From 20424251a3da82681fee04c66b7be0c7d3a40fec Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Fri, 19 Sep 2014 14:26:28 +0100 Subject: Version 2.4.3 --- docs/topics/release-notes.md | 23 ++++++++++++++++++++--- 1 file changed, 20 insertions(+), 3 deletions(-) (limited to 'docs') diff --git a/docs/topics/release-notes.md b/docs/topics/release-notes.md index d758ae6a..2174cdda 100644 --- a/docs/topics/release-notes.md +++ b/docs/topics/release-notes.md @@ -40,21 +40,37 @@ You can determine your currently installed version using `pip freeze`: ## 2.4.x series +### 2.4.3 + +**Date**: [19th September 2014](https://github.com/tomchristie/django-rest-framework/issues?q=milestone%3A%222.4.3+Release%22+). + +* Support translatable view docstrings being displayed in the browsable API. +* Support [encoded `filename*`][rfc-6266] in raw file uploads with `FileUploadParser`. +* Allow routers to support viewsets that don't include any list routes or that don't include any detail routes. +* Don't render an empty login control in browsable API if `login` view is not included. +* CSRF exemption performed in `.as_view()` to prevent accidental omission if overriding `.dispatch()`. +* Login on browsable API now displays validation errors. +* Bugfix: Fix migration in `authtoken` application. +* Bugfix: Allow selection of integer keys in nested choices. +* Bugfix: Return `None` instead of `'None'` in `CharField` with `allow_none=True`. +* Bugfix: Ensure custom model fields map to equivelent serializer fields more reliably. +* Bugfix: `DjangoFilterBackend` no longer quietly changes queryset ordering. + ### 2.4.2 -**Date**: 3rd September 2014 +**Date**: [3rd September 2014](https://github.com/tomchristie/django-rest-framework/issues?q=milestone%3A%222.4.2+Release%22+). * Bugfix: Fix broken pagination for 2.4.x series. ### 2.4.1 -**Date**: 1st September 2014 +**Date**: [1st September 2014](https://github.com/tomchristie/django-rest-framework/issues?q=milestone%3A%222.4.1+Release%22+). * Bugfix: Fix broken login template for browsable API. ### 2.4.0 -**Date**: 29th August 2014 +**Date**: [29th August 2014](https://github.com/tomchristie/django-rest-framework/issues?q=milestone%3A%222.4.0+Release%22+). **Django version requirements**: The lowest supported version of Django is now 1.4.2. @@ -717,3 +733,4 @@ This change will not affect user code, so long as it's following the recommended [2.1.0-notes]: https://groups.google.com/d/topic/django-rest-framework/Vv2M0CMY9bg/discussion [announcement]: rest-framework-2-announcement.md [#582]: https://github.com/tomchristie/django-rest-framework/issues/582 +[rfc-6266]: http://tools.ietf.org/html/rfc6266#section-4.3 -- cgit v1.2.3 From 8495cd898a5d34f00858a379b54e39cd19ded215 Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Fri, 19 Sep 2014 14:31:28 +0100 Subject: Drop 'No major point releases are currently planned.', cos they are. --- docs/topics/release-notes.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/topics/release-notes.md b/docs/topics/release-notes.md index 2174cdda..16589f3b 100644 --- a/docs/topics/release-notes.md +++ b/docs/topics/release-notes.md @@ -10,7 +10,7 @@ Minor version numbers (0.0.x) are used for changes that are API compatible. You Medium version numbers (0.x.0) may include API changes, in line with the [deprecation policy][deprecation-policy]. You should read the release notes carefully before upgrading between medium point releases. -Major version numbers (x.0.0) are reserved for substantial project milestones. No major point releases are currently planned. +Major version numbers (x.0.0) are reserved for substantial project milestones. ## Deprecation policy -- cgit v1.2.3 From c0150e619ca02a69d87c335a70c47644e9b2e509 Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Fri, 19 Sep 2014 14:59:59 +0100 Subject: Add BaseSerializer heading --- docs/topics/3.0-announcement.md | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'docs') diff --git a/docs/topics/3.0-announcement.md b/docs/topics/3.0-announcement.md index 029d9896..cd883cdd 100644 --- a/docs/topics/3.0-announcement.md +++ b/docs/topics/3.0-announcement.md @@ -30,6 +30,10 @@ See the [Version 3.0 GitHub issue](https://github.com/tomchristie/django-rest-fr **TODO**: Drop`.object`, use `.validated_data` or get the instance with `.save()`. +#### The `BaseSerializer` class. + +**TODO** + #### Always use `fields`, not `exclude`. The `exclude` option is no longer available. You should use the more explicit `fields` option instead. -- cgit v1.2.3 From da385c9c1f9deeeefd705154a6e6612d6d62f41b Mon Sep 17 00:00:00 2001 From: Collin Anderson Date: Tue, 23 Sep 2014 17:08:38 -0400 Subject: remove patterns and strings from urls #1898 --- docs/api-guide/authentication.md | 7 ++++--- docs/api-guide/format-suffixes.md | 13 +++++++------ docs/index.md | 4 ++-- docs/topics/2.3-announcement.md | 6 +++--- docs/tutorial/1-serialization.md | 13 +++++++------ docs/tutorial/2-requests-and-responses.md | 9 +++++---- docs/tutorial/3-class-based-views.md | 4 ++-- docs/tutorial/4-authentication-and-permissions.md | 4 ++-- docs/tutorial/5-relationships-and-hyperlinked-apis.md | 10 +++++----- docs/tutorial/6-viewsets-and-routers.md | 12 ++++++------ 10 files changed, 43 insertions(+), 39 deletions(-) (limited to 'docs') diff --git a/docs/api-guide/authentication.md b/docs/api-guide/authentication.md index 343466ee..0ec5bad1 100755 --- a/docs/api-guide/authentication.md +++ b/docs/api-guide/authentication.md @@ -190,9 +190,10 @@ If you've already created some users, you can generate tokens for all existing u When using `TokenAuthentication`, you may want to provide a mechanism for clients to obtain a token given the username and password. REST framework provides a built-in view to provide this behavior. To use it, add the `obtain_auth_token` view to your URLconf: - urlpatterns += patterns('', - url(r'^api-token-auth/', 'rest_framework.authtoken.views.obtain_auth_token') - ) + from rest_framework.authtoken import views + urlpatterns += [ + url(r'^api-token-auth/', views.obtain_auth_token) + ] Note that the URL part of the pattern can be whatever you want to use. diff --git a/docs/api-guide/format-suffixes.md b/docs/api-guide/format-suffixes.md index 529738e3..76a3367b 100644 --- a/docs/api-guide/format-suffixes.md +++ b/docs/api-guide/format-suffixes.md @@ -26,12 +26,13 @@ Arguments: Example: from rest_framework.urlpatterns import format_suffix_patterns - - urlpatterns = patterns('blog.views', - url(r'^/$', 'api_root'), - url(r'^comments/$', 'comment_list'), - url(r'^comments/(?P[0-9]+)/$', 'comment_detail') - ) + from blog import views + + urlpatterns = [ + url(r'^/$', views.apt_root), + url(r'^comments/$', views.comment_list), + url(r'^comments/(?P[0-9]+)/$', views.comment_detail) + ] urlpatterns = format_suffix_patterns(urlpatterns, allowed=['json', 'html']) diff --git a/docs/index.md b/docs/index.md index 6dcb962f..e4c971f9 100644 --- a/docs/index.md +++ b/docs/index.md @@ -85,10 +85,10 @@ Add `'rest_framework'` to your `INSTALLED_APPS` setting. If you're intending to use the browsable API you'll probably also want to add REST framework's login and logout views. Add the following to your root `urls.py` file. - urlpatterns = patterns('', + urlpatterns = [ ... url(r'^api-auth/', include('rest_framework.urls', namespace='rest_framework')) - ) + ] Note that the URL path can be whatever you want, but you must include `'rest_framework.urls'` with the `'rest_framework'` namespace. diff --git a/docs/topics/2.3-announcement.md b/docs/topics/2.3-announcement.md index ba435145..7c800afa 100644 --- a/docs/topics/2.3-announcement.md +++ b/docs/topics/2.3-announcement.md @@ -15,7 +15,7 @@ As an example of just how simple REST framework APIs can now be, here's an API w """ A REST framework API for viewing and editing users and groups. """ - from django.conf.urls.defaults import url, patterns, include + from django.conf.urls.defaults import url, include from django.contrib.auth.models import User, Group from rest_framework import viewsets, routers @@ -36,10 +36,10 @@ As an example of just how simple REST framework APIs can now be, here's an API w # Wire up our API using automatic URL routing. # Additionally, we include login URLs for the browseable API. - urlpatterns = patterns('', + urlpatterns = [ url(r'^', include(router.urls)), url(r'^api-auth/', include('rest_framework.urls', namespace='rest_framework')) - ) + ] The best place to get started with ViewSets and Routers is to take a look at the [newest section in the tutorial][part-6], which demonstrates their usage. diff --git a/docs/tutorial/1-serialization.md b/docs/tutorial/1-serialization.md index 96214f5b..b0565d91 100644 --- a/docs/tutorial/1-serialization.md +++ b/docs/tutorial/1-serialization.md @@ -64,9 +64,9 @@ We'll also need to add our new `snippets` app and the `rest_framework` app to `I We also need to wire up the root urlconf, in the `tutorial/urls.py` file, to include our snippet app's URLs. - urlpatterns = patterns('', + urlpatterns = [ url(r'^', include('snippets.urls')), - ) + ] Okay, we're ready to roll. @@ -297,11 +297,12 @@ We'll also need a view which corresponds to an individual snippet, and can be us Finally we need to wire these views up. Create the `snippets/urls.py` file: from django.conf.urls import patterns, url + from snippets import views - urlpatterns = patterns('snippets.views', - url(r'^snippets/$', 'snippet_list'), - url(r'^snippets/(?P[0-9]+)/$', 'snippet_detail'), - ) + urlpatterns = [ + url(r'^snippets/$', views.snippet_list), + url(r'^snippets/(?P[0-9]+)/$', views.snippet_detail), + ] It's worth noting that there are a couple of edge cases we're not dealing with properly at the moment. If we send malformed `json`, or if a request is made with a method that the view doesn't handle, then we'll end up with a 500 "server error" response. Still, this'll do for now. diff --git a/docs/tutorial/2-requests-and-responses.md b/docs/tutorial/2-requests-and-responses.md index e70bbbfc..136b0135 100644 --- a/docs/tutorial/2-requests-and-responses.md +++ b/docs/tutorial/2-requests-and-responses.md @@ -110,11 +110,12 @@ Now update the `urls.py` file slightly, to append a set of `format_suffix_patter from django.conf.urls import patterns, url from rest_framework.urlpatterns import format_suffix_patterns + from snippets import views - urlpatterns = patterns('snippets.views', - url(r'^snippets/$', 'snippet_list'), - url(r'^snippets/(?P[0-9]+)$', 'snippet_detail'), - ) + urlpatterns = [ + url(r'^snippets/$', views.snippet_list), + url(r'^snippets/(?P[0-9]+)$', views.snippet_detail), + ] urlpatterns = format_suffix_patterns(urlpatterns) diff --git a/docs/tutorial/3-class-based-views.md b/docs/tutorial/3-class-based-views.md index e04072ca..382f078a 100644 --- a/docs/tutorial/3-class-based-views.md +++ b/docs/tutorial/3-class-based-views.md @@ -68,10 +68,10 @@ We'll also need to refactor our `urls.py` slightly now we're using class based v from rest_framework.urlpatterns import format_suffix_patterns from snippets import views - urlpatterns = patterns('', + urlpatterns = [ url(r'^snippets/$', views.SnippetList.as_view()), url(r'^snippets/(?P[0-9]+)/$', views.SnippetDetail.as_view()), - ) + ] urlpatterns = format_suffix_patterns(urlpatterns) diff --git a/docs/tutorial/4-authentication-and-permissions.md b/docs/tutorial/4-authentication-and-permissions.md index 74ad9a55..9120e254 100644 --- a/docs/tutorial/4-authentication-and-permissions.md +++ b/docs/tutorial/4-authentication-and-permissions.md @@ -137,10 +137,10 @@ Add the following import at the top of the file: And, at the end of the file, add a pattern to include the login and logout views for the browsable API. - urlpatterns += patterns('', + urlpatterns += [ url(r'^api-auth/', include('rest_framework.urls', namespace='rest_framework')), - ) + ] The `r'^api-auth/'` part of pattern can actually be whatever URL you want to use. The only restriction is that the included urls must use the `'rest_framework'` namespace. diff --git a/docs/tutorial/5-relationships-and-hyperlinked-apis.md b/docs/tutorial/5-relationships-and-hyperlinked-apis.md index 9c61fe3d..36473ce9 100644 --- a/docs/tutorial/5-relationships-and-hyperlinked-apis.md +++ b/docs/tutorial/5-relationships-and-hyperlinked-apis.md @@ -108,8 +108,8 @@ If we're going to have a hyperlinked API, we need to make sure we name our URL p After adding all those names into our URLconf, our final `snippets/urls.py` file should look something like this: # API endpoints - urlpatterns = format_suffix_patterns(patterns('snippets.views', - url(r'^$', 'api_root'), + urlpatterns = format_suffix_patterns([ + url(r'^$', views.api_root), url(r'^snippets/$', views.SnippetList.as_view(), name='snippet-list'), @@ -125,13 +125,13 @@ After adding all those names into our URLconf, our final `snippets/urls.py` file url(r'^users/(?P[0-9]+)/$', views.UserDetail.as_view(), name='user-detail') - )) + ]) # Login and logout views for the browsable API - urlpatterns += patterns('', + urlpatterns += [ url(r'^api-auth/', include('rest_framework.urls', namespace='rest_framework')), - ) + ] ## Adding pagination diff --git a/docs/tutorial/6-viewsets-and-routers.md b/docs/tutorial/6-viewsets-and-routers.md index b2019520..cf37a260 100644 --- a/docs/tutorial/6-viewsets-and-routers.md +++ b/docs/tutorial/6-viewsets-and-routers.md @@ -87,14 +87,14 @@ Notice how we're creating multiple views from each `ViewSet` class, by binding t Now that we've bound our resources into concrete views, we can register the views with the URL conf as usual. - urlpatterns = format_suffix_patterns(patterns('snippets.views', - url(r'^$', 'api_root'), + urlpatterns = format_suffix_patterns([ + url(r'^$', api_root), url(r'^snippets/$', snippet_list, name='snippet-list'), url(r'^snippets/(?P[0-9]+)/$', snippet_detail, name='snippet-detail'), url(r'^snippets/(?P[0-9]+)/highlight/$', snippet_highlight, name='snippet-highlight'), url(r'^users/$', user_list, name='user-list'), url(r'^users/(?P[0-9]+)/$', user_detail, name='user-detail') - )) + ]) ## Using Routers @@ -102,7 +102,7 @@ Because we're using `ViewSet` classes rather than `View` classes, we actually do Here's our re-wired `urls.py` file. - from django.conf.urls import patterns, url, include + from django.conf.urls import url, include from snippets import views from rest_framework.routers import DefaultRouter @@ -113,10 +113,10 @@ Here's our re-wired `urls.py` file. # The API URLs are now determined automatically by the router. # Additionally, we include the login URLs for the browseable API. - urlpatterns = patterns('', + urlpatterns = [ url(r'^', include(router.urls)), url(r'^api-auth/', include('rest_framework.urls', namespace='rest_framework')) - ) + ] Registering the viewsets with the router is similar to providing a urlpattern. We include two arguments - the URL prefix for the views, and the viewset itself. -- cgit v1.2.3 From 2859eaf524bca23f27e666d24a0b63ba61698a76 Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Fri, 26 Sep 2014 10:46:52 +0100 Subject: request.data attribute --- docs/topics/3.0-announcement.md | 344 +++++++++++++++++++++++++++++++++++++--- 1 file changed, 323 insertions(+), 21 deletions(-) (limited to 'docs') diff --git a/docs/topics/3.0-announcement.md b/docs/topics/3.0-announcement.md index cd883cdd..1795611c 100644 --- a/docs/topics/3.0-announcement.md +++ b/docs/topics/3.0-announcement.md @@ -4,36 +4,65 @@ See the [Version 3.0 GitHub issue](https://github.com/tomchristie/django-rest-fr # REST framework 3.0 -**Note incremental nature, discuss upgrading.