Merge branch 'master' of https://github.com/tomchristie/django-rest-framework into #431

4 files changed, 84 insertions, 14 deletions

diff --git a/rest_framework/tests/authentication.py b/rest_framework/tests/authentication.py
index 96ca9f52..802bc6c1 100644
--- a/rest_framework/tests/authentication.py
+++ b/rest_framework/tests/authentication.py
@@ -167,14 +167,14 @@ class TokenAuthTests(TestCase):
         client = Client(enforce_csrf_checks=True)
         response = client.post('/auth-token/login/', 
                                json.dumps({'username': self.username, 'password': "badpass"}), 'application/json')
-        self.assertEqual(response.status_code, 400)
+        self.assertEqual(response.status_code, 401)
 
     def test_token_login_json_missing_fields(self):
         """Ensure token login view using JSON POST fails if missing fields."""
         client = Client(enforce_csrf_checks=True)
         response = client.post('/auth-token/login/', 
                                json.dumps({'username': self.username}), 'application/json')
-        self.assertEqual(response.status_code, 400)
+        self.assertEqual(response.status_code, 401)
 
     def test_token_login_form(self):
         """Ensure token login view using form POST works."""
diff --git a/rest_framework/tests/models.py b/rest_framework/tests/models.py
index 9a59e841..428bf130 100644
--- a/rest_framework/tests/models.py
+++ b/rest_framework/tests/models.py
@@ -124,8 +124,21 @@ class ActionItem(RESTFrameworkModel):
 
 
 # Models for reverse relations
+class Person(RESTFrameworkModel):
+    name = models.CharField(max_length=10)
+    age = models.IntegerField(null=True, blank=True)
+
+    @property
+    def info(self):
+        return {
+            'name': self.name,
+            'age': self.age,
+        }
+
+
 class BlogPost(RESTFrameworkModel):
     title = models.CharField(max_length=100)
+    writer = models.ForeignKey(Person, null=True, blank=True)
 
     def get_first_comment(self):
         return self.blogpostcomment_set.all()[0]
@@ -145,18 +158,6 @@ class Photo(RESTFrameworkModel):
     album = models.ForeignKey(Album)
 
 
-class Person(RESTFrameworkModel):
-    name = models.CharField(max_length=10)
-    age = models.IntegerField(null=True, blank=True)
-
-    @property
-    def info(self):
-        return {
-            'name': self.name,
-            'age': self.age,
-        }
-
-
 # Model for issue #324
 class BlankFieldModel(RESTFrameworkModel):
     title = models.CharField(max_length=100, blank=True, null=True)
diff --git a/rest_framework/tests/request.py b/rest_framework/tests/request.py
index ff48f3fa..2850992d 100644
--- a/rest_framework/tests/request.py
+++ b/rest_framework/tests/request.py
@@ -3,6 +3,8 @@ Tests for content parsing, and form-overloaded content parsing.
 """
 from django.conf.urls.defaults import patterns
 from django.contrib.auth.models import User
+from django.contrib.auth import authenticate, login, logout
+from django.contrib.sessions.middleware import SessionMiddleware
 from django.test import TestCase, Client
 from django.utils import simplejson as json
 
@@ -276,3 +278,29 @@ class TestContentParsingWithAuthentication(TestCase):
 
     #     response = self.csrf_client.post('/', content)
     #     self.assertEqual(status.OK, response.status_code, "POST data is malformed")
+
+
+class TestUserSetter(TestCase):
+
+    def setUp(self):
+        # Pass request object through session middleware so session is
+        # available to login and logout functions
+        self.request = Request(factory.get('/'))
+        SessionMiddleware().process_request(self.request)
+
+        User.objects.create_user('ringo', 'starr@thebeatles.com', 'yellow')
+        self.user = authenticate(username='ringo', password='yellow')
+
+    def test_user_can_be_set(self):
+        self.request.user = self.user
+        self.assertEqual(self.request.user, self.user)
+
+    def test_user_can_login(self):
+        login(self.request, self.user)
+        self.assertEqual(self.request.user, self.user)
+
+    def test_user_can_logout(self):
+        self.request.user = self.user
+        self.assertFalse(self.request.user.is_anonymous())
+        logout(self.request)
+        self.assertTrue(self.request.user.is_anonymous())
diff --git a/rest_framework/tests/serializer.py b/rest_framework/tests/serializer.py
index bdf72a91..18e24b71 100644
--- a/rest_framework/tests/serializer.py
+++ b/rest_framework/tests/serializer.py
@@ -577,6 +577,47 @@ class ManyRelatedTests(TestCase):
         self.assertEqual(serializer.data, expected)
 
 
+class RelatedTraversalTest(TestCase):
+    def test_nested_traversal(self):
+        user = Person.objects.create(name="django")
+        post = BlogPost.objects.create(title="Test blog post", writer=user)
+        post.blogpostcomment_set.create(text="I love this blog post")
+
+        from rest_framework.tests.models import BlogPostComment
+
+        class PersonSerializer(serializers.ModelSerializer):
+            class Meta:
+                model = Person
+                fields = ("name", "age")
+
+        class BlogPostCommentSerializer(serializers.ModelSerializer):
+            class Meta:
+                model = BlogPostComment
+                fields = ("text", "post_owner")
+
+            text = serializers.CharField()
+            post_owner = PersonSerializer(source='blog_post.writer')
+
+        class BlogPostSerializer(serializers.Serializer):
+            title = serializers.CharField()
+            comments = BlogPostCommentSerializer(source='blogpostcomment_set')
+
+        serializer = BlogPostSerializer(instance=post)
+
+        expected = {
+            'title': u'Test blog post',
+            'comments': [{
+                'text': u'I love this blog post',
+                'post_owner': {
+                    "name": u"django",
+                    "age": None
+                }
+            }]
+        }
+
+        self.assertEqual(serializer.data, expected)
+
+
 class SerializerMethodFieldTests(TestCase):
     def setUp(self):