From f3e65eab6b60a23eeed2178db4f6034ce2c6ac3d Mon Sep 17 00:00:00 2001 From: Mjumbe Wawatu Poe Date: Fri, 7 Sep 2012 12:53:39 -0400 Subject: Add a TokenAuthentication class in a sub-application --- djangorestframework/runtests/settings.py | 1 + djangorestframework/tests/authentication.py | 42 +++++++++++++++++++++++++ djangorestframework/tokenauth/__init__.py | 0 djangorestframework/tokenauth/authentication.py | 33 +++++++++++++++++++ djangorestframework/tokenauth/models.py | 19 +++++++++++ 5 files changed, 95 insertions(+) create mode 100644 djangorestframework/tokenauth/__init__.py create mode 100644 djangorestframework/tokenauth/authentication.py create mode 100644 djangorestframework/tokenauth/models.py (limited to 'djangorestframework') diff --git a/djangorestframework/runtests/settings.py b/djangorestframework/runtests/settings.py index 7cb3e27b..1fc6b47b 100644 --- a/djangorestframework/runtests/settings.py +++ b/djangorestframework/runtests/settings.py @@ -90,6 +90,7 @@ INSTALLED_APPS = ( # Uncomment the next line to enable admin documentation: # 'django.contrib.admindocs', 'djangorestframework', + 'djangorestframework.tokenauth', ) STATIC_URL = '/static/' diff --git a/djangorestframework/tests/authentication.py b/djangorestframework/tests/authentication.py index 79194718..2806da36 100644 --- a/djangorestframework/tests/authentication.py +++ b/djangorestframework/tests/authentication.py @@ -8,6 +8,9 @@ from django.http import HttpResponse from djangorestframework.views import APIView from djangorestframework import permissions +from djangorestframework.tokenauth.models import Token +from djangorestframework.tokenauth.authentication import TokenAuthentication + import base64 @@ -20,6 +23,8 @@ class MockView(APIView): def put(self, request): return HttpResponse({'a': 1, 'b': 2, 'c': 3}) +MockView.authentication += (TokenAuthentication,) + urlpatterns = patterns('', (r'^$', MockView.as_view()), ) @@ -104,3 +109,40 @@ class SessionAuthTests(TestCase): """ response = self.csrf_client.post('/', {'example': 'example'}) self.assertEqual(response.status_code, 403) + + +class TokenAuthTests(TestCase): + """Token authentication""" + urls = 'djangorestframework.tests.authentication' + + def setUp(self): + self.csrf_client = Client(enforce_csrf_checks=True) + self.username = 'john' + self.email = 'lennon@thebeatles.com' + self.password = 'password' + self.user = User.objects.create_user(self.username, self.email, self.password) + + self.key = 'abcd1234' + self.token = Token.objects.create(key=self.key, user=self.user) + + def test_post_form_passing_token_auth(self): + """Ensure POSTing json over token auth with correct credentials passes and does not require CSRF""" + auth = self.key + response = self.csrf_client.post('/', {'example': 'example'}, HTTP_AUTHORIZATION=auth) + self.assertEqual(response.status_code, 200) + + def test_post_json_passing_token_auth(self): + """Ensure POSTing form over token auth with correct credentials passes and does not require CSRF""" + auth = self.key + response = self.csrf_client.post('/', json.dumps({'example': 'example'}), 'application/json', HTTP_AUTHORIZATION=auth) + self.assertEqual(response.status_code, 200) + + def test_post_form_failing_token_auth(self): + """Ensure POSTing form over token auth without correct credentials fails""" + response = self.csrf_client.post('/', {'example': 'example'}) + self.assertEqual(response.status_code, 403) + + def test_post_json_failing_token_auth(self): + """Ensure POSTing json over token auth without correct credentials fails""" + response = self.csrf_client.post('/', json.dumps({'example': 'example'}), 'application/json') + self.assertEqual(response.status_code, 403) diff --git a/djangorestframework/tokenauth/__init__.py b/djangorestframework/tokenauth/__init__.py new file mode 100644 index 00000000..e69de29b diff --git a/djangorestframework/tokenauth/authentication.py b/djangorestframework/tokenauth/authentication.py new file mode 100644 index 00000000..35d56211 --- /dev/null +++ b/djangorestframework/tokenauth/authentication.py @@ -0,0 +1,33 @@ +from djangorestframework.authentication import BaseAuthentication +from .models import Token + +class TokenAuthentication(BaseAuthentication): + """ + Use a token model for authentication. + + A custom token model may be used here, but must have the following minimum + properties: + + * key -- The string identifying the token + * user -- The user to which the token belongs + * revoked -- The status of the token + + The BaseToken class is available as an abstract model to be derived from. + + The