** +**TODO**: Note incremental nature, discuss upgrading, motivation, features. -## Motivation - -**TODO** +* Serializer reprs. +* Non-magical model serializers. +* Base serializer class. +* Clean logic in views, serializers, fields. --- ## Request objects -#### The `request.data` property. +#### The `.data` and `.query_params` properties. -**TODO** +The usage of `request.DATA` and `request.FILES` is now discouraged in favor of a single `request.data` attribute that contains *all* the parsed data. -#### The parser API. +Having seperate attributes is reasonable for web applications that only ever parse URL encoded or MultiPart requests, but makes less sense for the general-purpose request parsing that REST framework supports. -**TODO** +You may now pass all the request data to a serializer class in a single argument: + + ExampleSerializer(data=request.data) + +Instead of passing the files argument seperately: + + # Don't do this... + ExampleSerializer(data=request.DATA, files=request.FILES) + + +The usage of `request.QUERY_PARAMS` is now discouraged in favor of the lowercased `request.query_params`. ## Serializers #### Single-step object creation. +#### The `.create()` and `.update()` methods. + **TODO**: Drop `.restore_object()`, use `.create()` and `.update()` which should save the instance. -**TODO**: Drop`.object`, use `.validated_data` or get the instance with `.save()`. +#### Use `.validated_data` instead of `.object`. -#### The `BaseSerializer` class. +You must now use the `.validated_data` attribute if you need to inspect the data before saving, rather than using the `.object` attribute, which no longer exists. -**TODO** +For example the following code *is no longer valid*: + + if serializer.is_valid(): + name = serializer.object.name # Inspect validated field data. + logging.info('Creating ticket "%s"' % name) + serializer.object.user = request.user # Include the user when saving. + serializer.save() +Instead of using `.object` to inspect a partially constructed instance, you would now use `.validated_data` to inspect the cleaned incoming values. Also you can't set extra attributes on the instance directly, but instead pass them to the `.save()` method using the `extras` keyword argument. + +The corresponding code would now look like this: + + if serializer.is_valid(): + name = serializer.validated_data['name'] # Inspect validated field data. + logging.info('Creating ticket "%s"' % name) + extras = {'user': request.user} # Include the user when saving. + serializer.save(extras=extras) + #### Always use `fields`, not `exclude`. The `exclude` option is no longer available. You should use the more explicit `fields` option instead. @@ -111,42 +140,287 @@ These fields will be mapped to `serializers.ReadOnlyField()` instances. message = CharField(max_length=1000) expiry_date = ReadOnlyField() +#### The `ListSerializer` class. + +The `ListSerializer` class has now been added, and allows you to create base serializer classes for only accepting multiple inputs. + + class MultipleUserSerializer(ListSerializer): + child = UserSerializer() + +You can also still use the `many=True` argument to serializer classes. It's worth noting that `many=True` argument transparently creates a `ListSerializer` instance, allowing the validation logic for list and non-list data to be cleanly seperated in the REST framework codebase. + +See also the new `ListField` class, which validates input in the same way, but does not include the serializer interfaces of `.is_valid()`, `.data`, `.save()` and so on. + +#### The `BaseSerializer` class. + +REST framework now includes a simple `BaseSerializer` class that can be used to easily support alternative serialization and deserialization styles. + +This class implements the same basic API as the `Serializer` class: + +* `.data` - Returns the outgoing primative representation. +* `.is_valid()` - Deserializes and validates incoming data. +* `.validated_data` - Returns the validated incoming data. +* `.errors` - Returns an errors during validation. +* `.save()` - Persists the validated data into an object instance. + +There are four mathods that can be overriding, depending on what functionality you want the serializer class to support: + +* `.to_representation()` - Override this to support serialization, for read operations. +* `.to_internal_value()` - Override this to support deserialization, for write operations. +* `.create()` and `.update()` - Overide either or both of these to support saving instances. + +##### Read-only serializers. + +To implement a read-only serializer using the `BaseSerializer` class, we just need to override the `.to_representation()` method. Let's take a look at an example using a simple Django model: + + class HighScore(models.Model): + created = models.DateTimeField(auto_now_add=True) + player_name = models.CharField(max_length=10) + score = models.IntegerField() + +It's simple to create a read-only serializer for converting `HighScore` instances into primative data types. + + class HighScoreSerializer(serializers.BaseSerializer): + def to_representation(self, obj): + return { + 'score': obj.score, + 'player_name': obj.player_name + } + +We can now use this class to serialize single `HighScore` instances: + + @api_view(['GET']) + def high_score(request, pk): + instance = HighScore.objects.get(pk=pk) + serializer = HighScoreSerializer(instance) + return Response(serializer.data) + +Or use it to serialize multiple instances: + + @api_view(['GET']) + def all_high_scores(request): + queryset = HighScore.objects.order_by('-score') + serializer = HighScoreSerializer(queryset, many=True) + return Response(serializer.data) + +##### Read-write serializers. + +To create a read-write serializer we first need to implement a `.to_internal_value()` method. This method returns the validated values that will be used to construct the object instance, and may raise a `ValidationError` if the supplied data is in an incorrect format. + +Once you've implemented `.to_internal_value()`, the basic validation API will be available on the serializer, and you will be able to use `.is_valid()`, `.validated_data` and `.errors`. + +If you want to also support `.save()` you'll need to also implement either or both of the `.create()` and `.update()` methods. + +Here's a complete example of our previous `HighScoreSerializer`, that's been updated to support both read and write operations. + + class HighScoreSerializer(serializers.BaseSerializer): + def to_internal_value(self, data): + score = data.get('score') + player_name = data.get('player_name') + + # Perform the data validation. + if not score: + raise ValidationError({ + 'score': 'This field is required.' + }) + if not player_name: + raise ValidationError({ + 'player_name': 'This field is required.' + }) + if len(player_name) > 10: + raise ValidationError({ + 'player_name': 'May not be more than 10 characters.' + }) + + # Return the validated values. This will be available as + # the `.validated_data` property. + return { + 'score': int(score), + 'player_name': player_name + } + + def to_representation(self, obj): + return { + 'score': obj.score, + 'player_name': obj.player_name + } + + def create(self, validated_data): + return HighScore.objects.create(**validated_data) + +#### Creating new base classes with `BaseSerializer`. + +The `BaseSerializer` class is also useful if you want to implement new generic serializer classes for dealing with particular serialization styles or for integrating with different storage backends. + +The following class is an example of a generic serializer that can handle coercing aribitrary objects into primative representations. + + class ObjectSerializer(serializers.BaseSerializer): + """ + A read-only serializer that coerces arbitrary complex objects + into primative representations. + """ + def to_representation(self, obj): + for attribute_name in dir(obj): + attribute = getattr(obj, attribute_name) + if attribute_name('_'): + # Ignore private attributes. + pass + elif hasattr(attribute, '__call__'): + # Ignore methods and other callables. + pass + elif isinstance(attribute, (str, int, bool, float, type(None))): + # Primative types can be passed through unmodified. + output[attribute_name] = attribute + elif isinstance(attribute, list): + # Recursivly deal with items in lists. + output[attribute_name] = [ + self.to_representation(item) for item in attribute + ] + elif isinstance(attribute, dict): + # Recursivly deal with items in dictionarys. + output[attribute_name] = { + str(key): self.to_representation(value) + for key, value in attribute.items() + } + else: + # Force anything else to its string representation. + output[attribute_name] = str(attribute) ## Serializer fields #### The `Field` and `ReadOnly` field classes. -**TODO** +There are some minor tweaks to the field base classes. + +Previously we had these two base classes: + +* `Field` as the base class for read-only fields. A default implementation was included for serializing data. +* `WriteableField` as the base class for read-write fields. + +We now use the following: + +* `Field` is the base class for all fields. It does not include any default implementation for either serializing or deserializing data. +* `ReadOnlyField` is a concrete implementation for read-only fields that simply returns the attribute value without modification. + +#### The `required`, `allow_none`, `allow_blank` and `default` arguments. + +REST framework now has more explict and clear control over validating empty values for fields. + +Previously the meaning of the `required=False` keyword argument was underspecified. In practice it's use meant that a field could either be not included in the input, or it could be included, but be `None`. + +We now have a better seperation, with seperate `required` and `allow_none` arguments. + +The following set of arguments are used to control validation of empty values: + +* `required=False`: The value does not need to be present in the input, and will not be passed to `.create()` or `.update()` if it is not seen. +* `default=`: The value does not need to be present in the input, and a default value will be passed to `.create()` or `.update()` if it is not seen. +* `allow_none=True`: `None` is a valid input. +* `allow_blank=True`: `''` is valid input. For `CharField` and subclasses only. + +Typically you'll want to use `required=False` if the corresponding model field has a default value, and additionally set either `allow_none=True` or `allow_blank=True` if required. + +The `default` argument is there if you need it, but you'll more typically want defaults to be set on model fields, rather than serializer fields. #### Coercing output types. -**TODO** +The previous field implementations did not forcibly coerce returned values into the correct type in many cases. For example, an `IntegerField` would return a string output if the attribute value was a string. We now more strictly coerce to the correct return type, leading to more constrained and expected behavior. -#### The `ListSerializer` class. +#### The `ListField` class. -**TODO** +The `ListField` class has now been added. This field validates list input. It takes a `child` keyword argument which is used to specify the field used to validate each item in the list. For example: + + scores = ListField(child=IntegerField(min_value=0, max_value=100)) + +You can also use a declarative style to create new subclasses of `ListField`, like this: + + class ScoresField(ListField): + child = IntegerField(min_value=0, max_value=100) + +We can now use the `ScoresField` class inside another serializer: + + scores = ScoresField() + +See also the new `ListSerializer` class, which validates input in the same way, but also includes the serializer interfaces of `.is_valid()`, `.data`, `.save()` and so on. + +#### The `ChoiceField` class may now accept a flat list. + +The `ChoiceField` class may now accept a list of choices in addition to the existing style of using a list of pairs of `(name, display_value)`. The following is now valid: + + color = ChoiceField(choices=['red', 'green', 'blue']) #### The `MultipleChoiceField` class. -**TODO** +The `MultipleChoiceField` class has been added. This field acts like `ChoiceField`, but returns a set, which may include none, one or many of the valid choices. #### Changes to the custom field API. -**TODO** `to_representation`, `to_internal_value`. +The `from_native(self, value)` and `to_native(self, data)` method names have been replaced with the more obviously named `to_representation(self, value)` and `to_internal_value(self, data)`. -#### Explicit `querysets` required on relational fields. +The `field_from_native()` and `field_to_native()` methods are removed. -**TODO** +#### Explicit `queryset` required on relational fields. + +Previously relational fields that were explicitly declared on a serializer class could omit the queryset argument if (and only if) they were declared on a `ModelSerializer`. + +This code *would be valid* in `2.4.3`: + + class AccountSerializer(serializers.ModelSerializer): + organisations = serializers.SlugRelatedField(slug_field='name') + + class Meta: + model = Account + +However this code *would not be valid* in `2.4.3`: + + # Missing `queryset` + class AccountSerializer(serializers.Serializer): + organisations = serializers.SlugRelatedField(slug_field='name') + + def restore_object(self, attrs, instance=None): + # ... + +The queryset argument is now always required for writable relational fields. +This removes some magic and makes it easier and more obvious to move between implict `ModelSerializer` classes and explicit `Serializer` classes. + + class AccountSerializer(serializers.ModelSerializer): + organisations = serializers.SlugRelatedField( + slug_field='name', + queryset=Organisation.objects.all() + ) + + class Meta: + model = Account + +The `queryset` argument is only ever required for writable fields, and is not required or valid for fields with `read_only=True`. #### Optional argument to `SerializerMethodField`. -**TODO** +The argument to `SerializerMethodField` is now optional, and defaults to `get_`. For example the following is valid: + + class AccountSerializer(serializers.Serializer): + # `method_name='get_billing_details'` by default. + billing_details = serializers.SerializerMethodField() + + def get_billing_details(self, account): + return calculate_billing(account) + +In order to ensure a consistent code style an assertion error will be raised if you include a redundant method name argument that matches the default method name. For example, the following code *will raise an error*: + + billing_details = serializers.SerializerMethodField('get_billing_details') + +#### Enforcing consistent `source` usage. + +I've see several codebases that unneccessarily include the `source` argument, setting it to the same value as the field name. This usage is redundant and confusing, making it less obvious that `source` is usually not required. + +The following usage will *now raise an error*: + + email = serializers.EmailField(source='email') ## Generic views #### Simplification of view logic. -**TODO** +The view logic for the default method handlers has been significantly simplified, due to the new serializers API. #### Removal of pre/post save hooks. @@ -169,6 +443,20 @@ I would personally recommend that developers treat view instances as immutable o #### PUT as create. +Allowing `PUT` as create operations is problematic, as it neccessarily exposes information about the existence or non-existance of objects. It's also not obvious that transparently allowing re-creating of previously deleted instances is neccessarily a better default behavior than simply returning `404` responses. + +Both styles "`PUT` as 404" and "`PUT` as create" can be valid in different circumstances, but we've now opted for the 404 behavior as the default, due to it being simpler and more obvious. + +If you need to restore the previous behavior you can include the `AllowPUTAsCreateMixin` class in your view. This class can be imported from `rest_framework.mixins`. + +#### Customizing error responses. + +The generic views now raise `ValidationError` for invalid data. This exception is then dealt with by the exception handler, rather than the view returning a `400 Bad Request` response directly. + +This change means that you can now easily cusomize the style of error responses across your entire API, without having to modify any of the generic views. + +## The metadata API + **TODO** ## API style @@ -241,3 +529,17 @@ Or modify it on an individual serializer field, using the `corece_to_string` key ) The default JSON renderer will return float objects for uncoerced `Decimal` instances. This allows you to easily switch between string or float representations for decimals depending on your API design needs. + +## What's coming next. + +3.0 is an incremental release, and there are several upcoming features that will build on the baseline improvements that it makes. + +The 3.1 release is planned to address improvements in the following components: + +* Request parsing, mediatypes & the implementation of the