diff options
| -rwxr-xr-x[-rw-r--r--] | docs/api-guide/authentication.md | 6 | ||||
| -rw-r--r-- | docs/topics/release-notes.md | 6 | ||||
| -rw-r--r-- | docs/tutorial/5-relationships-and-hyperlinked-apis.md | 2 | ||||
| -rw-r--r-- | rest_framework/__init__.py | 2 | ||||
| -rw-r--r-- | rest_framework/compat.py | 10 | ||||
| -rw-r--r-- | rest_framework/generics.py | 1 | ||||
| -rw-r--r-- | rest_framework/mixins.py | 4 |
7 files changed, 20 insertions, 11 deletions
diff --git a/docs/api-guide/authentication.md b/docs/api-guide/authentication.md index 0eea31d7..1f08f542 100644..100755 --- a/docs/api-guide/authentication.md +++ b/docs/api-guide/authentication.md @@ -107,7 +107,7 @@ Unauthenticated responses that are denied permission will result in an `HTTP 401 WWW-Authenticate: Basic realm="api" -**Note:** If you use `BasicAuthentication` in production you must ensure that your API is only available over `https` only. You should also ensure that your API clients will always re-request the username and password at login, and will never store those details to persistent storage. +**Note:** If you use `BasicAuthentication` in production you must ensure that your API is only available over `https`. You should also ensure that your API clients will always re-request the username and password at login, and will never store those details to persistent storage. ## TokenAuthentication @@ -148,7 +148,7 @@ The `curl` command line tool may be useful for testing token authenticated APIs. --- -**Note:** If you use `TokenAuthentication` in production you must ensure that your API is only available over `https` only. +**Note:** If you use `TokenAuthentication` in production you must ensure that your API is only available over `https`. --- @@ -259,7 +259,7 @@ Finally, sync your database. --- -**Note:** If you use `OAuth2Authentication` in production you must ensure that your API is only available over `https` only. +**Note:** If you use `OAuth2Authentication` in production you must ensure that your API is only available over `https`. --- diff --git a/docs/topics/release-notes.md b/docs/topics/release-notes.md index 66022959..fe65a777 100644 --- a/docs/topics/release-notes.md +++ b/docs/topics/release-notes.md @@ -42,6 +42,12 @@ You can determine your currently installed version using `pip freeze`: ### Master +* DecimalField support + +### 2.2.6 + +**Date**: 4th April 2013 + * DecimalField support. * OAuth2 authentication no longer requires unneccessary URL parameters in addition to the token. * URL hyperlinking in browseable API now handles more cases correctly. diff --git a/docs/tutorial/5-relationships-and-hyperlinked-apis.md b/docs/tutorial/5-relationships-and-hyperlinked-apis.md index a702a09d..27a10840 100644 --- a/docs/tutorial/5-relationships-and-hyperlinked-apis.md +++ b/docs/tutorial/5-relationships-and-hyperlinked-apis.md @@ -1,4 +1,4 @@ -# Tutorial 5 - Relationships & Hyperlinked APIs +# Tutorial 5: Relationships & Hyperlinked APIs At the moment relationships within our API are represented by using primary keys. In this part of the tutorial we'll improve the cohesion and discoverability of our API, by instead using hyperlinking for relationships. diff --git a/rest_framework/__init__.py b/rest_framework/__init__.py index c86403d8..7ac12058 100644 --- a/rest_framework/__init__.py +++ b/rest_framework/__init__.py @@ -1,4 +1,4 @@ -__version__ = '2.2.5' +__version__ = '2.2.6' VERSION = __version__ # synonym diff --git a/rest_framework/compat.py b/rest_framework/compat.py index 6551723a..067e9018 100644 --- a/rest_framework/compat.py +++ b/rest_framework/compat.py @@ -400,19 +400,23 @@ except ImportError: try: from django.utils.html import smart_urlquote except ImportError: + import re + from django.utils.encoding import smart_str try: from urllib.parse import quote, urlsplit, urlunsplit except ImportError: # Python 2 from urllib import quote from urlparse import urlsplit, urlunsplit + unquoted_percents_re = re.compile(r'%(?![0-9A-Fa-f]{2})') + def smart_urlquote(url): "Quotes a URL if it isn't already quoted." # Handle IDN before quoting. scheme, netloc, path, query, fragment = urlsplit(url) try: - netloc = netloc.encode('idna').decode('ascii') # IDN -> ACE - except UnicodeError: # invalid domain part + netloc = netloc.encode('idna').decode('ascii') # IDN -> ACE + except UnicodeError: # invalid domain part pass else: url = urlunsplit((scheme, netloc, path, query, fragment)) @@ -421,7 +425,7 @@ except ImportError: # contains a % not followed by two hexadecimal digits. See #9655. if '%' not in url or unquoted_percents_re.search(url): # See http://bugs.python.org/issue2637 - url = quote(force_bytes(url), safe=b'!*\'();:@&=+$,/?#[]~') + url = quote(smart_str(url), safe=b'!*\'();:@&=+$,/?#[]~') return force_text(url) diff --git a/rest_framework/generics.py b/rest_framework/generics.py index 36ecf915..f9133c73 100644 --- a/rest_framework/generics.py +++ b/rest_framework/generics.py @@ -130,6 +130,7 @@ class SingleObjectAPIView(SingleObjectMixin, GenericAPIView): """ Override default to add support for object-level permissions. """ + queryset = self.filter_queryset(self.get_queryset()) obj = super(SingleObjectAPIView, self).get_object(queryset) self.check_object_permissions(self.request, obj) return obj diff --git a/rest_framework/mixins.py b/rest_framework/mixins.py index 7d9a6e65..3bd7d6df 100644 --- a/rest_framework/mixins.py +++ b/rest_framework/mixins.py @@ -97,9 +97,7 @@ class RetrieveModelMixin(object): Should be mixed in with `SingleObjectAPIView`. """ def retrieve(self, request, *args, **kwargs): - queryset = self.get_queryset() - filtered_queryset = self.filter_queryset(queryset) - self.object = self.get_object(filtered_queryset) + self.object = self.get_object() serializer = self.get_serializer(self.object) return Response(serializer.data) |