token key should be passed in as a string to the "Authorization" HTTP + header. + """ + model = Token + + def authenticate(self, request): + key = request.META.get('HTTP_AUTHORIZATION', '').strip() + if not key: + return None + + try: + token = self.model.objects.get(key=key) + except self.model.DoesNotExist: + return None + + if token.user.is_active and not token.revoked: + return (token.user, token) diff --git a/djangorestframework/tokenauth/models.py b/djangorestframework/tokenauth/models.py new file mode 100644 index 00000000..3b9a55bc --- /dev/null +++ b/djangorestframework/tokenauth/models.py @@ -0,0 +1,19 @@ +from django.db import models + +class BaseToken(models.Model): + """ + The base abstract authorization token model class. + """ + key = models.CharField(max_length=32, primary_key=True) + user = models.ForeignKey('auth.User') + revoked = models.BooleanField(default=False) + + class Meta: + abstract=True + + +class Token(BaseToken): + """ + The default authorization token model class. + """ + pass -- cgit v1.2.3 From 5a3874ee112490937f83fa5700899f3631a14128 Mon Sep 17 00:00:00 2001 From: Mjumbe Wawatu Poe Date: Fri, 7 Sep 2012 13:15:24 -0400 Subject: Create a key by default if none is specified --- djangorestframework/tests/authentication.py | 5 +++++ djangorestframework/tokenauth/models.py | 8 +++++++- djangorestframework/tokenauth/views.py | 0 3 files changed, 12 insertions(+), 1 deletion(-) create mode 100644 djangorestframework/tokenauth/views.py (limited to 'djangorestframework') diff --git a/djangorestframework/tests/authentication.py b/djangorestframework/tests/authentication.py index 2806da36..fb9996be 100644 --- a/djangorestframework/tests/authentication.py +++ b/djangorestframework/tests/authentication.py @@ -146,3 +146,8 @@ class TokenAuthTests(TestCase): """Ensure POSTing json over token auth without correct credentials fails""" response = self.csrf_client.post('/', json.dumps({'example': 'example'}), 'application/json') self.assertEqual(response.status_code, 403) + + def test_token_has_auto_assigned_key_if_none_provided(self): + """Ensure creating a token with no key will auto-assign a key""" + token = Token.objects.create(user=self.user) + self.assertEqual(len(token.key), 32) diff --git a/djangorestframework/tokenauth/models.py b/djangorestframework/tokenauth/models.py index 3b9a55bc..b5a9f7b9 100644 --- a/djangorestframework/tokenauth/models.py +++ b/djangorestframework/tokenauth/models.py @@ -1,16 +1,22 @@ +import uuid from django.db import models class BaseToken(models.Model): """ The base abstract authorization token model class. """ - key = models.CharField(max_length=32, primary_key=True) + key = models.CharField(max_length=32, primary_key=True, blank=True) user = models.ForeignKey('auth.User') revoked = models.BooleanField(default=False) class Meta: abstract=True + def save(self, *args, **kwargs): + if not self.key: + self.key = uuid.uuid4().hex + return super(BaseToken, self).save(*args, **kwargs) + class Token(BaseToken): """ diff --git a/djangorestframework/tokenauth/views.py b/djangorestframework/tokenauth/views.py new file mode 100644 index 00000000..e69de29b -- cgit v1.2.3 From 7f98741939ef9f919fe3c1fab9ecdd4d867543f6 Mon Sep 17 00:00:00 2001 From: Mjumbe Wawatu Poe Date: Fri, 7 Sep 2012 14:07:35 -0400 Subject: Use "Token" as the scheme for token auth --- djangorestframework/tests/authentication.py | 4 ++-- djangorestframework/tokenauth/authentication.py | 23 +++++++++++++---------- 2 files changed, 15 insertions(+), 12 deletions(-) (limited to 'djangorestframework') diff --git a/djangorestframework/tests/authentication.py b/djangorestframework/tests/authentication.py index fb9996be..da003a05 100644 --- a/djangorestframework/tests/authentication.py +++ b/djangorestframework/tests/authentication.py @@ -127,13 +127,13 @@ class TokenAuthTests(TestCase): def test_post_form_passing_token_auth(self): """Ensure POSTing json over token auth with correct credentials passes and does not require CSRF""" - auth = self.key + auth = 'Token %s' % self.key response = self.csrf_client.post('/', {'example': 'example'}, HTTP_AUTHORIZATION=auth) self.assertEqual(response.status_code, 200) def test_post_json_passing_token_auth(self): """Ensure POSTing form over token auth with correct credentials passes and does not require CSRF""" - auth = self.key + auth = 'Token %s' % self.key response = self.csrf_client.post('/', json.dumps({'example': 'example'}), 'application/json', HTTP_AUTHORIZATION=auth) self.assertEqual(response.status_code, 200) diff --git a/djangorestframework/tokenauth/authentication.py