browsable API. +* Introduction of a new pagination API. +* Better support for API versioning. + +The 3.2 release is planned to introduce an alternative admin-style interface to the browsable API. + +You can follow development on the GitHub site, where we use [milestones to indicate planning timescales](https://github.com/tomchristie/django-rest-framework/milestones). -- cgit v1.2.3 From 43e80c74b225e17edfe8a90da893823bf50b946f Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Fri, 26 Sep 2014 11:56:29 +0100 Subject: Release notes --- docs/topics/3.0-announcement.md | 79 +++++++++++++++++++++++++++++++++++++---- 1 file changed, 72 insertions(+), 7 deletions(-) (limited to 'docs') diff --git a/docs/topics/3.0-announcement.md b/docs/topics/3.0-announcement.md index 1795611c..35d725ff 100644 --- a/docs/topics/3.0-announcement.md +++ b/docs/topics/3.0-announcement.md @@ -4,12 +4,25 @@ See the [Version 3.0 GitHub issue](https://github.com/tomchristie/django-rest-fr # REST framework 3.0 -**TODO**: Note incremental nature, discuss upgrading, motivation, features. +The 3.0 release of Django REST framework is the result of almost four years of iteration and refinement. It comprehensively addresses some of the previous remaining design issues in serializers, fields and the generic views. -* Serializer reprs. -* Non-magical model serializers. -* Base serializer class. -* Clean logic in views, serializers, fields. +This release is incremental in nature. There *are* some breaking API changes, and upgrading *will* require you to read the release notes carefully, but the migration path should otherwise be relatively straightforward. + +The difference in quality of the REST framework API and implementation should make writing, maintaining and debugging your application far easier. + +## New features + +Notable features of this new release include: + +* Printable representations on serializers that allow you to inspect exactly what fields are present on the instance. +* Simple model serializers that are vastly easier to understand and debug, and that make it easy to switch between the implicit `ModelSerializer` class and the explicit `Serializer` class. +* A new `BaseSerializer` class, making it easier to write serializers for alternative storage backends, or to completely customize your serialization and validation logic. +* A cleaner fields API plus new `ListField` and `MultipleChoiceField` classes. +* Super simple default implementations for the generic views. +* Support for overriding how validation errors are handled by your API. +* A metadata API that allows you to customize how `OPTIONS` requests are handled by your API. + +Below is an in-depth guide to the API changes and migration notes for 3.0. --- @@ -37,9 +50,59 @@ The usage of `request.QUERY_PARAMS` is now discouraged in favor of the lowercase #### Single-step object creation. +Previously the serializers used a two-step object creation, as follows: + +1. Validating the data would create an object instance. This instance would be available as `serializer.object`. +2. Calling `serializer.save()` would then save the object instance to the database. + +This style is in line with how the `ModelForm` class works in Django, but is problematic for a number of reasons: + +* Some data, such as many-to-many relationships, cannot be added to the object instance until after it has been save. This type of data needed to be hidden in some undocumentated state on the object instance, or kept as state on the serializer instance so that it could be used when `.save()` is called. +* Instantiating model instances directly means that you cannot use model manager classes for instance creation, eg `ExampleModel.objects.create(...)`. Manager classes are an excellent layer at which to enforce business logic and application-level data constraints. +* The two step process makes it unclear where to put deserialization logic. For example, should extra attributes such as the current user get added to the instance during object creation or during object save? + +We now use single-step object creation, like so: + +1. Validating the data makes the cleaned data available as `serializer.validated_data`. +2. Calling `serializer.save()` then saves and returns the new object instance. + +The resulting API changes are further detailed below. + #### The `.create()` and `.update()` methods. -**TODO**: Drop `.restore_object()`, use `.create()` and `.update()` which should save the instance. +The `.restore_object()` method is now replaced with two seperate methods, `.create()` and `.update()`. + +When using the `.create()` and `.update()` methods you should both create *and save* the object instance. This is in contrast to the previous `.restore_object()` behavior that would instantiate the object but not save it. + +The following example from the tutorial previously used `restore_object()` to handle both creating and updating object instances. + + def restore_object(self, attrs, instance=None): + if instance: + # Update existing instance + instance.title = attrs.get('title', instance.title) + instance.code = attrs.get('code', instance.code) + instance.linenos = attrs.get('linenos', instance.linenos) + instance.language = attrs.get('language', instance.language) + instance.style = attrs.get('style', instance.style) + return instance + + # Create new instance + return Snippet(**attrs) + +This would now be split out into two seperate methods. + + def update(self, instance, validated_attrs) + instance.title = validated_attrs.get('title', instance.title) + instance.code = validated_attrs.get('code', instance.code) + instance.linenos = validated_attrs.get('linenos', instance.linenos) + instance.language = validated_attrs.get('language', instance.language) + instance.style = validated_attrs.get('style', instance.style) + instance.save() + + def create(self, validated_attrs): + return Snippet.objects.create(**validated_attrs) + +Note that the `.create` method should return the newly created object instance. #### Use `.validated_data` instead of `.object`. @@ -457,7 +520,9 @@ This change means that you can now easily cusomize the style of error responses ## The metadata API -**TODO** +Behavior for dealing with `OPTIONS` requests was previously built directly into the class based views. This has now been properly seperated out into a Metadata API that allows the same pluggable style as other API policies in REST framework. + +This makes it far easier to use a different style for `OPTIONS` responses throughout your API, and makes it possible to create third-party metadata policies. ## API style -- cgit v1.2.3 From e8af73d144d73a55aecde6a1fda8516f15f027c1 Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Fri, 26 Sep 2014 12:17:20 +0100 Subject: Release notes --- docs/topics/3.0-announcement.md | 35 +++++++++++++++++++++++++++++++---- 1 file changed, 31 insertions(+), 4 deletions(-) (limited to 'docs') diff --git a/docs/topics/3.0-announcement.md b/docs/topics/3.0-announcement.md index 35d725ff..144d3550 100644 --- a/docs/topics/3.0-announcement.md +++ b/docs/topics/3.0-announcement.md @@ -125,14 +125,41 @@ The corresponding code would now look like this: logging.info('Creating ticket "%s"' % name) extras = {'user': request.user} # Include the user when saving. serializer.save(extras=extras) - + +#### Printable serializer reprensentations. + +Serializer instances now support a printable representation that allows you to inspect the fields present on the instance. + +For instance, given the following example model: + + class LocationRating(models.Model): + location = models.CharField(max_length=100) + rating = models.IntegerField() + created_by = models.ForeignKey(User) + +Let's create a simple `ModelSerializer` class c. + + class LocationRatingSerializer(serializer.ModelSerializer): + class Meta: + model = LocationRating + +We can now inspect its representation in the Django shell, using `python manage.py shell`... + + >>> serializer = LocationRatingSerializer() + >>> print(serializer) # Or use `print serializer` in Python 2.x + LocationRatingSerializer(): + id = IntegerField(label='ID', read_only=True) + location = CharField(max_length=100) + rating = IntegerField() + created_by = PrimaryKeyRelatedField(queryset=User.objects.all()) + #### Always use `fields`, not `exclude`. -The `exclude` option is no longer available. You should use the more explicit `fields` option instead. +The `exclude` option on `ModelSerializer` is no longer available. You should use the more explicit `fields` option instead. #### The `extra_kwargs` option. -The `read_only_fields` and `write_only_fields` options have been removed and replaced with a more generic `extra_kwargs`. +The `read_only_fields` and `write_only_fields` options on `ModelSerializer` have been removed and replaced with a more generic `extra_kwargs`. class MySerializer(serializer.ModelSerializer): class Meta: @@ -177,7 +204,7 @@ Alternatively, specify the field explicitly on the serializer class: #### Fields for model methods and properties. -You can now specify field names in the `fields` option that refer to model methods or properties. For example, suppose you have the following model: +With `ModelSerilizer` you can now specify field names in the `fields` option that refer to model methods or properties. For example, suppose you have the following model: class Invitation(models.Model): created = models.DateTimeField() -- cgit v1.2.3 From 90311357add780433c79e97346ed85f1f4224877 Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Fri, 26 Sep 2014 12:18:27 +0100 Subject: Release notes --- docs/topics/3.0-announcement.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'docs') diff --git a/docs/topics/3.0-announcement.md b/docs/topics/3.0-announcement.md index 144d3550..daacbba0 100644 --- a/docs/topics/3.0-announcement.md +++ b/docs/topics/3.0-announcement.md @@ -137,13 +137,13 @@ For instance, given the following example model: rating = models.IntegerField() created_by = models.ForeignKey(User) -Let's create a simple `ModelSerializer` class c. +Let's create a simple `ModelSerializer` class corresponding to the `LocationRating` model. class LocationRatingSerializer(serializer.ModelSerializer): class Meta: model = LocationRating -We can now inspect its representation in the Django shell, using `python manage.py shell`... +We can now inspect the serializer representation in the Django shell, using `python manage.py shell`... >>> serializer = LocationRatingSerializer() >>> print(serializer) # Or use `print serializer` in Python 2.x -- cgit v1.2.3 From fde934d33c8692bab5e0e7b6009d358101a25dd7 Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Fri, 26 Sep 2014 12:21:05 +0100 Subject: Release notes --- docs/topics/3.0-announcement.md | 1 + 1 file changed, 1 insertion(+) (limited to 'docs') diff --git a/docs/topics/3.0-announcement.md b/docs/topics/3.0-announcement.md index daacbba0..a4e4db14 100644 --- a/docs/topics/3.0-announcement.md +++ b/docs/topics/3.0-announcement.md @@ -21,6 +21,7 @@ Notable features of this new release include: * Super simple default implementations for the generic views. * Support for overriding how validation errors are handled by your API. * A metadata API that allows you to customize how `OPTIONS` requests are handled by your API. +* A more compact JSON output with unicode style encoding turned on by default. Below is an in-depth guide to the API changes and migration notes for 3.0. -- cgit v1.2.3 From 8b8623c5f84d443d26804cac52a793a3037a1dd0 Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Fri, 26 Sep 2014 12:48:20 +0100 Subject: Allow many, partial and context in BaseSerializer --- docs/topics/3.0-announcement.md | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'docs') diff --git a/docs/topics/3.0-announcement.md b/docs/topics/3.0-announcement.md index a4e4db14..faba2d35 100644 --- a/docs/topics/3.0-announcement.md +++ b/docs/topics/3.0-announcement.md @@ -2,6 +2,13 @@ See the [Version 3.0 GitHub issue](https://github.com/tomchristie/django-rest-framework/pull/1800) for more details. +Most notable outstanding issues still to resolved on the `version-3.0` branch. + +* `FileField` and `ImageField` support. +* Forms support for serializers and in the browsable API. +* Enforcing uniqueness on `unique=True` and `unique_together` fields. +* Optimisations for serialializing primary keys. + # REST framework 3.0 The 3.0 release of Django REST framework is the result of almost four years of iteration and refinement. It comprehensively addresses some of the previous remaining design issues in serializers, fields and the generic views. -- cgit v1.2.3 From 0eb6a4de8a3293c3b326fadccf7aa0be67c2f5b5 Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Fri, 26 Sep 2014 13:10:58 +0100 Subject: Release notes --- docs/topics/3.0-announcement.md | 1 + 1 file changed, 1 insertion(+) (limited to 'docs') diff --git a/docs/topics/3.0-announcement.md b/docs/topics/3.0-announcement.md index faba2d35..9769e884 100644 --- a/docs/topics/3.0-announcement.md +++ b/docs/topics/3.0-announcement.md @@ -8,6 +8,7 @@ Most notable outstanding issues still to resolved on the `version-3.0` branch. * Forms support for serializers and in the browsable API. * Enforcing uniqueness on `unique=True` and `unique_together` fields. * Optimisations for serialializing primary keys. +* Refine style of validation errors in some cases, such as validation errors in `ListField`. # REST framework 3.0 -- cgit v1.2.3 From 24f7db2fc156b0af7749a5cc17c1df3f5522bf88 Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Fri, 26 Sep 2014 13:12:10 +0100 Subject: Release notes --- docs/topics/3.0-announcement.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/topics/3.0-announcement.md b/docs/topics/3.0-announcement.md index 9769e884..a48d22ea 100644 --- a/docs/topics/3.0-announcement.md +++ b/docs/topics/3.0-announcement.md @@ -2,13 +2,15 @@ See the [Version 3.0 GitHub issue](https://github.com/tomchristie/django-rest-framework/pull/1800) for more details. -Most notable outstanding issues still to resolved on the `version-3.0` branch. +The most notable outstanding issues still to resolved on the `version-3.0` branch are as follows: * `FileField` and `ImageField` support. * Forms support for serializers and in the browsable API. * Enforcing uniqueness on `unique=True` and `unique_together` fields. * Optimisations for serialializing primary keys. * Refine style of validation errors in some cases, such as validation errors in `ListField`. +* `.validate()` method on fields. +* `.transform_()` method on serializers. # REST framework 3.0 -- cgit v1.2.3 From ee79b453974f3dc8ead83bff86784366d59a4fb1 Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Fri, 26 Sep 2014 13:19:32 +0100 Subject: Prepend some pre-release notes --- docs/topics/3.0-announcement.md | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) (limited to 'docs') diff --git a/docs/topics/3.0-announcement.md b/docs/topics/3.0-announcement.md index a48d22ea..21052ca0 100644 --- a/docs/topics/3.0-announcement.md +++ b/docs/topics/3.0-announcement.md @@ -1,6 +1,10 @@ -**THIS DOCUMENT IS CURRENTLY A WORK IN PROGRESS** +## Pre-release notes: -See the [Version 3.0 GitHub issue](https://github.com/tomchristie/django-rest-framework/pull/1800) for more details. +The 3.0 release is now ready for some tentative testing and upgrades for super keen early adopters. You can install the development version directly from GitHub like so: + + pip install https://github.com/tomchristie/django-rest-framework/archive/version-3.0.zip + +See the [Version 3.0 GitHub issue](https://github.com/tomchristie/django-rest-framework/pull/1800) for more details on remaining work. The most notable outstanding issues still to resolved on the `version-3.0` branch are as follows: @@ -12,6 +16,12 @@ The most notable outstanding issues still to resolved on the `version-3.0` branc * `.validate()` method on fields. * `.transform_()` method on serializers. +**Your feedback on the upgrade process and 3.0 changes is hugely important!