchristie.com>
2022-10-17 10:47:45 +01:00
Jan Lis
0cb693700f
add __eq__ method for OperandHolder class (#8710) 2022-10-17 10:20:59 +01:00
mka142
b221aa2cf6
Update schemas.md (#8707) 2022-10-17 09:54:48 +01:00
Ran Benita
9407833a83
Avoid importing django.test package when not testing (#8699)
Importing anything `rest_framework` causes `django.test` to be imported.
This is because DRF registers a receiver on the
`django.test_signals.setting_changed` signal.

This is not really a problem, but it is good to avoid this because it
bloats the memory with unnecessary modules (e.g. `django.test`,
`django.core.servers.basehttp`, `socketserver`) and increases the
startup time. It also doesn't feel right to import test code into
non-test code.

Try to import the signal from a core module if possible.

Note that there's another `django.test` import in `MultiPartRenderer`,
however this import is done lazily only if the functionality is used so
can be easily avoided.
2022-10-14 16:30:26 +01:00
Shyamkumar Yadav
1fd268ae2b
Docs: use asterisk for unordered list (#8697) 2022-10-14 11:22:19 +01:00
Shyamkumar Yadav
20d347a806
Docs: Convert all tabs into spaces (#8692) 2022-10-12 11:23:45 +01:00
Klaas van Schelven
56946fac8f
Preserve exception messages for wrapped Django exceptions (#8051)
* Preserve messages for wrapped Django exceptions

* Fix the test

* Update test_generics.py

* Update test_generics.py

Co-authored-by: Tom Christie <tom@tomchristie.com>
2022-10-11 12:48:57 +00:00
Norbert Schuler
911b207fa1
Added examples to schema of CursorPagination (#8687)
* Added examples to schema of CursorPagination

Fix https://github.com/encode/django-rest-framework/issues/8686

Added missing examples for CursorPagination class to disable warnings in https://github.com/tfranzel/drf-spectacular and make it consistent with other pagination classes.

* Adapted test case for paginated response schema
2022-10-11 11:50:33 +01:00
Markus Legner
d507cd851c
Fix infinite recursion with deepcopy on Request (#8684) 2022-10-07 11:58:38 +01:00
Ahzam Ahmed
c10f226622
Refactor: Replace try/except with contextlib.suppress() (#8676) 2022-10-05 11:02:00 +01:00
mschmidm
99cf2c415f
Docs: Updated browsable-api.md (#8678)
- Replace the broken Bootswatch-Link with an Jsdelivr-Link as suggested at https://bootswatch.com/help/
- Updated the stated Bootstrap version
- Added a note that the Bootstrap version must match the default one

Co-authored-by: Tom Christie <tom@tomchristie.com>
2022-10-04 12:15:51 +01:00
Sardorbek Imomaliev
e7777cb1ee
Add spaces to router example in 6-viewsets-and-routers.md (#8448) 2022-10-03 11:48:18 +01:00
Tom Christie
ca75300ae9
Update requirements-testing.txt (#8680)
* Update requirements-testing.txt

* Update requirements-testing.txt
2022-10-03 11:39:32 +01:00
manelbdacosta
79de112d62
Minor fix to SerializeMethodField docstring (#8629) 2022-10-03 10:36:51 +01:00
Ahzam Ahmed
9e398c59ab
Minor refactor: Unnecessary use of list() function (#8672) 2022-09-27 16:08:40 +01:00
Allie
3e51ba4d51
Update documentation on dependency installation (#8566)
We depend on pytz, but until late last year we got it implicitly through
depending on Django. Since their release 4.0, however, they no longer
depend on pytz; commit 250479dc3 added the dependency directly to our
metadata in setup.py, but the documentation about dependencies (most
importantly, the instructions for new contributors) was left untouched.

This commit updates the new contributor instructions to suggest an
"editable installation" of the project at the step that previously had
users manually install Django. In this mode, pip fetches and installs
the project dependencies automatically (so in the unlikely event we grow
another dependency, that doc doesn't need to be changed again) and makes
the project available to the virtualenv's python as a normal package,
but doesn't require reinstallation for mundane edits.
2022-09-27 13:54:52 +01:00