b/djangorestframework/tokenauth/authentication.py index 35d56211..167edf96 100644 --- a/djangorestframework/tokenauth/authentication.py +++ b/djangorestframework/tokenauth/authentication.py @@ -15,19 +15,22 @@ class TokenAuthentication(BaseAuthentication): The BaseToken class is available as an abstract model to be derived from. The token key should be passed in as a string to the "Authorization" HTTP - header. + header. For example: + + Authorization: Token 0123456789abcdef0123456789abcdef + """ model = Token def authenticate(self, request): - key = request.META.get('HTTP_AUTHORIZATION', '').strip() - if not key: - return None + auth = request.META.get('HTTP_AUTHORIZATION', '').strip().split() + if len(auth) == 2 and auth[0].lower() == "token": + key = auth[1] - try: - token = self.model.objects.get(key=key) - except self.model.DoesNotExist: - return None + try: + token = self.model.objects.get(key=key) + except self.model.DoesNotExist: + return None - if token.user.is_active and not token.revoked: - return (token.user, token) + if token.user.is_active and not token.revoked: + return (token.user, token) -- cgit v1.2.3 From 3b1404bd7d37d8c60cf45071852f86eea8d4c68f Mon Sep 17 00:00:00 2001 From: Mjumbe Wawatu Poe Date: Fri, 7 Sep 2012 14:23:53 -0400 Subject: Rename the default token class to "BasicToken" --- djangorestframework/tests/authentication.py | 6 +++--- djangorestframework/tokenauth/authentication.py | 4 ++-- djangorestframework/tokenauth/models.py | 2 +- 3 files changed, 6 insertions(+), 6 deletions(-) (limited to 'djangorestframework') diff --git a/djangorestframework/tests/authentication.py b/djangorestframework/tests/authentication.py index da003a05..dfed2fcc 100644 --- a/djangorestframework/tests/authentication.py +++ b/djangorestframework/tests/authentication.py @@ -8,7 +8,7 @@ from django.http import HttpResponse from djangorestframework.views import APIView from djangorestframework import permissions -from djangorestframework.tokenauth.models import Token +from djangorestframework.tokenauth.models import BasicToken from djangorestframework.tokenauth.authentication import TokenAuthentication import base64 @@ -123,7 +123,7 @@ class TokenAuthTests(TestCase): self.user = User.objects.create_user(self.username, self.email, self.password) self.key = 'abcd1234' - self.token = Token.objects.create(key=self.key, user=self.user) + self.token = BasicToken.objects.create(key=self.key, user=self.user) def test_post_form_passing_token_auth(self): """Ensure POSTing json over token auth with correct credentials passes and does not require CSRF""" @@ -149,5 +149,5 @@ class TokenAuthTests(TestCase): def test_token_has_auto_assigned_key_if_none_provided(self): """Ensure creating a token with no key will auto-assign a key""" - token = Token.objects.create(user=self.user) + token = BasicToken.objects.create(user=self.user) self.assertEqual(len(token.key), 32) diff --git a/djangorestframework/tokenauth/authentication.py b/djangorestframework/tokenauth/authentication.py index 167edf96..327a4a09 100644 --- a/djangorestframework/tokenauth/authentication.py +++ b/djangorestframework/tokenauth/authentication.py @@ -1,5 +1,5 @@ from djangorestframework.authentication import BaseAuthentication -from .models import Token +from .models import BasicToken class TokenAuthentication(BaseAuthentication): """ @@ -20,7 +20,7 @@ class TokenAuthentication(BaseAuthentication): Authorization: Token 0123456789abcdef0123456789abcdef """ - model = Token + model = BasicToken def authenticate(self, request): auth = request.META.get('HTTP_AUTHORIZATION', '').strip().split() diff --git a/djangorestframework/tokenauth/models.py b/djangorestframework/tokenauth/models.py index b5a9f7b9..81d98863 100644 --- a/djangorestframework/tokenauth/models.py +++ b/djangorestframework/tokenauth/models.py @@ -18,7 +18,7 @@ class BaseToken(models.Model): return super(BaseToken, self).save(*args, **kwargs) -class Token(BaseToken): +class BasicToken(BaseToken): """ The default authorization token model class. """ -- cgit v1.2.3 From 10450bafc9d98f022e0f0a5246a7fb1c7e53dc39 Mon Sep 17 00:00:00 2001 From: Mjumbe Wawatu Poe Date: Fri, 7 Sep 2012 15:45:34 -0400 Subject: Fix renderer tests. - All MockViews return Response objects - Only one urlpatterns attribute in the module - Renamed `RendererIntegrationTests` to `RendererEndToEndTests`, as the former wasn't being run locally (but it was on Travis...dunno). --- djangorestframework/tests/renderers.py | 22 +++++----------------- 1 file changed, 5 insertions(+), 17 deletions(-) (limited to 'djangorestframework') diff --git a/djangorestframework/tests/renderers.py b/djangorestframework/tests/renderers.py index 0a1cd9c7..692243e6 100644 --- a/djangorestframework/tests/renderers.py +++ b/djangorestframework/tests/renderers.py @@ -55,27 +55,27 @@ class MockView(APIView): def get(self, request, **kwargs): response = Response(DUMMYCONTENT, status=DUMMYSTATUS) - return self.render(response) + return response class MockGETView(APIView): def get(self, request, **kwargs): - return {'foo': ['bar', 'baz']} + return Response({'foo': ['bar', 'baz']}) class HTMLView(APIView): renderers = (DocumentingHTMLRenderer, ) def get(self, request, **kwargs): - return 'text' + return Response('text') class HTMLView1(APIView): renderers = (DocumentingHTMLRenderer, JSONRenderer) def get(self, request, **kwargs): - return 'text' + return Response('text') urlpatterns = patterns('', url(r'^.*\.(?P.+)$', MockView.as_view(renderers=[RendererA, RendererB])), @@ -88,7 +88,7 @@ urlpatterns = patterns('', ) -class RendererIntegrationTests(TestCase): +class RendererEndToEndTests(TestCase): """ End-to-end testing of renderers using an RendererMixin on a generic view. """ @@ -216,18 +216,6 @@ class JSONRendererTests(TestCase): self.assertEquals(strip_trailing_whitespace(content), _indented_repr) -class MockGETView(APIView): - - def get(self, request, *args, **kwargs): - return Response({'foo': ['bar', 'baz']}) - - -urlpatterns = patterns('', - url(r'^jsonp/jsonrenderer$', MockGETView.as_view(renderers=[JSONRenderer, JSONPRenderer])), - url(r'^jsonp/nojsonrenderer$', MockGETView.as_view(renderers=[JSONPRenderer])), -) - - class JSONPRendererTests(TestCase): """ Tests specific to the JSONP Renderer -- cgit v1.2.3 From f741cdae44bc455089a5ed7e1dbea4760ca97b85 Mon Sep 17 00:00:00 2001 From: Mjumbe Wawatu Poe Date: Fri, 7 Sep 2012 16:12:33 -0400 Subject: Move TokenAuthentication class into djangorestframework.authentication --- djangorestframework/authentication.py | 36 ++++++++++++++++++++++++- djangorestframework/tests/authentication.py | 6 ++--- djangorestframework/tokenauth/authentication.py | 36 ------------------------- 3 files changed, 38 insertions(+), 40 deletions(-) delete mode 100644 djangorestframework/tokenauth/authentication.py (limited to 'djangorestframework') diff --git a/djangorestframework/authentication.py b/djangorestframework/authentication.py index 4d5a7e86..2446fbbd 100644 --- a/djangorestframework/authentication.py +++ b/djangorestframework/authentication.py @@ -103,4 +103,38 @@ class SessionAuthentication(BaseAuthentication): return (user, None) -# TODO: TokenAuthentication, DigestAuthentication, OAuthAuthentication +class TokenAuthentication(BaseAuthentication): + """ + Use a token model for authentication. + + A custom token model may be used here, but must have the following minimum + properties: + + * key -- The string identifying the token + * user -- The user to which the token belongs + * revoked -- The status of the token + + The token key should be passed in as a string to the "Authorization" HTTP + header. For example: + + Authorization: 0123456789abcdef0123456789abcdef + + """ + model = None + + def authenticate(self, request): + key = request.META.get('HTTP_AUTHORIZATION', '').strip() + + if self.model is None: + from djangorestframework.tokenauth.models import BasicToken + self.model = BasicToken + + try: + token = self.model.objects.get(key=key) + except self.model.DoesNotExist: + return None + + if token.user.is_active and not token.revoked: + return (token.user, token) + +# TODO: DigestAuthentication, OAuthAuthentication diff --git a/djangorestframework/tests/authentication.py b/djangorestframework/tests/authentication.py index dfed2fcc..fcc8f7ba 100644 --- a/djangorestframework/tests/authentication.py +++ b/djangorestframework/tests/authentication.py @@ -9,7 +9,7 @@ from djangorestframework.views import APIView from djangorestframework import permissions from djangorestframework.tokenauth.models import BasicToken -from djangorestframework.tokenauth.authentication import TokenAuthentication +from djangorestframework.authentication import TokenAuthentication import base64 @@ -127,13 +127,13 @@ class TokenAuthTests(TestCase): def test_post_form_passing_token_auth(self): """Ensure POSTing json over token auth with correct credentials passes and does not require CSRF""" - auth = 'Token %s' % self.key + auth = self.key response = self.csrf_client.post('/', {'example': 'example'}, HTTP_AUTHORIZATION=auth) self.assertEqual(response.status_code, 200) def test_post_json_passing_token_auth(self): """Ensure POSTing form over