** + +Please do get in touch via twitter, IRC, a GitHub ticket, or the discussion group. + +--- + # REST framework 3.0 The 3.0 release of Django REST framework is the result of almost four years of iteration and refinement. It comprehensively addresses some of the previous remaining design issues in serializers, fields and the generic views. -- cgit v1.2.3 From ce04d59a53df45715c4805831406b2105c9594a8 Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Fri, 26 Sep 2014 17:07:47 +0100 Subject: Update release notes --- docs/topics/3.0-announcement.md | 1 - 1 file changed, 1 deletion(-) (limited to 'docs') diff --git a/docs/topics/3.0-announcement.md b/docs/topics/3.0-announcement.md index 21052ca0..24f4ed4c 100644 --- a/docs/topics/3.0-announcement.md +++ b/docs/topics/3.0-announcement.md @@ -8,7 +8,6 @@ See the [Version 3.0 GitHub issue](https://github.com/tomchristie/django-rest-fr The most notable outstanding issues still to resolved on the `version-3.0` branch are as follows: -* `FileField` and `ImageField` support. * Forms support for serializers and in the browsable API. * Enforcing uniqueness on `unique=True` and `unique_together` fields. * Optimisations for serialializing primary keys. -- cgit v1.2.3 From 4798df52df5d59cc570043e3eb7e26f7ce57b54f Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Mon, 29 Sep 2014 12:57:05 +0100 Subject: Update release notes --- docs/topics/3.0-announcement.md | 44 ++++++++++++++++++++++++++++++++++++----- 1 file changed, 39 insertions(+), 5 deletions(-) (limited to 'docs') diff --git a/docs/topics/3.0-announcement.md b/docs/topics/3.0-announcement.md index 24f4ed4c..92062552 100644 --- a/docs/topics/3.0-announcement.md +++ b/docs/topics/3.0-announcement.md @@ -146,7 +146,41 @@ The corresponding code would now look like this: extras = {'user': request.user} # Include the user when saving. serializer.save(extras=extras) -#### Printable serializer reprensentations. +#### Limitations of ModelSerializer validation. + +This change also means that we no longer use the `.full_clean()` method on model instances, but instead perform all validation explicitly on the serializer. This gives a cleaner seperation, and ensures that there's no automatic validation behavior on `ModelSerializer` classes that can't also be easily replicated on regular `Serializer` classes. + +This change comes with the following limitations: + +* The model `.clean()` method will not be called as part of serializer validation. Use the serializer `.validate()` method to perform a final validation step on incoming data where required. +* The `.unique_for_date`, `.unique_for_month` and `.unique_for_year` options on model fields are not automatically validated. Again, you'll need to handle these explicitly on the serializer if required. + +#### Writable nested serialization. + +REST framework 2.x attempted to automatically support writable nested serialization, but the behavior was complex and non-obvious. Attempting to automatically handle these case is problematic: + +* There can be complex dependancies involved in order of saving multiple related model instances. +* It's unclear what behavior the user should expect when related models are passed `None` data. +* It's unclear how the user should expect to-many relationships to handle updates, creations and deletions of multiple records. + +Using the `depth` option on `ModelSerializer` will now create **read-only nested serializers** by default. To use writable nested serialization you'll want to declare a nested field on the serializer class, and write the `create()` and/or `update()` methods explicitly. + + class UserSerializer(serializers.ModelSerializer): + profile = ProfileSerializer() + + class Meta: + model = User + fields = ('username', 'email', 'profile') + + def create(self, validated_data): + profile_data = validated_data.pop['profile'] + user = User.objects.create(**validated_data) + profile = Profile.objects.create(user=user, **profile_data) + return user + +The single-step object creation makes this far simpler and more obvious than the previous `.restore_object()` behavior. + +#### Printable serializer representations. Serializer instances now support a printable representation that allows you to inspect the fields present on the instance. @@ -279,7 +313,7 @@ There are four mathods that can be overriding, depending on what functionality y * `.to_internal_value()` - Override this to support deserialization, for write operations. * `.create()` and `.update()` - Overide either or both of these to support saving instances. -##### Read-only serializers. +##### Read-only `BaseSerializer` classes. To implement a read-only serializer using the `BaseSerializer` class, we just need to override the `.to_representation()` method. Let's take a look at an example using a simple Django model: @@ -313,7 +347,7 @@ Or use it to serialize multiple instances: serializer = HighScoreSerializer(queryset, many=True) return Response(serializer.data) -##### Read-write serializers. +##### Read-write `BaseSerializer` classes. To create a read-write serializer we first need to implement a `.to_internal_value()` method. This method returns the validated values that will be used to construct the object instance, and may raise a `ValidationError` if the supplied data is in an incorrect format. @@ -358,9 +392,9 @@ Here's a complete example of our previous `HighScoreSerializer`, that's been upd def create(self, validated_data): return HighScore.objects.create(**validated_data) -#### Creating new base classes with `BaseSerializer`. +#### Creating new generic serializers with `BaseSerializer`. -The `BaseSerializer` class is also useful if you want to implement new generic serializer classes for dealing with particular serialization styles or for integrating with different storage backends. +The `BaseSerializer` class is also useful if you want to implement new generic serializer classes for dealing with particular serialization styles, or for integrating with alternative storage backends. The following class is an example of a generic serializer that can handle coercing aribitrary objects into primative representations. -- cgit v1.2.3 From 657d1de032bfa392609d53751e89366b972cd678 Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Mon, 29 Sep 2014 14:12:09 +0100 Subject: Latest release notes --- docs/topics/3.0-announcement.md | 39 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 39 insertions(+) (limited to 'docs') diff --git a/docs/topics/3.0-announcement.md b/docs/topics/3.0-announcement.md index 92062552..584c4979 100644 --- a/docs/topics/3.0-announcement.md +++ b/docs/topics/3.0-announcement.md @@ -560,6 +560,35 @@ The following usage will *now raise an error*: email = serializers.EmailField(source='email') +#### The `UniqueValidator` and `UniqueTogetherValidator` classes. + +REST framework now provides two new validators that allow you to ensure field uniqueness, while still using a completely explicit `Serializer` class instead of using `ModelSerializer`. + +The `UniqueValidator` should be applied to a serializer field, and takes a single `queryset` argument. + + from rest_framework import serializers + from rest_framework.validators import UniqueValidator + + class OrganizationSerializer(serializers.Serializer): + url = serializers.HyperlinkedIdentityField(view_name='organisation_detail') + created = serializers.DateTimeField(read_only=True) + name = serializers.CharField( + max_length=100, + validators=UniqueValidator(queryset=Organisation.objects.all()) + ) + +The `UniqueTogetherValidator` should be applied to a serializer, and takes a `queryset` argument and a `fields` argument which should be a list or tuple of field names. + + class RaceResultSerializer(serializers.Serializer): + category = serializers.ChoiceField(['5k', '10k']) + position = serializers.IntegerField() + name = serializers.CharField(max_length=100) + + default_validators = [UniqueTogetherValidator( + queryset=RaceResult.objects.all(), + fields=('category', 'position') + )] + ## Generic views #### Simplification of view logic. @@ -633,6 +662,16 @@ The `COMPACT_JSON` setting has been added, and can be used to revert this behavi 'COMPACT_JSON': False } +#### File fields as URLs + +The `FileField` and `ImageField` classes are now represented as URLs by default. You should ensure you set Django's standard `MEDIA_URL` setting appropriately. + +You can revert this behavior, and display filenames as the representation, using the `UPLOADED_FILES_USE_URL` settings key: + + REST_FRAMEWORK = { + 'UPLOADED_FILES_USE_URL': False + } + #### Throttle headers using `Retry-After`. The custom `X-Throttle-Wait-Second` header has now been dropped in favor of the standard `Retry-After` header. You can revert this behavior if needed by writing a custom exception handler for your application. -- cgit v1.2.3 From a8622adcd9f940131b63e91d53d2c49fcb89ee6a Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Mon, 29 Sep 2014 16:57:40 +0100 Subject: Update index.md --- docs/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/index.md b/docs/index.md index e4c971f9..b18b71d2 100644 --- a/docs/index.md +++ b/docs/index.md @@ -49,7 +49,7 @@ Some reasons you might want to use REST framework: REST framework requires the following: -* Python (2.6.5+, 2.7, 3.2, 3.3) +* Python (2.6.5+, 2.7, 3.2, 3.3, 3.4) * Django (1.4.2+, 1.5, 1.6, 1.7) The following packages are optional: -- cgit v1.2.3 From 83a5ea8db27b9452a5539f1e0574f493392a91ad Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Mon, 29 Sep 2014 21:17:13 +0100 Subject: Update release notes --- docs/topics/3.0-announcement.md | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) (limited to 'docs') diff --git a/docs/topics/3.0-announcement.md b/docs/topics/3.0-announcement.md index 584c4979..12ab5a0d 100644 --- a/docs/topics/3.0-announcement.md +++ b/docs/topics/3.0-announcement.md @@ -664,14 +664,26 @@ The `COMPACT_JSON` setting has been added, and can be used to revert this behavi #### File fields as URLs -The `FileField` and `ImageField` classes are now represented as URLs by default. You should ensure you set Django's standard `MEDIA_URL` setting appropriately. +The `FileField` and `ImageField` classes are now represented as URLs by default. You should ensure you set Django's [standard `MEDIA_URL` setting](https://docs.djangoproject.com/en/dev/ref/settings/#std:setting-MEDIA_URL) appropriately, and ensure your application [serves the uploaded files](https://docs.djangoproject.com/en/dev/howto/static-files/#serving-uploaded-files-in-development). -You can revert this behavior, and display filenames as the representation, using the `UPLOADED_FILES_USE_URL` settings key: +You can revert this behavior, and display filenames in the representation by using the `UPLOADED_FILES_USE_URL` settings key: REST_FRAMEWORK = { 'UPLOADED_FILES_USE_URL': False } +You can also modify serializer fields individually, using the `use_url` argument: + + uploaded_file = serializers.FileField(user_url=False) + +Also note that you should pass the `request` object to the serializer as context when instantiating it, so that a fully qualified URL can be returned. Returned URLs will then be of the form `https://example.com/url_path/filename.txt`. For example: + + context = {'request': request} + serializer = ExampleSerializer(instance, context=context) + return Response(serializer.data) + +If the request is omitted from the context, the returned URLs will be of the form `/url_path/filename.txt`. + #### Throttle headers using `Retry-After`. The custom `X-Throttle-Wait-Second` header has now been dropped in favor of the standard `Retry-After` header. You can revert this behavior if needed by writing a custom exception handler for your application. -- cgit v1.2.3 From da4900a353bd1136aa96cb5444b34f7beefa8e85 Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Tue, 30 Sep 2014 11:10:13 +0100 Subject: Update 3.0-announcement.md --- docs/topics/3.0-announcement.md | 2 -- 1 file changed, 2 deletions(-) (limited to 'docs') diff --git a/docs/topics/3.0-announcement.md b/docs/topics/3.0-announcement.md index 12ab5a0d..1c7e016e 100644 --- a/docs/topics/3.0-announcement.md +++ b/docs/topics/3.0-announcement.md @@ -9,10 +9,8 @@ See the [Version 3.0 GitHub issue](https://github.com/tomchristie/django-rest-fr The most notable outstanding issues still to resolved on the `version-3.0` branch are as follows: * Forms support for serializers and in the browsable API. -* Enforcing uniqueness on `unique=True` and `unique_together` fields. * Optimisations for serialializing primary keys. * Refine style of validation errors in some cases, such as validation errors in `ListField`. -* `.validate()` method on fields. * `.transform_()` method on serializers. **Your feedback on the upgrade process and 3.0 changes is hugely important!** -- cgit v1.2.3 From 770d63fb046917f9fe1f08449f07bf13f1adfa4f Mon Sep 17 00:00:00 2001 From: Omer Katz Date: Wed, 1 Oct 2014 13:12:33 +0300 Subject: Fixed documentation typo. --- docs/topics/3.0-announcement.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/topics/3.0-announcement.md b/docs/topics/3.0-announcement.md index 1c7e016e..d2505a1b 100644 --- a/docs/topics/3.0-announcement.md +++ b/docs/topics/3.0-announcement.md @@ -75,7 +75,7 @@ Previously the serializers used a two-step object creation, as follows: This style is in line with how the `ModelForm` class works in Django, but is problematic for a number of reasons: -* Some data, such as many-to-many relationships, cannot be added to the object instance until after it has been save. This type of data needed to be hidden in some undocumentated state on the object instance, or kept as state on the serializer instance so that it could be used when `.save()` is called. +* Some data, such as many-to-many relationships, cannot be added to the object instance until after it has been saved. This type of data needed to be hidden in some undocumentated state on the object instance, or kept as state on the serializer instance so that it could be used when `.save()` is called. * Instantiating model instances directly means that you cannot use model manager classes for instance creation, eg `ExampleModel.objects.create(...)`. Manager classes are an excellent layer at which to enforce business logic and application-level data constraints. * The two step process makes it unclear where to put deserialization logic. For example, should extra attributes such as the current user get added to the instance during object creation or during object save? -- cgit v1.2.3 From dfab9af294972720f59890967cd9ae1a6c0796b6 Mon Sep 17 00:00:00 2001 From: Craig de Stigter Date: Fri, 3 Oct 2014 08:41:18 +1300 Subject: Minor: fix spelling and grammar, mostly in 3.0 announcement --- docs/api-guide/fields.md | 2 +- docs/api-guide/renderers.md | 2 +- docs/topics/2.4-announcement.md | 2 +- docs/topics/3.0-announcement.md | 42 +++++++++++++++--------------- docs/topics/contributing.md | 2 +- docs/topics/release-notes.md | 2 +- docs/topics/writable-nested-serializers.md | 2 +- 7 files changed, 27 insertions(+), 27 deletions(-) (limited to 'docs') diff --git a/docs/api-guide/fields.md b/docs/api-guide/fields.md index f0778318..292a51d8 100644 --- a/docs/api-guide/fields.md +++ b/docs/api-guide/fields.md @@ -286,7 +286,7 @@ For example, to validate numbers up to 999 with a resolution of 2 decimal places serializers.DecimalField(max_digits=5, decimal_places=2) -And to validate numbers up to anything lesss than one billion with a resolution of 10 decimal places: +And to validate numbers up to anything less than one billion with a resolution of 10 decimal places: serializers.DecimalField(max_digits=19, decimal_places=10) diff --git a/docs/api-guide/renderers.md b/docs/api-guide/renderers.md index 2e1c892f..db7436c2 100644 --- a/docs/api-guide/renderers.md +++ b/docs/api-guide/renderers.md @@ -74,7 +74,7 @@ If your API includes views that can serve both regular webpages and API response Renders the request data into `JSON`, using utf-8 encoding. -Note that the default style is to include unicode characters, and render the response using a compact style with no uneccessary whitespace: +Note that the default style is to include unicode characters, and render the response using a compact style with no unnecessary whitespace: {"unicode black star":"★","value":999} diff --git a/docs/topics/2.4-announcement.md b/docs/topics/2.4-announcement.md index 09294b91..d8aa5b10 100644 --- a/docs/topics/2.4-announcement.md +++ b/docs/topics/2.4-announcement.md @@ -23,7 +23,7 @@ The documentation has previously stated that usage of the more explicit style is Doing so will mean that there are cases of API code