diff options
| -rw-r--r-- | docs/api-guide/throttling.md | 2 | ||||
| -rw-r--r-- | docs/topics/ajax-csrf-cors.md | 2 | ||||
| -rw-r--r-- | docs/topics/release-notes.md | 2 | ||||
| -rw-r--r-- | rest_framework/fields.py | 1 | ||||
| -rw-r--r-- | rest_framework/tests/test_files.py | 13 |
5 files changed, 17 insertions, 3 deletions
diff --git a/docs/api-guide/throttling.md b/docs/api-guide/throttling.md index cc469217..fc1525df 100644 --- a/docs/api-guide/throttling.md +++ b/docs/api-guide/throttling.md @@ -59,7 +59,7 @@ using the `APIView` class based views. Or, if you're using the `@api_view` decorator with function based views. @api_view('GET') - @throttle_classes(UserRateThrottle) + @throttle_classes([UserRateThrottle]) def example_view(request, format=None): content = { 'status': 'request was permitted' diff --git a/docs/topics/ajax-csrf-cors.md b/docs/topics/ajax-csrf-cors.md index 0555b84d..97dd4710 100644 --- a/docs/topics/ajax-csrf-cors.md +++ b/docs/topics/ajax-csrf-cors.md @@ -6,7 +6,7 @@ ## Javascript clients -If your building a javascript client to interface with your Web API, you'll need to consider if the client can use the same authentication policy that is used by the rest of the website, and also determine if you need to use CSRF tokens or CORS headers. +If you’re building a JavaScript client to interface with your Web API, you'll need to consider if the client can use the same authentication policy that is used by the rest of the website, and also determine if you need to use CSRF tokens or CORS headers. AJAX requests that are made within the same context as the API they are interacting with will typically use `SessionAuthentication`. This ensures that once a user has logged in, any AJAX requests made can be authenticated using the same session-based authentication that is used for the rest of the website. diff --git a/docs/topics/release-notes.md b/docs/topics/release-notes.md index e4294ae3..3df8869a 100644 --- a/docs/topics/release-notes.md +++ b/docs/topics/release-notes.md @@ -58,7 +58,7 @@ You can determine your currently installed version using `pip freeze`: * 'Raw data' and 'HTML form' tab preference in browseable API now saved between page views. * Bugfix: `required=True` argument fixed for boolean serializer fields. * Bugfix: `client.force_authenticate(None)` should also clear session info if it exists. -* Bugfix: Client sending emptry string instead of file now clears `FileField`. +* Bugfix: Client sending empty string instead of file now clears `FileField`. * Bugfix: Empty values on ChoiceFields with `required=False` now consistently return `None`. ### 2.3.7 diff --git a/rest_framework/fields.py b/rest_framework/fields.py index 210c2537..0c3817b5 100644 --- a/rest_framework/fields.py +++ b/rest_framework/fields.py @@ -306,6 +306,7 @@ class WritableField(Field): return try: + data = data or {} if self.use_files: files = files or {} try: diff --git a/rest_framework/tests/test_files.py b/rest_framework/tests/test_files.py index c13c38b8..78f4cf42 100644 --- a/rest_framework/tests/test_files.py +++ b/rest_framework/tests/test_files.py @@ -80,3 +80,16 @@ class FileSerializerTests(TestCase): serializer = UploadedFileSerializer(data={'created': now, 'file': 'abc'}) self.assertFalse(serializer.is_valid()) self.assertEqual(serializer.errors, {'file': [errmsg]}) + + def test_validation_with_no_data(self): + """ + Validation should still function when no data dictionary is provided. + """ + now = datetime.datetime.now() + file = BytesIO(six.b('stuff')) + file.name = 'stuff.txt' + file.size = len(file.getvalue()) + uploaded_file = UploadedFile(file=file, created=now) + + serializer = UploadedFileSerializer(files={'file': file}) + self.assertFalse(serializer.is_valid()) |