token auth with correct credentials passes and does not require CSRF""" - auth = 'Token %s' % self.key + auth = self.key response = self.csrf_client.post('/', json.dumps({'example': 'example'}), 'application/json', HTTP_AUTHORIZATION=auth) self.assertEqual(response.status_code, 200) diff --git a/djangorestframework/tokenauth/authentication.py b/djangorestframework/tokenauth/authentication.py deleted file mode 100644 index 327a4a09..00000000 --- a/djangorestframework/tokenauth/authentication.py +++ /dev/null @@ -1,36 +0,0 @@ -from djangorestframework.authentication import BaseAuthentication -from .models import BasicToken - -class TokenAuthentication(BaseAuthentication): - """ - Use a token model for authentication. - - A custom token model may be used here, but must have the following minimum - properties: - - * key -- The string identifying the token - * user -- The user to which the token belongs - * revoked -- The status of the token - - The BaseToken class is available as an abstract model to be derived from. - - The token key should be passed in as a string to the "Authorization" HTTP - header. For example: - - Authorization: Token 0123456789abcdef0123456789abcdef - - """ - model = BasicToken - - def authenticate(self, request): - auth = request.META.get('HTTP_AUTHORIZATION', '').strip().split() - if len(auth) == 2 and auth[0].lower() == "token": - key = auth[1] - - try: - token = self.model.objects.get(key=key) - except self.model.DoesNotExist: - return None - - if token.user.is_active and not token.revoked: - return (token.user, token) -- cgit v1.2.3 From 8df71f4d1d9a8a3df8e053d99340fbe5bf78b8ad Mon Sep 17 00:00:00 2001 From: Mjumbe Wawatu Poe Date: Fri, 7 Sep 2012 16:19:15 -0400 Subject: Get rid of the BaseToken abstract model --- djangorestframework/tokenauth/models.py | 16 +++------------- 1 file changed, 3 insertions(+), 13 deletions(-) (limited to 'djangorestframework') diff --git a/djangorestframework/tokenauth/models.py b/djangorestframework/tokenauth/models.py index 81d98863..f289b0fd 100644 --- a/djangorestframework/tokenauth/models.py +++ b/djangorestframework/tokenauth/models.py @@ -1,25 +1,15 @@ import uuid from django.db import models -class BaseToken(models.Model): +class BasicToken(models.Model): """ - The base abstract authorization token model class. + The default authorization token model class. """ key = models.CharField(max_length=32, primary_key=True, blank=True) user = models.ForeignKey('auth.User') revoked = models.BooleanField(default=False) - class Meta: - abstract=True - def save(self, *args, **kwargs): if not self.key: self.key = uuid.uuid4().hex - return super(BaseToken, self).save(*args, **kwargs) - - -class BasicToken(BaseToken): - """ - The default authorization token model class. - """ - pass + return super(BasicToken, self).save(*args, **kwargs) -- cgit v1.2.3 From 7d9125bcb69950e54bb9c2ca61f59403c1018178 Mon Sep 17 00:00:00 2001 From: Mjumbe Wawatu Poe Date: Fri, 7 Sep 2012 17:05:21 -0400 Subject: Fix Django 1.3 compatibility --- djangorestframework/compat.py | 53 +++++++++++++++++++++++++++++++++++ djangorestframework/fields.py | 6 ++-- djangorestframework/settings.py | 5 +++- djangorestframework/utils/encoders.py | 4 +-- 4 files changed, 62 insertions(+), 6 deletions(-) (limited to 'djangorestframework') diff --git a/djangorestframework/compat.py b/djangorestframework/compat.py index 7ced70c5..f21dc4ef 100644 --- a/djangorestframework/compat.py +++ b/djangorestframework/compat.py @@ -366,6 +366,59 @@ else: return self._accept(request) +# timezone support is new in Django 1.4 +try: + from django.utils import timezone +except ImportError: + timezone = None + +# dateparse is ALSO new in Django 1.4 +try: + from django.utils.dateparse import parse_date, parse_datetime +except ImportError: + import datetime + import re + + date_re = re.compile( + r'(?P\d{4})-(?P\d{1,2})-(?P\d{1,2})$' + ) + + datetime_re = re.compile( + r'(?P\d{4})-(?P\d{1,2})-(?P\d{1,2})' + r'[T ](?P\d{1,2}):(?P\d{1,2})' + r'(?::(?P\d{1,2})(?:\.(?P\d{1,6})\d{0,6})?)?' + r'(?PZ|[+-]\d{1,2}:\d{1,2})?$' + ) + + time_re = re.compile( + r'(?P\d{1,2}):(?P\d{1,2})' + r'(?::(?P\d{1,2})(?:\.(?P\d{1,6})\d{0,6})?)