where you'll now need to include a serializer class where you previously were just using the `.model` shortcut. However we firmly believe that it is the right trade-off to make. -Removing the shortcut takes away an unneccessary layer of abstraction, and makes your codebase more explicit without any significant extra complexity. It also results in better consistency, as there's now only one way to set the serializer class and queryset attributes for the view, instead of two. +Removing the shortcut takes away an unnecessary layer of abstraction, and makes your codebase more explicit without any significant extra complexity. It also results in better consistency, as there's now only one way to set the serializer class and queryset attributes for the view, instead of two. The `DEFAULT_MODEL_SERIALIZER_CLASS` API setting is now also deprecated. diff --git a/docs/topics/3.0-announcement.md b/docs/topics/3.0-announcement.md index d2505a1b..5242be57 100644 --- a/docs/topics/3.0-announcement.md +++ b/docs/topics/3.0-announcement.md @@ -6,10 +6,10 @@ The 3.0 release is now ready for some tentative testing and upgrades for super k See the [Version 3.0 GitHub issue](https://github.com/tomchristie/django-rest-framework/pull/1800) for more details on remaining work. -The most notable outstanding issues still to resolved on the `version-3.0` branch are as follows: +The most notable outstanding issues still to be resolved on the `version-3.0` branch are as follows: * Forms support for serializers and in the browsable API. -* Optimisations for serialializing primary keys. +* Optimisations for serializing primary keys. * Refine style of validation errors in some cases, such as validation errors in `ListField`. * `.transform_()` method on serializers. @@ -50,13 +50,13 @@ Below is an in-depth guide to the API changes and migration notes for 3.0. The usage of `request.DATA` and `request.FILES` is now discouraged in favor of a single `request.data` attribute that contains *all* the parsed data. -Having seperate attributes is reasonable for web applications that only ever parse URL encoded or MultiPart requests, but makes less sense for the general-purpose request parsing that REST framework supports. +Having separate attributes is reasonable for web applications that only ever parse URL encoded or MultiPart requests, but makes less sense for the general-purpose request parsing that REST framework supports. You may now pass all the request data to a serializer class in a single argument: ExampleSerializer(data=request.data) -Instead of passing the files argument seperately: +Instead of passing the files argument separately: # Don't do this... ExampleSerializer(data=request.DATA, files=request.FILES) @@ -75,7 +75,7 @@ Previously the serializers used a two-step object creation, as follows: This style is in line with how the `ModelForm` class works in Django, but is problematic for a number of reasons: -* Some data, such as many-to-many relationships, cannot be added to the object instance until after it has been saved. This type of data needed to be hidden in some undocumentated state on the object instance, or kept as state on the serializer instance so that it could be used when `.save()` is called. +* Some data, such as many-to-many relationships, cannot be added to the object instance until after it has been saved. This type of data needed to be hidden in some undocumented state on the object instance, or kept as state on the serializer instance so that it could be used when `.save()` is called. * Instantiating model instances directly means that you cannot use model manager classes for instance creation, eg `ExampleModel.objects.create(...)`. Manager classes are an excellent layer at which to enforce business logic and application-level data constraints. * The two step process makes it unclear where to put deserialization logic. For example, should extra attributes such as the current user get added to the instance during object creation or during object save? @@ -88,7 +88,7 @@ The resulting API changes are further detailed below. #### The `.create()` and `.update()` methods. -The `.restore_object()` method is now replaced with two seperate methods, `.create()` and `.update()`. +The `.restore_object()` method is now replaced with two separate methods, `.create()` and `.update()`. When using the `.create()` and `.update()` methods you should both create *and save* the object instance. This is in contrast to the previous `.restore_object()` behavior that would instantiate the object but not save it. @@ -107,7 +107,7 @@ The following example from the tutorial previously used `restore_object()` to ha # Create new instance return Snippet(**attrs) -This would now be split out into two seperate methods. +This would now be split out into two separate methods. def update(self, instance, validated_attrs) instance.title = validated_attrs.get('title', instance.title) @@ -146,7 +146,7 @@ The corresponding code would now look like this: #### Limitations of ModelSerializer validation. -This change also means that we no longer use the `.full_clean()` method on model instances, but instead perform all validation explicitly on the serializer. This gives a cleaner seperation, and ensures that there's no automatic validation behavior on `ModelSerializer` classes that can't also be easily replicated on regular `Serializer` classes. +This change also means that we no longer use the `.full_clean()` method on model instances, but instead perform all validation explicitly on the serializer. This gives a cleaner separation, and ensures that there's no automatic validation behavior on `ModelSerializer` classes that can't also be easily replicated on regular `Serializer` classes. This change comes with the following limitations: @@ -157,7 +157,7 @@ This change comes with the following limitations: REST framework 2.x attempted to automatically support writable nested serialization, but the behavior was complex and non-obvious. Attempting to automatically handle these case is problematic: -* There can be complex dependancies involved in order of saving multiple related model instances. +* There can be complex dependencies involved in order of saving multiple related model instances. * It's unclear what behavior the user should expect when related models are passed `None` data. * It's unclear how the user should expect to-many relationships to handle updates, creations and deletions of multiple records. @@ -289,7 +289,7 @@ The `ListSerializer` class has now been added, and allows you to create base ser class MultipleUserSerializer(ListSerializer): child = UserSerializer() -You can also still use the `many=True` argument to serializer classes. It's worth noting that `many=True` argument transparently creates a `ListSerializer` instance, allowing the validation logic for list and non-list data to be cleanly seperated in the REST framework codebase. +You can also still use the `many=True` argument to serializer classes. It's worth noting that `many=True` argument transparently creates a `ListSerializer` instance, allowing the validation logic for list and non-list data to be cleanly separated in the REST framework codebase. See also the new `ListField` class, which validates input in the same way, but does not include the serializer interfaces of `.is_valid()`, `.data`, `.save()` and so on. @@ -299,7 +299,7 @@ REST framework now includes a simple `BaseSerializer` class that can be used to This class implements the same basic API as the `Serializer` class: -* `.data` - Returns the outgoing primative representation. +* `.data` - Returns the outgoing primitive representation. * `.is_valid()` - Deserializes and validates incoming data. * `.validated_data` - Returns the validated incoming data. * `.errors` - Returns an errors during validation. @@ -320,7 +320,7 @@ To implement a read-only serializer using the `BaseSerializer` class, we just ne player_name = models.CharField(max_length=10) score = models.IntegerField() -It's simple to create a read-only serializer for converting `HighScore` instances into primative data types. +It's simple to create a read-only serializer for converting `HighScore` instances into primitive data types. class HighScoreSerializer(serializers.BaseSerializer): def to_representation(self, obj): @@ -394,12 +394,12 @@ Here's a complete example of our previous `HighScoreSerializer`, that's been upd The `BaseSerializer` class is also useful if you want to implement new generic serializer classes for dealing with particular serialization styles, or for integrating with alternative storage backends. -The following class is an example of a generic serializer that can handle coercing aribitrary objects into primative representations. +The following class is an example of a generic serializer that can handle coercing aribitrary objects into primitive representations. class ObjectSerializer(serializers.BaseSerializer): """ A read-only serializer that coerces arbitrary complex objects - into primative representations. + into primitive representations. """ def to_representation(self, obj): for attribute_name in dir(obj): @@ -411,7 +411,7 @@ The following class is an example of a generic serializer that can handle coerci # Ignore methods and other callables. pass elif isinstance(attribute, (str, int, bool, float, type(None))): - # Primative types can be passed through unmodified. + # primitive types can be passed through unmodified. output[attribute_name] = attribute elif isinstance(attribute, list): # Recursivly deal with items in lists. @@ -437,7 +437,7 @@ There are some minor tweaks to the field base classes. Previously we had these two base classes: * `Field` as the base class for read-only fields. A default implementation was included for serializing data. -* `WriteableField` as the base class for read-write fields. +* `WritableField` as the base class for read-write fields. We now use the following: @@ -448,9 +448,9 @@ We now use the following: REST framework now has more explict and clear control over validating empty values for fields. -Previously the meaning of the `required=False` keyword argument was underspecified. In practice it's use meant that a field could either be not included in the input, or it could be included, but be `None`. +Previously the meaning of the `required=False` keyword argument was underspecified. In practice its use meant that a field could either be not included in the input, or it could be included, but be `None`. -We now have a better seperation, with seperate `required` and `allow_none` arguments. +We now have a better separation, with separate `required` and `allow_none` arguments. The following set of arguments are used to control validation of empty values: @@ -552,7 +552,7 @@ In order to ensure a consistent code style an assertion error will be raised if #### Enforcing consistent `source` usage. -I've see several codebases that unneccessarily include the `source` argument, setting it to the same value as the field name. This usage is redundant and confusing, making it less obvious that `source` is usually not required. +I've see several codebases that unnecessarily include the `source` argument, setting it to the same value as the field name. This usage is redundant and confusing, making it less obvious that `source` is usually not required. The following usage will *now raise an error*: @@ -614,7 +614,7 @@ I would personally recommend that developers treat view instances as immutable o #### PUT as create. -Allowing `PUT` as create operations is problematic, as it neccessarily exposes information about the existence or non-existance of objects. It's also not obvious that transparently allowing re-creating of previously deleted instances is neccessarily a better default behavior than simply returning `404` responses. +Allowing `PUT` as create operations is problematic, as it necessarily exposes information about the existence or non-existance of objects. It's also not obvious that transparently allowing re-creating of previously deleted instances is necessarily a better default behavior than simply returning `404` responses. Both styles "`PUT` as 404" and "`PUT` as create" can be valid in different circumstances, but we've now opted for the 404 behavior as the default, due to it being simpler and more obvious. @@ -628,7 +628,7 @@ This change means that you can now easily cusomize the style of error responses ## The metadata API -Behavior for dealing with `OPTIONS` requests was previously built directly into the class based views. This has now been properly seperated out into a Metadata API that allows the same pluggable style as other API policies in REST framework. +Behavior for dealing with `OPTIONS` requests was previously built directly into the class based views. This has now been properly separated out into a Metadata API that allows the same pluggable style as other API policies in REST framework. This makes it far easier to use a different style for `OPTIONS` responses throughout your API, and makes it possible to create third-party metadata policies. diff --git a/docs/topics/contributing.md b/docs/topics/contributing.md index 3400bc8f..50b8ded1 100644 --- a/docs/topics/contributing.md +++ b/docs/topics/contributing.md @@ -109,7 +109,7 @@ You can also use the excellent [tox][tox] testing tool to run the tests against It's a good idea to make pull requests early on. A pull request represents the start of a discussion, and doesn't necessarily need to be the final, finished submission. -It's also always best to make a new branch before starting work on a pull request. This means that you'll be able to later switch back to working on another seperate issue without interfering with an ongoing pull requests. +It's also always best to make a new branch before starting work on a pull request. This means that you'll be able to later switch back to working on another separate issue without interfering with an ongoing pull requests. It's also useful to remember that if you have an outstanding pull request then pushing new commits to your GitHub repo will also automatically update the pull requests. diff --git a/docs/topics/release-notes.md b/docs/topics/release-notes.md index 16589f3b..4fa3d627 100644 --- a/docs/topics/release-notes.md +++ b/docs/topics/release-notes.md @@ -149,7 +149,7 @@ You can determine your currently installed version using `pip freeze`: * Added `write_only_fields` option to `ModelSerializer` classes. * JSON renderer now deals with objects that implement a dict-like interface. * Fix compatiblity with newer versions of `django-oauth-plus`. -* Bugfix: Refine behavior that calls model manager `all()` across nested serializer relationships, preventing erronous behavior with some non-ORM objects, and preventing unneccessary queryset re-evaluations. +* Bugfix: Refine behavior that calls model manager `all()` across nested serializer relationships, preventing erronous behavior with some non-ORM objects, and preventing unnecessary queryset re-evaluations. * Bugfix: Allow defaults on BooleanFields to be properly honored when values are not supplied. * Bugfix: Prevent double-escaping of non-latin1 URL query params when appending `format=json` params. diff --git a/docs/topics/writable-nested-serializers.md b/docs/topics/writable-nested-serializers.md index 66ea7815..abc6a82f 100644 --- a/docs/topics/writable-nested-serializers.md +++ b/docs/topics/writable-nested-serializers.md @@ -6,7 +6,7 @@ Although flat data structures serve to properly delineate between the individual entities in your service, there are cases where it may be more appropriate or convenient to use nested data structures. -Nested data structures are easy enough to work with if they're read-only - simply nest your serializer classes and you're good to go. However, there are a few more subtleties to using writable nested serializers, due to the dependancies between the various model instances, and the need to save or delete multiple instances in a single action. +Nested data structures are easy enough to work with if they're read-only - simply nest your serializer classes and you're good to go. However, there are a few more subtleties to using writable nested serializers, due to the dependencies between the various model instances, and the need to save or delete multiple instances in a single action. ## One-to-many data structures -- cgit v1.2.3 From 857a8486b1534f89bd482de86d39ff717b6618eb Mon Sep 17 00:00:00 2001 From: Craig de Stigter Date: Fri, 3 Oct 2014 09:00:33 +1300 Subject: More spelling tweaks --- docs/topics/3.0-announcement.