Table of Contents
- What's the deal?
- Great, where are we at right now?
- Stuff that's missing right now.
- Okay, where should I start then?
- TokenAuthentication.
- Bootstrap redesign of the browseable API
- Documentation about overriding default browseable API style.
- Document throttles and permissions.
- Document renderers and parsers.
- Work on the documentation bootstrap style.
- Implement Resources & Routers.
- Test out object-level permissions.
- Make the tests pass on travis CI
- Great, let's get cracking then.
What's the deal?
We're pushing towards REST framework 2.
It's a major redesign that fixes up a bunch of issues with REST framework as it currently stands, and it's going to be a totally kick-ass, super well-documented, beautifully designed and all round awesome release.
Great, where are we at right now?
Doing pretty nicely, thanks.
Check out the restframework2 branch and the redesigned docs, in particular tutorial parts 1-3 and part 6.
Stuff that's missing right now.
Some of the gaps that need filling in:
PUT/POST/DELETE aren't working in the Browseable API yet.- @api_view decorator doesn't support browseable API yet.
- Bits of work to be done on serializers - 'readonly' fields, and hyperlinked relations.
- Resources & routers (See part 6 of the tutorial.) (Pull request)
- Some bits of tweaking needed around format suffixes '.json'
- Various sections missing from documentation.
Documentation bootstrap styling needs a bit of work. (Eg broken on mobile browsers right now)- Browseable API could do with a twitter Bootstrap redesign. (Pull request)
- Needs a better and more comprehensive test suite.
Really could do with BasicTokenAuthentication(OAuth needed too, but that's secondary.)
Okay, where should I start then?
TokenAuthentication.
See https://github.com/tomchristie/django-rest-framework/pull/249 for a first go. - @mjumbewu
Take a look through the authentication docs. Take a look at the existing authentication classes. Implement TokenBasicAuthentication as a subclass of BasicAuthentication. -- Actually not implemented with basic auth. Uses a custom scheme called "Token"
It'll need implementing as an optional app, so that tokens are not always installed by default - user will add djangorestframework.basicauthtoken to INSTALLED_APPS if they want the token models in their database.
Bootstrap redesign of the browseable API
Give it some bootstrap hotness.
Pull request - @alecperkins
Documentation about overriding default browseable API style.
We need some docs about how you can override the default template, what template tags can be overwritten etc...
Working on this as an extension of the above - @alecperkins
Document throttles and permissions.
There's now some really good documentation for authentication that you should use as the template for documenting throttles and permissions.
Document renderers and parsers.
Again use the authentication documentation as a rough template, but there's a bit more work here than for throttles/permissions.
Work on the documentation bootstrap style.
Fix up the styling so it works on mobile sized screens.The header bar does slightly odd things when it collapses - try to tidy that up.
Implement Resources & Routers.
See part 6 of the tutorial for an overview of how that should look. (And the mixins section of part 3 for a better idea of how they get composed)
Resources are view-like classes that implement everything except the actual .get(), .post() etc... method handlers. Routers create subclasses of the resource, binding the method handlers to the actual actions
I think the base ModelResource will probably need to be composed of APIView Django's MultipleObjectMixin and SingleObjectMixin, plus all the REST framework mixins.
Maybe instead it can just be derived from
object, and act as a mixin itself. Then, the routers would just construct classes that derive from the appropriate mixins as needed. I'm gonna try that approach out. - @mjumbewu
Pull request - @mjumbewu
Test out object-level permissions.
REST framework should now support object level permissions. (See SingleObjectBaseView.get_object() in generics.py.) Using a view with DjangoModelPermissions, install django-guardian and see if you can get everything playing together nicely. If so, the Authentication documentation should be updated to reflect that.
Make the tests pass on travis CI
A lot of the tests are in a bit of a hacky state right now. I can live with that for the moment, but what's particularly awkward is that they pass for me locally, but not on Travis CI. What gives? Make it work. Get cake and karma.
Green! https://github.com/tomchristie/django-rest-framework/pull/251 - @mjumbewu
Great, let's get cracking then.
I'm working from the UK, so 5 hours ahead of you folks. I should be around Friday and Saturday morning, something like 9.00am-1pm EDT.
I'm available on twitter, and I'll be on the #djangocon channel on freenode IRC.