?' + ) + + def parse_date(value): + match = date_re.match(value) + if match: + kw = dict((k, int(v)) for k, v in match.groupdict().iteritems()) + return datetime.date(**kw) + + def parse_time(value): + match = time_re.match(value) + if match: + kw = match.groupdict() + if kw['microsecond']: + kw['microsecond'] = kw['microsecond'].ljust(6, '0') + kw = dict((k, int(v)) for k, v in kw.iteritems() if v is not None) + return datetime.time(**kw) + + def parse_datetime(value): + """Parse datetime, but w/o the timezone awareness in 1.4""" + match = datetime_re.match(value) + if match: + kw = match.groupdict() + if kw['microsecond']: + kw['microsecond'] = kw['microsecond'].ljust(6, '0') + kw = dict((k, int(v)) for k, v in kw.iteritems() if v is not None) + return datetime.datetime(**kw) # Markdown is optional try: diff --git a/djangorestframework/fields.py b/djangorestframework/fields.py index a44eb417..13b0e37d 100644 --- a/djangorestframework/fields.py +++ b/djangorestframework/fields.py @@ -8,10 +8,10 @@ from django.core.exceptions import ValidationError from django.conf import settings from django.db import DEFAULT_DB_ALIAS from django.db.models.related import RelatedObject -from django.utils import timezone -from django.utils.dateparse import parse_date, parse_datetime from django.utils.encoding import is_protected_type, smart_unicode from django.utils.translation import ugettext_lazy as _ +from djangorestframework.compat import parse_date, parse_datetime +from djangorestframework.compat import timezone def is_simple_callable(obj): @@ -317,7 +317,7 @@ class DateField(Field): if value is None: return value if isinstance(value, datetime.datetime): - if settings.USE_TZ and timezone.is_aware(value): + if timezone and settings.USE_TZ and timezone.is_aware(value): # Convert aware datetimes to the default time zone # before casting them to dates (#17742). default_timezone = timezone.get_default_timezone() diff --git a/djangorestframework/settings.py b/djangorestframework/settings.py index 8bb03555..e5181f4b 100644 --- a/djangorestframework/settings.py +++ b/djangorestframework/settings.py @@ -88,7 +88,10 @@ def import_from_string(val, setting): module_path, class_name = '.'.join(parts[:-1]), parts[-1] module = importlib.import_module(module_path) return getattr(module, class_name) - except: + except Exception, e: + import traceback + tb = traceback.format_exc() + import pdb; pdb.set_trace() msg = "Could not import '%s' for API setting '%s'" % (val, setting) raise ImportError(msg) diff --git a/djangorestframework/utils/encoders.py b/djangorestframework/utils/encoders.py index ba7c8553..74876017 100644 --- a/djangorestframework/utils/encoders.py +++ b/djangorestframework/utils/encoders.py @@ -3,8 +3,8 @@ Helper classes for parsers. """ import datetime import decimal -from django.utils import timezone from django.utils import simplejson as json +from djangorestframework.compat import timezone class JSONEncoder(json.JSONEncoder): @@ -25,7 +25,7 @@ class JSONEncoder(json.JSONEncoder): elif isinstance(o, datetime.date): return o.isoformat() elif isinstance(o, datetime.time): - if timezone.is_aware(o): + if timezone and timezone.is_aware(o): raise ValueError("JSON can't represent timezone-aware times.") r = o.isoformat() if o.microsecond: -- cgit v1.2.3 From f729d0eb0b8901f18799bb714c60d54c73a1ec98 Mon Sep 17 00:00:00 2001 From: Mjumbe Wawatu Poe Date: Fri, 7 Sep 2012 18:44:57 -0400 Subject: Fix Django master support. - Explicitly encode PUT data as multipart, as Django 1.5 no longer does so by default in the test client --- djangorestframework/tests/request.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'djangorestframework') diff --git a/djangorestframework/tests/request.py b/djangorestframework/tests/request.py index 2bb90c0a..ede5d5d7 100644 --- a/djangorestframework/tests/request.py +++ b/djangorestframework/tests/request.py @@ -4,6 +4,7 @@ Tests for content parsing, and form-overloaded content parsing. from django.conf.urls.defaults import patterns from django.contrib.auth.models import User from django.test import TestCase, Client +from django.test.client import MULTIPART_CONTENT, BOUNDARY, encode_multipart from djangorestframework import status from djangorestframework.authentication import SessionAuthentication @@ -94,7 +95,8 @@ class TestContentParsing(TestCase): """ data = {'qwerty': 'uiop'} parsers = (FormParser, MultiPartParser) - request = factory.put('/', data, parsers=parsers) + request = factory.put('/', encode_multipart(BOUNDARY, data), parsers=parsers, + content_type=MULTIPART_CONTENT) self.assertEqual(request.DATA.items(), data.items()) def test_standard_behaviour_determines_non_form_content_PUT(self): -- cgit v1.2.3 From 9c007a6197ca5125bed774cf3089de7759e755d1 Mon Sep 17 00:00:00 2001 From: Mjumbe Wawatu Poe Date: Fri, 7 Sep 2012 19:14:20 -0400 Subject: Fix the tests on 1.3 and HEAD In the latest Django master code, RequestFactory.put behaves fundamentally differently than it did pre-1.5. By default, it