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'docs') diff --git a/docs/topics/3.0-announcement.md b/docs/topics/3.0-announcement.md index 5242be57..fcae79e1 100644 --- a/docs/topics/3.0-announcement.md +++ b/docs/topics/3.0-announcement.md @@ -411,7 +411,7 @@ The following class is an example of a generic serializer that can handle coerci # Ignore methods and other callables. pass elif isinstance(attribute, (str, int, bool, float, type(None))): - # primitive types can be passed through unmodified. + # Primitive types can be passed through unmodified. output[attribute_name] = attribute elif isinstance(attribute, list): # Recursivly deal with items in lists. @@ -446,7 +446,7 @@ We now use the following: #### The `required`, `allow_none`, `allow_blank` and `default` arguments. -REST framework now has more explict and clear control over validating empty values for fields. +REST framework now has more explicit and clear control over validating empty values for fields. Previously the meaning of the `required=False` keyword argument was underspecified. In practice its use meant that a field could either be not included in the input, or it could be included, but be `None`. @@ -522,7 +522,7 @@ However this code *would not be valid* in `2.4.3`: # ... The queryset argument is now always required for writable relational fields. -This removes some magic and makes it easier and more obvious to move between implict `ModelSerializer` classes and explicit `Serializer` classes. +This removes some magic and makes it easier and more obvious to move between implicit `ModelSerializer` classes and explicit `Serializer` classes. class AccountSerializer(serializers.ModelSerializer): organisations = serializers.SlugRelatedField( -- cgit v1.2.3 From 3a3e2bf57d5443dc0b058d5beb3111f87c418947 Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Fri, 3 Oct 2014 13:42:06 +0100 Subject: Serializer.save() takes keyword arguments, not 'extras' argument --- docs/topics/3.0-announcement.md | 21 ++++++++++----------- 1 file changed, 10 insertions(+), 11 deletions(-) (limited to 'docs') diff --git a/docs/topics/3.0-announcement.md b/docs/topics/3.0-announcement.md index fcae79e1..4a781503 100644 --- a/docs/topics/3.0-announcement.md +++ b/docs/topics/3.0-announcement.md @@ -109,16 +109,16 @@ The following example from the tutorial previously used `restore_object()` to ha This would now be split out into two separate methods. - def update(self, instance, validated_attrs) - instance.title = validated_attrs.get('title', instance.title) - instance.code = validated_attrs.get('code', instance.code) - instance.linenos = validated_attrs.get('linenos', instance.linenos) - instance.language = validated_attrs.get('language', instance.language) - instance.style = validated_attrs.get('style', instance.style) + def update(self, instance, validated_data) + instance.title = validated_data.get('title', instance.title) + instance.code = validated_data.get('code', instance.code) + instance.linenos = validated_data.get('linenos', instance.linenos) + instance.language = validated_data.get('language', instance.language) + instance.style = validated_data.get('style', instance.style) instance.save() - def create(self, validated_attrs): - return Snippet.objects.create(**validated_attrs) + def create(self, validated_data): + return Snippet.objects.create(**validated_data) Note that the `.create` method should return the newly created object instance. @@ -134,15 +134,14 @@ For example the following code *is no longer valid*: serializer.object.user = request.user # Include the user when saving. serializer.save() -Instead of using `.object` to inspect a partially constructed instance, you would now use `.validated_data` to inspect the cleaned incoming values. Also you can't set extra attributes on the instance directly, but instead pass them to the `.save()` method using the `extras` keyword argument. +Instead of using `.object` to inspect a partially constructed instance, you would now use `.validated_data` to inspect the cleaned incoming values. Also you can't set extra attributes on the instance directly, but instead pass them to the `.save()` method as keyword arguments. The corresponding code would now look like this: if serializer.is_valid(): name = serializer.validated_data['name'] # Inspect validated field data. logging.info('Creating ticket "%s"' % name) - extras = {'user': request.user} # Include the user when saving. - serializer.save(extras=extras) + serializer.save(user=request.user) # Include the user when saving. #### Limitations of ModelSerializer validation. -- cgit v1.2.3 From 0803716ed034389a09305b7f037cb05d9ff5c57d Mon Sep 17 00:00:00 2001 From: Kevin London Date: Sat, 4 Oct 2014 17:34:27 -0700 Subject: Update links in 2.4-announcement.md The links to Django Rest Framework pages were 404ing because the URLs include a slash.--- docs/topics/2.4-announcement.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'docs') diff --git a/docs/topics/2.4-announcement.md b/docs/topics/2.4-announcement.md index 09294b91..8e4f3bb2 100644 --- a/docs/topics/2.4-announcement.md +++ b/docs/topics/2.4-announcement.md @@ -164,8 +164,8 @@ Once again, many thanks to all the generous [backers and sponsors][kickstarter-s [lts-releases]: https://docs.djangoproject.com/en/dev/internals/release-process/#long-term-support-lts-releases [2-4-release-notes]: release-notes#240 -[view-name-and-description-settings]: ../api-guide/settings/#view-names-and-descriptions -[client-ip-identification]: ../api-guide/throttling/#how-clients-are-identified +[view-name-and-description-settings]: ../api-guide/settings#view-names-and-descriptions +[client-ip-identification]: ../api-guide/throttling#how-clients-are-identified [2-3-announcement]: 2.3-announcement [github-labels]: https://github.com/tomchristie/django-rest-framework/issues [github-milestones]: https://github.com/tomchristie/django-rest-framework/milestones -- cgit v1.2.3 From 0cbb57b40fdb073c7ca09c9d1078926260c646db Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Wed, 8 Oct 2014 12:17:30 +0100 Subject: Tweak pre/post save hooks. Return instance in .update(). --- docs/topics/3.0-announcement.md | 26 ++++++++++++++++++-------- 1 file changed, 18 insertions(+), 8 deletions(-) (limited to 'docs') diff --git a/docs/topics/3.0-announcement.md b/docs/topics/3.0-announcement.md index 4a781503..89817ea5 100644 --- a/docs/topics/3.0-announcement.md +++ b/docs/topics/3.0-announcement.md @@ -116,11 +116,12 @@ This would now be split out into two separate methods. instance.language = validated_data.get('language', instance.language) instance.style = validated_data.get('style', instance.style) instance.save() + return instance def create(self, validated_data): return Snippet.objects.create(**validated_data) -Note that the `.create` method should return the newly created object instance. +Note that these methods should return the newly created object instance. #### Use `.validated_data` instead of `.object`. @@ -592,18 +593,27 @@ The `UniqueTogetherValidator` should be applied to a serializer, and takes a `qu The view logic for the default method handlers has been significantly simplified, due to the new serializers API. -#### Removal of pre/post save hooks. +#### Changes to pre/post save hooks. -The following method hooks no longer exist on the new, simplified, generic views: `pre_save`, `post_save`, `pre_delete`, `post_delete`. +The `pre_save` and `post_save` hooks no longer exist, but are replaced with `perform_create(self, serializer)` and `perform_update(self, serializer)`. -If you do need custom behavior, you might choose to instead override the `.save()` method on your serializer class. For example: +These method should save the object instance by calling `serializer.save()`, adding in any explicit additional arguments as required. They may also perform any custom pre-save or post-save behavior. - def save(self, *args, **kwargs): - instance = super(MySerializer).save(*args, **kwarg) +For example: + + def perform_create(self, serializer): + # Include the owner attribute directly, rather than from request data. + instance = serializer.save(owner=self.request.user) + # Perform a custom post-save action. send_email(instance.to_email, instance.message) - return instance -Alternatively write your view logic exlpicitly, or tie your pre/post save behavior into the model class or model manager. +The `pre_delete` and `post_delete` hooks no longer exist, and are replaced with `.perform_destroy(self, instance)`, which should delete the instance and perform any custom actions. + + def perform_destroy(self, instance): + # Perform a custom pre-delete action. + send_deletion_alert(user=instance.created_by, deleted=instance) + # Delete the object instance. + instance.delete() #### Removal of view attributes. -- cgit v1.2.3 From 14ae52a24e93063f77c6010269bf9cd3316627fe Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Wed, 8 Oct 2014 16:09:37 +0100 Subject: More gradual deprecation --- docs/topics/3.0-announcement.md | 26 ++++++++++++++------------ 1 file changed, 14 insertions(+), 12 deletions(-) (limited to 'docs') diff --git a/docs/topics/3.0-announcement.md b/docs/topics/3.0-announcement.md index 89817ea5..6520f2bd 100644 --- a/docs/topics/3.0-announcement.md +++ b/docs/topics/3.0-announcement.md @@ -8,10 +8,9 @@ See the [Version 3.0 GitHub issue](https://github.com/tomchristie/django-rest-fr The most notable outstanding issues still to be resolved on the `version-3.0` branch are as follows: -* Forms support for serializers and in the browsable API. +* Finish forms support for serializers and in the browsable API. * Optimisations for serializing primary keys. * Refine style of validation errors in some cases, such as validation errors in `ListField`. -* `.transform_()` method on serializers. **Your feedback on the upgrade process and 3.0 changes is hugely important!** @@ -48,12 +47,13 @@ Below is an in-depth guide to the API changes and migration notes for 3.0. #### The `.data` and `.query_params` properties. -The usage of `request.DATA` and `request.FILES` is now discouraged in favor of a single `request.data` attribute that contains *all* the parsed data. +The usage of `request.DATA` and `request.FILES` is now pending deprecation in favor of a single `request.data` attribute that contains *all* the parsed data. -Having separate attributes is reasonable for web applications that only ever parse URL encoded or MultiPart requests, but makes less sense for the general-purpose request parsing that REST framework supports. +Having separate attributes is reasonable for web applications that only ever parse url-encoded or multipart requests, but makes less sense for the general-purpose request parsing that REST framework supports. You may now pass all the request data to a serializer class in a single argument: + # Do this... ExampleSerializer(data=request.data) Instead of passing the files argument separately: @@ -62,7 +62,7 @@ Instead of passing the files argument separately: ExampleSerializer(data=request.DATA, files=request.FILES) -The usage of `request.QUERY_PARAMS` is now discouraged in favor of the lowercased `request.query_params`. +The usage of `request.QUERY_PARAMS` is now pending deprecation in favor of the lowercased `request.query_params`. ## Serializers @@ -73,7 +73,7 @@ Previously the serializers used a two-step object creation, as follows: 1. Validating the data would create an object instance. This instance would be available as `serializer.object`. 2. Calling `serializer.save()` would then save the object instance to the database. -This style is in line with how the `ModelForm` class works in Django, but is problematic for a number of reasons: +This style is in-line with how the `ModelForm` class works in Django, but is problematic for a number of reasons: * Some data, such as many-to-many relationships, cannot be added to the object instance until after it has been saved. This type of data needed to be hidden in some undocumented state on the object instance, or kept as state on the serializer instance so that it could be used when `.save()` is called. * Instantiating model instances directly means that you cannot use model manager classes for instance creation, eg `ExampleModel.objects.create(...)`. Manager classes are an excellent layer at which to enforce business logic and application-level data constraints. @@ -109,7 +109,7 @@ The following example from the tutorial previously used `restore_object()` to ha This would now be split out into two separate methods. - def update(self, instance, validated_data) + def update(self, instance, validated_data): instance.title = validated_data.get('title', instance.title) instance.code = validated_data.get('code', instance.code) instance.linenos = validated_data.get('linenos', instance.linenos) @@ -211,28 +211,30 @@ The `exclude` option on `ModelSerializer` is no longer available. You should use #### The `extra_kwargs` option. -The `read_only_fields` and `write_only_fields` options on `ModelSerializer` have been removed and replaced with a more generic `extra_kwargs`. +The `write_only_fields` option on `ModelSerializer` has been moved to `PendingDeprecation` and replaced with a more generic `extra_kwargs`. class MySerializer(serializer.ModelSerializer): class Meta: model = MyModel fields = ('id', 'email', 'notes', 'is_admin') extra_kwargs = { - 'is_admin': {'read_only': True} + 'is_admin': {'write_only': True} } Alternatively, specify the field explicitly on the serializer class: class MySerializer(serializer.ModelSerializer): - is_admin = serializers.BooleanField(read_only=True) + is_admin = serializers.BooleanField(write_only=True) class Meta: model = MyModel fields = ('id', 'email', 'notes', 'is_admin') +The `read_only_fields` option remains as a convenient shortcut for the more common case. + #### Changes to `HyperlinkedModelSerializer`. -The `view_name` and `lookup_field` options have been removed. They are no longer required, as you can use the `extra_kwargs` argument instead: +The `view_name` and `lookup_field` options have been moved to `PendingDeprecation`. They are no longer required, as you can use the `extra_kwargs` argument instead: class MySerializer(serializer.HyperlinkedModelSerializer): class Meta: @@ -633,7 +635,7 @@ If you need to restore the previous behavior you can include the `AllowPUTAsCrea The generic views now raise `ValidationError` for invalid data. This exception is then dealt with by the exception handler, rather than the view returning a `400 Bad Request` response directly. -This change means that you can now easily cusomize the style of error responses across your entire API, without having to modify any of the generic views. +This change means that you can now easily customize the style of error responses across your entire API, without having to modify any of the generic views. ## The metadata API -- cgit v1.2.3 From 4c015df28cfb7dc7cf29f6dc4985c57e1f5cdc5d Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Wed, 8 Oct 2014 16:43:33 +0100 Subject: Tweaks --- docs/topics/3.0-announcement.md | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) (limited to 'docs') diff --git a/docs/topics/3.0-announcement.md b/docs/topics/3.0-announcement.md index 6520f2bd..26d261ed 100644 --- a/docs/topics/3.0-announcement.md +++ b/docs/topics/3.0-announcement.md @@ -144,6 +144,24 @@ The corresponding code would now look like this: logging.info('Creating ticket "%s"' % name) serializer.save(user=request.user) # Include the user when saving. +#### Change to `validate_`. + +The `validate_` method hooks that can be attached to serializer classes change their signature slightly and return type. Previously these would take a dictionary of all incoming data, and a key representing the field name, and would return a dictionary including the validated data for that field: + + def validate_score(self, attrs, source): + if attrs[score] % 10 != 0: + raise ValidationError('This field should be a multiple of ten.') + return attrs + +This is now simplified slightly, and the method hooks simply take the value to be validated, and return it's