expects an octet string as opposed to a dictionary that it will encode like a multipart form. So, for 1.5 and on, we have to be explicit about the multipart type and pre-encode the data. However, pre-1.5 Django expects a dictionary if the content type is multipart. So, the cleanest thing to do is explicitly handle the versions independently. --- djangorestframework/tests/request.py | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) (limited to 'djangorestframework') diff --git a/djangorestframework/tests/request.py b/djangorestframework/tests/request.py index ede5d5d7..8b2f66ee 100644 --- a/djangorestframework/tests/request.py +++ b/djangorestframework/tests/request.py @@ -4,7 +4,6 @@ Tests for content parsing, and form-overloaded content parsing. from django.conf.urls.defaults import patterns from django.contrib.auth.models import User from django.test import TestCase, Client -from django.test.client import MULTIPART_CONTENT, BOUNDARY, encode_multipart from djangorestframework import status from djangorestframework.authentication import SessionAuthentication @@ -95,8 +94,16 @@ class TestContentParsing(TestCase): """ data = {'qwerty': 'uiop'} parsers = (FormParser, MultiPartParser) - request = factory.put('/', encode_multipart(BOUNDARY, data), parsers=parsers, - content_type=MULTIPART_CONTENT) + + from django import VERSION + + if VERSION >= (1, 5): + from django.test.client import MULTIPART_CONTENT, BOUNDARY, encode_multipart + request = factory.put('/', encode_multipart(BOUNDARY, data), parsers=parsers, + content_type=MULTIPART_CONTENT) + else: + request = factory.put('/', data, parsers=parsers) + self.assertEqual(request.DATA.items(), data.items()) def test_standard_behaviour_determines_non_form_content_PUT(self): -- cgit v1.2.3 From 024780a974eed66a45f27f27cfbec28bd1432d07 Mon Sep 17 00:00:00 2001 From: Marko Tibold Date: Sat, 8 Sep 2012 18:18:05 +0200 Subject: Fields are showing up again. Still WIP. --- djangorestframework/renderers.py | 45 +++++++++------------- .../templates/djangorestframework/base.html | 5 +-- 2 files changed, 20 insertions(+), 30 deletions(-) (limited to 'djangorestframework') diff --git a/djangorestframework/renderers.py b/djangorestframework/renderers.py index 4f8225b1..4a14d5ee 100644 --- a/djangorestframework/renderers.py +++ b/djangorestframework/renderers.py @@ -16,6 +16,7 @@ from djangorestframework.utils import encoders from djangorestframework.utils.breadcrumbs import get_breadcrumbs from djangorestframework.utils.mediatypes import get_media_type_params, add_media_type_param, media_type_matches from djangorestframework import VERSION +from djangorestframework.fields import FloatField, IntegerField, DateTimeField, DateField, EmailField, CharField, BooleanField import string @@ -234,32 +235,24 @@ class DocumentingTemplateRenderer(BaseRenderer): provide a form that can be used to submit arbitrary content. """ - # Get the form instance if we have one bound to the input - form_instance = None - if method == getattr(view, 'method', view.request.method).lower(): - form_instance = getattr(view, 'bound_form_instance', None) - - if not form_instance and hasattr(view, 'get_bound_form'): - # Otherwise if we have a response that is valid against the form then use that - if view.response.has_content_body: - try: - form_instance = view.get_bound_form(view.response.cleaned_content, method=method) - if form_instance and not form_instance.is_valid(): - form_instance = None - except Exception: - form_instance = None - - # If we still don't have a form instance then try to get an unbound form - if not form_instance: - try: - form_instance = view.get_bound_form(method=method) - except Exception: - pass - - # If we still don't have a form instance then try to get an unbound form which can tunnel arbitrary content types - if not form_instance: - form_instance = self._get_generic_content_form(view) - + # We need to map our Fields to Django's Fields. + field_mapping = dict([ + [FloatField.__name__, forms.FloatField], + [IntegerField.__name__, forms.IntegerField], + [DateTimeField.__name__, forms.DateTimeField], + [DateField.__name__, forms.DateField], + [EmailField.__name__, forms.EmailField], + [CharField.__name__, forms.CharField], + [BooleanField.__name__, forms.BooleanField] + ]) + + # Creating an on the fly form see: http://stackoverflow.com/questions/3915024/dynamically-creating-classes-python + fields = {} + for k, v in self.view.get_serializer().fields.items(): + fields[k] = field_mapping[v.__class__.__name__]() + OnTheFlyForm = type("OnTheFlyForm", (forms.Form,), fields) + + form_instance = OnTheFlyForm(self.view.get_serializer().data) return form_instance def _get_generic_content_form(self, view): diff --git a/djangorestframework/templates/djangorestframework/base.html b/djangorestframework/templates/djangorestframework/base.html index d33c5393..97e81bbe 100644 --- a/djangorestframework/templates/djangorestframework/base.html +++ b/djangorestframework/templates/djangorestframework/base.html @@ -78,8 +78,6 @@ {% endif %} - {% comment %} - DROP POST/PUT/DELETE until the forms are working with REST framework 2 {# Only display the POST/PUT/DELETE forms if method tunneling via POST forms is enabled and the user has permissions on this view. #} {% if response.status_code != 403 %} @@ -90,7 +88,7 @@

POST {{ name }}

{% csrf_token %} {{ post_form.non_field_errors }} - {% for field in post_form %} + {% for field in post_form %}
{{ field.label_tag }} {{ field }} @@ -141,7 +139,6 @@ {% endif %} {% endif %} - {% endcomment %}
-- cgit v1.2.3 From 55f7dd9bcede90d6c5596e357035007b26a98dba Mon Sep 17 00:00:00 2001 From: Marko Tibold Date: Sat, 8 Sep 2012 21:56:18 +0200 Subject: `error_data` -> `errors` Prefill form for instance view. --- djangorestframework/mixins.py | 2 +- djangorestframework/renderers.py | 11 ++++++++--- 2 files changed, 9 insertions(+), 4 deletions(-) (limited to 'djangorestframework') diff --git a/djangorestframework/mixins.py b/djangorestframework/mixins.py index 6ab7ab6e..1f06dd34 100644 --- a/djangorestframework/mixins.py +++ b/djangorestframework/mixins.py @@ -22,7 +22,7 @@ class CreateModelMixin(object): self.object = serializer.object self.object.save() return Response(serializer.data, status=status.HTTP_201_CREATED) - return Response(serializer.error_data, status=status.HTTP_400_BAD_REQUEST) + return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST) class ListModelMixin(object): diff --git a/djangorestframework/renderers.py b/djangorestframework/renderers.py index 4a14d5ee..a94fcd5c 100644 --- a/djangorestframework/renderers.py +++ b/djangorestframework/renderers.py @@ -248,11 +248,16 @@ class DocumentingTemplateRenderer(BaseRenderer): # Creating an on the fly form see: http://stackoverflow.com/questions/3915024/dynamically-creating-classes-python fields = {} - for k, v in self.view.get_serializer().fields.items(): + object, data = None, None + if hasattr(self.view, 'object'): + object = self.view.object + serializer = self.view.get_serializer(instance=object) + for k, v in serializer.fields.items(): fields[k] = field_mapping[v.__class__.__name__]() OnTheFlyForm = type("OnTheFlyForm", (forms.Form,), fields) - - form_instance = OnTheFlyForm(self.view.get_serializer().data) + if object: + data = serializer.data + form_instance = OnTheFlyForm(data) return form_instance def _get_generic_content_form(self, view): -- cgit v1.2.3 From 59a0bc55af871a538843d1a6dd2442d374bd8b26 Mon Sep 17 00:00:00 2001 From: Marko Tibold Date: Sat, 8 Sep 2012 22:01:12 +0200 Subject: Don't fill in the form after a DELETE. --- djangorestframework/renderers.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'djangorestframework') diff --git a/djangorestframework/renderers.py b/djangorestframework/renderers.py index a94fcd5c..6d00c4c5 100644 --- a/djangorestframework/renderers.py +++ b/djangorestframework/renderers.py @@ -255,7 +255,7 @@ class DocumentingTemplateRenderer(BaseRenderer): for k, v in serializer.fields.items(): fields[k] = field_mapping[v.__class__.__name__]() OnTheFlyForm = type("OnTheFlyForm", (forms.Form,), fields) - if object: + if object and not self.view.request.method == 'DELETE': # Don't fill in the form when the object is deleted data = serializer.data form_instance = OnTheFlyForm(data) return form_instance -- cgit v1.2.3 From ef0bf1e775161578ab16be165d4bdb8003040f6c Mon Sep 17 00:00:00 2001 From: Marko Tibold Date: Sat, 8 Sep 2012 22:50:54 +0200 Subject: Fix failing test. --- djangorestframework/renderers.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'djangorestframework') diff --git a/djangorestframework/renderers.py b/djangorestframework/renderers.py index 6d00c4c5..45cdbbbb 100644 --- a/djangorestframework/renderers.py +++ b/djangorestframework/renderers.py @@ -234,7 +234,8 @@ class DocumentingTemplateRenderer(BaseRenderer): In the absence on of the Resource having an associated form then provide a form that can be used to submit arbitrary content. """ - + if not hasattr(self.view, 'get_serializer'): # No serializer, no form. + return # We need to map our Fields to Django's Fields. field_mapping = dict([ [FloatField.__name__, forms.FloatField], -- cgit v1.2.3