validated value. + + def validate_score(self, value): + if value % 10 != 0: + raise ValidationError('This field should be a multiple of ten.') + return value + +Any ad-hoc validation that applies to more than one field should go in the `.validate(self, attrs)` method as usual. + #### Limitations of ModelSerializer validation. This change also means that we no longer use the `.full_clean()` method on model instances, but instead perform all validation explicitly on the serializer. This gives a cleaner separation, and ensures that there's no automatic validation behavior on `ModelSerializer` classes that can't also be easily replicated on regular `Serializer` classes. -- cgit v1.2.3 From a58cfe167d837d34994b50f52098c552f6b0860e Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Thu, 9 Oct 2014 09:38:03 +0100 Subject: Update tutorial for 3.0 --- docs/tutorial/1-serialization.md | 79 ++++++++++++----------- docs/tutorial/4-authentication-and-permissions.md | 14 ++-- 2 files changed, 50 insertions(+), 43 deletions(-) (limited to 'docs') diff --git a/docs/tutorial/1-serialization.md b/docs/tutorial/1-serialization.md index b0565d91..db5b9ea7 100644 --- a/docs/tutorial/1-serialization.md +++ b/docs/tutorial/1-serialization.md @@ -41,20 +41,7 @@ Once that's done we can create an app that we'll use to create a simple Web API. python manage.py startapp snippets -The simplest way to get up and running will probably be to use an `sqlite3` database for the tutorial. Edit the `tutorial/settings.py` file, and set the default database `"ENGINE"` to `"sqlite3"`, and `"NAME"` to `"tmp.db"`. - - DATABASES = { - 'default': { - 'ENGINE': 'django.db.backends.sqlite3', - 'NAME': 'tmp.db', - 'USER': '', - 'PASSWORD': '', - 'HOST': '', - 'PORT': '', - } - } - -We'll also need to add our new `snippets` app and the `rest_framework` app to `INSTALLED_APPS`. +We'll need to add our new `snippets` app and the `rest_framework` app to `INSTALLED_APPS`. Let's edit the `tutorial/settings.py` file: INSTALLED_APPS = ( ... @@ -72,7 +59,7 @@ Okay, we're ready to roll. ## Creating a model to work with -For the purposes of this tutorial we're going to start by creating a simple `Snippet` model that is used to store code snippets. Go ahead and edit the `snippets` app's `models.py` file. Note: Good programming practices include comments. Although you will find them in our repository version of this tutorial code, we have omitted them here to focus on the code itself. +For the purposes of this tutorial we're going to start by creating a simple `Snippet` model that is used to store code snippets. Go ahead and edit the `snippets/models.py` file. Note: Good programming practices include comments. Although you will find them in our repository version of this tutorial code, we have omitted them here to focus on the code itself. from django.db import models from pygments.lexers import get_all_lexers @@ -98,9 +85,10 @@ For the purposes of this tutorial we're going to start by creating a simple `Sni class Meta: ordering = ('created',) -Don't forget to sync the database for the first time. +We'll also need to create an initial migration for our snippet model, and sync the database for the first time. - python manage.py syncdb + python manage.py makemigrations snippets + python manage.py migrate ## Creating a Serializer class @@ -112,40 +100,39 @@ The first thing we need to get started on our Web API is to provide a way of ser class SnippetSerializer(serializers.Serializer): - pk = serializers.Field() # Note: `Field` is an untyped read-only field. + pk = serializers.IntegerField(read_only=True) title = serializers.CharField(required=False, max_length=100) - code = serializers.CharField(widget=widgets.Textarea, - max_length=100000) + code = serializers.CharField(style={'type': 'textarea'}) linenos = serializers.BooleanField(required=False) language = serializers.ChoiceField(choices=LANGUAGE_CHOICES, default='python') style = serializers.ChoiceField(choices=STYLE_CHOICES, default='friendly') - def restore_object(self, attrs, instance=None): + def create(self, validated_attrs): """ - Create or update a new snippet instance, given a dictionary - of deserialized field values. + Create and return a new `Snippet` instance, given the validated data. + """ + return Snippet.objects.create(**validated_attrs) - Note that if we don't define this method, then deserializing - data will simply return a dictionary of items. + def update(self, instance, validated_attrs): + """ + Update and return an existing `Snippet` instance, given the validated data. """ - if instance: - # Update existing instance - instance.title = attrs.get('title', instance.title) - instance.code = attrs.get('code', instance.code) - instance.linenos = attrs.get('linenos', instance.linenos) - instance.language = attrs.get('language', instance.language) - instance.style = attrs.get('style', instance.style) - return instance + instance.title = validated_attrs.get('title', instance.title) + instance.code = validated_attrs.get('code', instance.code) + instance.linenos = validated_attrs.get('linenos', instance.linenos) + instance.language = validated_attrs.get('language', instance.language) + instance.style = validated_attrs.get('style', instance.style) + instance.save() + return instance - # Create new instance - return Snippet(**attrs) +The first part of the serializer class defines the fields that get serialized/deserialized. The `create()` and `update()` methods define how fully fledged instances are created or modified when calling `serializer.save()` -The first part of the serializer class defines the fields that get serialized/deserialized. The `restore_object` method defines how fully fledged instances get created when deserializing data. +A serializer class is very similar to a Django `Form` class, and includes similar validation flags on the various fields, such as `required`, `max_length` and `default`. -Notice that we can also use various attributes that would typically be used on form fields, such as `widget=widgets.Textarea`. These can be used to control how the serializer should render when displayed as an HTML form. This is particularly useful for controlling how the browsable API should be displayed, as we'll see later in the tutorial. +The field flags can also control how the serializer should be displayed in certain circumstances, such as when rendering to HTML. The `style={'type': 'textarea'}` flag above is equivelent to using `widget=widgets.Textarea` on a Django `Form` class. This is particularly useful for controlling how the browsable API should be displayed, as we'll see later in the tutorial. We can actually also save ourselves some time by using the `ModelSerializer` class, as we'll see later, but for now we'll keep our serializer definition explicit. @@ -219,6 +206,24 @@ Open the file `snippets/serializers.py` again, and edit the `SnippetSerializer` model = Snippet fields = ('id', 'title', 'code', 'linenos', 'language', 'style') +Once nice property that serializers have is that you can inspect all the fields an serializer instance, by printing it's representation. Open the Django shell with `python manange.py shell`, then try the following: + + >>> from snippets.serializers import SnippetSerializer + >>> serializer = SnippetSerializer() + >>> print repr(serializer) # In python 3 use `print(repr(serializer))` + SnippetSerializer(): + id = IntegerField(label='ID', read_only=True) + title = CharField(allow_blank=True, max_length=100, required=False) + code = CharField(style={'type': 'textarea'}) + linenos = BooleanField(required=False) + language = ChoiceField(choices=[('Clipper', 'FoxPro'), ('Cucumber', 'Gherkin'), ('RobotFramework', 'RobotFramework'), ('abap', 'ABAP'), ('ada', 'Ada')... + style = ChoiceField(choices=[('autumn', 'autumn'), ('borland', 'borland'), ('bw', 'bw'), ('colorful', 'colorful')... + +It's important to remember that `ModelSerializer` classes don't do anything particularly magically, they are simply a shortcut to creating a serializer class with: + +* An automatically determined set of fields. +* Simple default implementations for the `create()` and `update()` methods. + ## Writing regular Django views using our Serializer Let's see how we can write some API views using our new Serializer class. diff --git a/docs/tutorial/4-authentication-and-permissions.md b/docs/tutorial/4-authentication-and-permissions.md index 9120e254..adab1b55 100644 --- a/docs/tutorial/4-authentication-and-permissions.md +++ b/docs/tutorial/4-authentication-and-permissions.md @@ -92,24 +92,26 @@ Finally we need to add those views into the API, by referencing them from the UR Right now, if we created a code snippet, there'd be no way of associating the user that created the snippet, with the snippet instance. The user isn't sent as part of the serialized representation, but is instead a property of the incoming request. -The way we deal with that is by overriding a `.pre_save()` method on our snippet views, that allows us to handle any information that is implicit in the incoming request or requested URL. +The way we deal with that is by overriding a `.perform_create()` method on our snippet views, that allows us to modify how the instance save is managed, and handle any information that is implicit in the incoming request or requested URL. -On **both** the `SnippetList` and `SnippetDetail` view classes, add the following method: +On the `SnippetList` view class, add the following method: - def pre_save(self, obj): - obj.owner = self.request.user + def perform_create(self, serializer): + serializer.save(owner=self.request.user) + +The `create()` method of our serializer will now be passed an additional `'owner'` field, along with the validated data from the request. ## Updating our serializer Now that snippets are associated with the user that created them, let's update our `SnippetSerializer` to reflect that. Add the following field to the serializer definition in `serializers.py`: - owner = serializers.Field(source='owner.username') + owner = serializers.ReadOnlyField(source='owner.username') **Note**: Make sure you also add `'owner',` to the list of fields in the inner `Meta` class. This field is doing something quite interesting. The `source` argument controls which attribute is used to populate a field, and can point at any attribute on the serialized instance. It can also take the dotted notation shown above, in which case it will traverse the given attributes, in a similar way as it is used with Django's template language. -The field we've added is the untyped `Field` class, in contrast to the other typed fields, such as `CharField`, `BooleanField` etc... The untyped `Field` is always read-only, and will be used for serialized representations, but will not be used for updating model instances when they are deserialized. +The field we've added is the untyped `ReadOnlyField` class, in contrast to the other typed fields, such as `CharField`, `BooleanField` etc... The untyped `ReadOnlyField` is always read-only, and will be used for serialized representations, but will not be used for updating model instances when they are deserialized. We could have also used `CharField(read_only=True)` here. ## Adding required permissions to views -- cgit v1.2.3 From 6637b2fae0dab65447ff0bfd5ac0ba68644446eb Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Thu, 9 Oct 2014 11:08:26 +0100 Subject: Document the Metadata API --- docs/api-guide/metadata.md | 103 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 103 insertions(+) create mode 100644 docs/api-guide/metadata.md (limited to 'docs') diff --git a/docs/api-guide/metadata.md b/docs/api-guide/metadata.md new file mode 100644 index 00000000..c3f036b7 --- /dev/null +++ b/docs/api-guide/metadata.md @@ -0,0 +1,103 @@ + + +# Metadata + +> [The `OPTIONS`] method allows a client to determine the options and/or requirements associated with a resource, or the capabilities of a server, without implying a resource action or initiating a resource retrieval. +> +> — [RFC7231, Section 4.3.7.][cite] + +REST framework includes a configurable mechanism for determining how your API should respond to `OPTIONS` requests. This allows you to return API schema or other resource information. + +There are not currently any widely adopted conventions for exactly what style of response should be returned for HTTP `OPTIONS` requests, so we provide an ad-hoc style that returns some useful information. + +Here's an example response that demonstrates the information that is returned by default. + + HTTP 200 OK + Allow: GET, POST, HEAD, OPTIONS + Content-Type: application/json + + { + "name": "To Do List", + "description": "List existing 'To Do' items, or create a new item.", + "renders": [ + "application/json", + "text/html" + ], + "parses": [ + "application/json", + "application/x-www-form-urlencoded", + "multipart/form-data" + ], + "actions": { + "POST": { + "note": { + "type": "string", + "required": false, + "read_only": false, + "label": "title", + "max_length": 100 + } + } + } + } + +## Setting the metadata scheme + +You can set the metadata class globally using the `'DEFAULT_METADATA_CLASS'` settings key: + + REST_FRAMEWORK = { + 'DEFAULT_METADATA_CLASS': 'rest_framework.metadata.SimpleMetadata' + } + +Or you can set the metadata class individually for a view: + + class APIRoot(APIView): + metadata_class = APIRootMetadata + + def get(self, request, format=None): + return Response({ + ... + }) + +The REST framework package only includes a single metadata class implementation, named `SimpleMetadata`. If you want to use an alternative style you'll need to implement a custom metadata class. + +## Creating schema endpoints + +If you have specific requirements for creating schema endpoints that are accessed with regular `GET` requests, you might consider re-using the metadata API for doing so. + +For example, the following additional route could be used on a viewset to provide a linkable schema endpoint. + + @list_route(methods=['GET']) + def schema(self, request): + meta = self.metadata_class() + data = meta.determine_metadata(request, self) + return Response(data) + +There are a couple of reasons that you might choose to take this approach, including that `OPTIONS` responses [are not cacheable][no-options]. + +--- + +# Custom metadata classes + +If you want to provide a custom metadata class you should override `BaseMetadata` and implement the `determine_metadata(self, request, view)` method. + +Useful things that you might want to do could include returning schema information, using a format such as [JSON schema][json-schema], or returning debug information to admin users. + +## Example + +The following class could be used to limit the information that is returned to `OPTIONS` requests. + + class MinimalMetadata(BaseMetadata): + """ + Don't include field and other information for `OPTIONS` requests. + Just return the name and description. + """ + def determine_metadata(self, request, view): + return { + 'name': view.get_view_name(), + 'description': view.get_view_description() + } + +[cite]: http://tools.ietf.org/html/rfc7231#section-4.3.7 +[no-options]: https://www.mnot.net/blog/2012/10/29/NO_OPTIONS +[json-schema]: http://json-schema.org/ -- cgit v1.2.3 From babdc78e61ac915fa4a01bdfb04e11a32dbf5d79 Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Thu, 9 Oct 2014 11:39:01 +0100 Subject: Typo --- docs/api-guide/validators.md | 0 docs/topics/3.0-announcement.md | 2 +- 2 files changed, 1 insertion(+), 1 deletion(-) create mode 100644 docs/api-guide/validators.md (limited to 'docs') diff --git a/docs/api-guide/validators.md b/docs/api-guide/validators.md new file mode 100644 index 00000000..e69de29b diff --git a/docs/topics/3.0-announcement.md b/docs/topics/3.0-announcement.md index 26d261ed..bffc608a 100644 --- a/docs/topics/3.0-announcement.md +++ b/docs/topics/3.0-announcement.md @@ -617,7 +617,7 @@ The view logic for the default method handlers has been significantly simplified The `pre_save` and `post_save` hooks no longer exist, but are replaced with `perform_create(self, serializer)` and `perform_update(self, serializer)`. -These method should save the object instance by calling `serializer.save()`, adding in any explicit additional arguments as required. They may also perform any custom pre-save or post-save behavior. +These methods should save the object instance by calling `serializer.save()`, adding in any additional arguments as required. They may also perform any custom pre-save or post-save behavior. For example: -- cgit v1.2.3 From 5d247a65c89594a7ab5ce2333612f23eadc6828d Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Thu, 9 Oct 2014 15:11:19 +0100 Subject: First pass on nested serializers in HTML --- docs/tutorial/quickstart.md | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) (limited to 'docs') diff --git a/docs/tutorial/quickstart.md b/docs/tutorial/quickstart.md index 813e9872..c2dc4bea 100644 --- a/docs/tutorial/quickstart.md +++ b/docs/tutorial/quickstart.md @@ -26,11 +26,13 @@ Create a new Django project named `tutorial`, then start a new app called `quick Now sync your database for the first time: - python manage.py syncdb + python manage.py migrate -Make sure to create an initial user named `admin` with a password of `password`. We'll authenticate as that user later in our example. +We'll also create an initial user named `admin` with a password of `password`. We'll authenticate as that user later in our example. -Once you've set up a database and got everything synced and ready to go, open up the app's directory and we'll get coding... + python manage.py createsuperuser + +Once you've set up a database and initial user created and ready to go, open up the app's directory and we'll get coding... ## Serializers -- cgit v1.2.3 From d9a199ca0ddf92f999aa37b396596d0e3e0a26d9 Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Fri, 10 Oct 2014 14:16:09 +0100 Subject: exceptions.ValidationFailed, not Django's ValidationError --- docs/topics/3.0-announcement.md | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) (limited to 'docs') diff --git a/docs/topics/3.0-announcement.md b/docs/topics/3.0-announcement.md index bffc608a..b28670cf 100644 --- a/docs/topics/3.0-announcement.md +++ b/docs/topics/3.0-announcement.md @@ -191,7 +191,7 @@ Using the `depth` option on `ModelSerializer` will now create **read-only nested def create(self, validated_data): profile_data = validated_data.pop['profile'] user = User.objects.create(**validated_data) - profile = Profile.objects.create(user=user, **profile_data) + Profile.objects.create(user=user, **profile_data) return user The single-step object creation makes this far simpler and more obvious than the previous `.restore_object()` behavior. @@ -223,10 +223,6 @@ We can now inspect the serializer representation in the Django shell, using `pyt rating = IntegerField() created_by = PrimaryKeyRelatedField(queryset=User.objects.all()) -#### Always use `fields`, not `exclude`. - -The `exclude` option on `ModelSerializer` is no longer available. You should use the more explicit `fields` option instead. - #### The `extra_kwargs` option. The `write_only_fields` option on `ModelSerializer` has been moved to `PendingDeprecation` and replaced with a more generic `extra_kwargs`. -- cgit v1.2.3 From d8a8987ab1eb6abbaee1a0de8cfea38eafe21293 Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Fri, 10 Oct 2014 14:32:02 +0100 Subject: Tweaks --- docs/topics/3.0-announcement.md | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'docs') diff --git a/docs/topics/3.0-announcement.md b/docs/topics/3.0-announcement.md index b28670cf..aa0e0c7e 100644 --- a/docs/topics/3.0-announcement.md +++ b/docs/topics/3.0-announcement.md @@ -144,6 +144,12 @@ The corresponding code would now look like this: logging.info('Creating ticket "%s"' % name) serializer.save(user=request.user) # Include the user when saving. +#### Use `rest_framework.exceptions.ValidationFailed`. + +Django's `ValidationError` class is intended for use with HTML forms and it's API makes its use slightly awkward with nested validation errors as can occur in serializers. + +We now include a simpler `ValidationFailed` exception class in REST framework that you should use when raising validation failures. + #### Change to `validate_`. The `validate_` method hooks that can be attached to serializer classes change their signature slightly and return type. Previously these would take a dictionary of all incoming data, and a key representing the field name, and would return a dictionary including the validated data for that field: -- cgit v1.2.3 From f8f101268e1d3ff0621c61299c13d78914874a2b Mon Sep 17 00:00:00 2001 From: wolfe Date: Tue, 14 Oct 2014 18:58:25 -0300 Subject: Update 3.0-announcement.md Swap order of custom field API changes so the two "and" clauses are in the same order.--- docs/topics/3.0-announcement.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/topics/3.0-announcement.md b/docs/topics/3.0-announcement.md index aa0e0c7e..dcd6d90c 100644 --- a/docs/topics/3.0-announcement.md +++ b/docs/topics/3.0-announcement.md @@ -518,7 +518,7 @@ The `MultipleChoiceField` class has been added. This field acts like `ChoiceFiel #### Changes to the custom field API. -The `from_native(self, value)` and `to_native(self, data)` method names have been replaced with the more obviously named `to_representation(self, value)` and `to_internal_value(self, data)`. +The `from_native(self, value)` and `to_native(self, data)` method names have been replaced with the more obviously named `to_internal_value(self, data)` and `to_representation(self, value)`. The `field_from_native()` and `field_to_native()` methods are removed. -- cgit v1.2.3 From 113a28ed8ad65d912180e8be7a92b679251b0249 Mon Sep 17 00:00:00 2001 From: konradhalas Date: Thu, 16 Oct 2014 13:48:18 +0200 Subject: Add djoser to authentication docs. --- docs/api-guide/authentication.md | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'docs') diff --git a/docs/api-guide/authentication.md b/docs/api-guide/authentication.md index 0ec5bad1..b355012e 100755 --- a/docs/api-guide/authentication.md +++ b/docs/api-guide/authentication.md @@ -415,6 +415,10 @@ The [HawkREST][hawkrest] library builds on the [Mohawk][mohawk] library to let y HTTP Signature (currently a [IETF draft][http-signature-ietf-draft]) provides a way to achieve origin authentication and message integrity for HTTP messages. Similar to [Amazon's HTTP Signature scheme][amazon-http-signature], used by many of its services, it permits stateless, per-request authentication. [Elvio Toccalino][etoccalino] maintains the [djangorestframework-httpsignature][djangorestframework-httpsignature] package which provides an easy to use HTTP Signature Authentication mechanism. +## Djoser + +[Djoser][djoser] library provides a set of views to handle basic actions such as registration, login, logout, password reset and account activation. The package works with a custom user model and it uses token based authentication. This is a ready to use REST implementation of Django authentication system. + [cite]: http://jacobian.org/writing/rest-worst-practices/ [http401]: http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.2 [http403]: http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.4 @@ -449,3 +453,4 @@ HTTP Signature (currently a [IETF draft][http-signature-ietf-draft]) provides a [hawk]: https://github.com/hueniverse/hawk [mohawk]: http://mohawk.readthedocs.org/en/latest/ [mac]: http://tools.ietf.org/html/draft-hammer-oauth-v2-mac-token-05 +[djoser]: https://github.com/sunscrapers/djoser -- cgit v1.2.3 From 5e89994a10105b03b89abf0d0c9fee766942660e Mon Sep 17 00:00:00 2001 From: konradhalas Date: Thu, 16 Oct 2014 15:16:13 +0200 Subject: Add to main 3rd party resources list. --- docs/topics/third-party-resources.md | 1 + 1 file changed, 1 insertion(+) (limited to 'docs') diff --git a/docs/topics/third-party-resources.md b/docs/topics/third-party-resources.md index 1ca91742..0317dd64 100644 --- a/docs/topics/third-party-resources.md +++ b/docs/topics/third-party-resources.md @@ -16,6 +16,7 @@ To submit new content, [open an issue](https://github.com/tomchristie/django-res * [djangorestframework-jwt](https://github.com/GetBlimp/django-rest-framework-jwt) - Provides JSON Web Token Authentication support. * [hawkrest](https://github.com/kumar303/hawkrest) - Provides Hawk HTTP Authorization. * [djangorestframework-httpsignature](https://github.com/etoccalino/django-rest-framework-httpsignature) - Provides an easy to use HTTP Signature Authentication mechanism. +* [djoser](https://github.com/sunscrapers/djoser) - Provides a set of views to handle basic actions such as registration, login, logout, password reset and account activation. ### Permissions -- cgit v1.2.3 From d0f610be4457947f78d20da4f2bdb04ef52d0db3 Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Thu, 16 Oct 2014 20:43:35 +0100 Subject: Update release notes --- docs/topics/3.0-announcement.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/topics/3.0-announcement.md b/docs/topics/3.0-announcement.md index dcd6d90c..f868b344 100644 --- a/docs/topics/3.0-announcement.md +++ b/docs/topics/3.0-announcement.md @@ -653,7 +653,7 @@ If you need to restore the previous behavior you can include the `AllowPUTAsCrea #### Customizing error responses. -The generic views now raise `ValidationError` for invalid data. This exception is then dealt with by the exception handler, rather than the view returning a `400 Bad Request` response directly. +The generic views now raise `ValidationFailed` exception for invalid data. This exception is then dealt with by the exception handler, rather than the view returning a `400 Bad Request` response directly. This change means that you can now easily customize the style of error responses across your entire API, without having to modify any of the generic views. -- cgit v1.2.3 From 05cbec9dd7f9f0b6a9b59b29ac6c9272b6ae50d8 Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Fri, 17 Oct 2014 13:23:14 +0100 Subject: Use serializers.ValidationError --- docs/topics/3.0-announcement.md | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) (limited to 'docs') diff --git a/docs/topics/3.0-announcement.md b/docs/topics/3.0-announcement.md index f868b344..658b50d3 100644 --- a/docs/topics/3.0-announcement.md +++ b/docs/topics/3.0-announcement.md @@ -144,11 +144,15 @@ The corresponding code would now look like this: logging.info('Creating ticket "%s"' % name) serializer.save(user=request.user) # Include the user when saving. -#### Use `rest_framework.exceptions.ValidationFailed`. +#### Using `serializers.ValidationError`. -Django's `ValidationError` class is intended for use with HTML forms and it's API makes its use slightly awkward with nested validation errors as can occur in serializers. +Previously `serializers.ValidationError` error was simply a synonym for `django.core.exceptions.ValidationError`. This has now been altered so that it inherits from the standard `APIException` base class. -We now include a simpler `ValidationFailed` exception class in REST framework that you should use when raising validation failures. +The reason behind this is that Django's `ValidationError` class is intended for use with HTML forms and its API makes using it slightly awkward with nested validation errors that can occur in serializers. + +For most users this change shouldn't require any updates to your codebase, but it is worth ensuring that whenever raising validation errors you are always using the `serializers.ValidationError` exception class, and not Django's built-in exception. + +We strongly recommend that you use the namespaced import style of `import serializers` and not `from serializers import ValidationError` in order to avoid any potential confusion. #### Change to `validate_`. @@ -156,14 +160,14 @@ The `validate_` method hooks that can be attached to serializer clas def validate_score(self, attrs, source): if attrs[score] % 10 != 0: - raise ValidationError('This field should be a multiple of ten.') + raise serializers.ValidationError('This field should be a multiple of ten.') return attrs This is now simplified slightly, and the method hooks simply take the value to be validated, and return it's validated value. def validate_score(self, value): if value % 10 != 0: - raise ValidationError('This field should be a multiple of ten.') + raise serializers.ValidationError('This field should be a multiple of ten.') return value Any ad-hoc validation that applies to more than one field should go in the `.validate(self, attrs)` method as usual. -- cgit v1.2.3 From 11edd01c34debbe3b689da91efd63cddab7b28c4 Mon Sep 17 00:00:00 2001 From: José Padilla Date: Fri, 17 Oct 2014 08:58:31 -0400 Subject: Add docs regarding linking third party packages --- docs/topics/contributing.md | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/topics/contributing.md b/docs/topics/contributing.md index 3400bc8f..4fafb1b1 100644 --- a/docs/topics/contributing.md +++ b/docs/topics/contributing.md @@ -210,7 +210,9 @@ We recommend the [`django-reusable-app`][django-reusable-app] template as a good ## Linking to your package -Once your package is decently documented and available on PyPI open a pull request or issue, and we'll add a link to it from the main REST framework documentation. +Once your package is decently documented and available on PyPI open a pull request or issue, and we'll add a link to it from the main REST framework documentation. You can add your package under **Third party packages** of the API Guide section that best applies, like [Authentication][authentication] or [Permissions][permissions]. You can also link your package under the [Third Party Resources][third-party-resources] section. + +We also suggest adding it to the [REST Framework][rest-framework-grid] grid on Django Packages. [cite]: http://www.w3.org/People/Berners-Lee/FAQ.html [code-of-conduct]: https://www.djangoproject.com/conduct/ @@ -225,3 +227,7 @@ Once your package is decently documented and available on PyPI open a pull reque [docs]: https://github.com/tomchristie/django-rest-framework/tree/master/docs [mou]: http://mouapp.com/ [django-reusable-app]: https://github.com/dabapps/django-reusable-app +[authentication]: ../api-guide/authentication.md +[permissions]: ../api-guide/permissions.md +[third-party-resources]: third-party-resources.md +[rest-framework-grid]: https://www.djangopackages.com/grids/g/django-rest-framework/ -- cgit v1.2.3 From c5d1be8eac6cdb5cce000ec7c55e1847bfcf2359 Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Wed, 22 Oct 2014 10:32:32 +0100 Subject: .validate() can raise field errors or non-field errors --- docs/topics/3.0-announcement.md | 45 +++++++++++++++++++++++++++++++++++++++-- 1 file changed, 43 insertions(+), 2 deletions(-) (limited to 'docs') diff --git a/docs/topics/3.0-announcement.md b/docs/topics/3.0-announcement.md index 658b50d3..9aeb5df6 100644 --- a/docs/topics/3.0-announcement.md +++ b/docs/topics/3.0-announcement.md @@ -163,7 +163,7 @@ The `validate_` method hooks that can be attached to serializer clas raise serializers.ValidationError('This field should be a multiple of ten.') return attrs -This is now simplified slightly, and the method hooks simply take the value to be validated, and return it's validated value. +This is now simplified slightly, and the method hooks simply take the value to be validated, and return the validated value. def validate_score(self, value): if value % 10 != 0: @@ -172,6 +172,22 @@ This is now simplified slightly, and the method hooks simply take the value to b Any ad-hoc validation that applies to more than one field should go in the `.validate(self, attrs)` method as usual. +Because `.validate_` would previously accept the complete dictionary of attributes, it could be used to validate a field depending on the input in another field. Now if you need to do this you should use `.validate()` instead. + +You can either return `non_field_errors` from the validate method by raising a simple `ValidationError` + + def validate(self, attrs): + # serializer.errors == {'non_field_errors': ['A non field error']} + raise serailizers.ValidationError('A non field error') + +Alternatively if you want the errors to be against a specific field, use a dictionary of when instantiating the `ValidationError`, like so: + + def validate(self, attrs): + # serializer.errors == {'my_field': ['A field error']} + raise serailizers.ValidationError({'my_field': 'A field error'}) + +This ensures you can still write validation that compares all the input fields, but that marks the error against a particular field. + #### Limitations of ModelSerializer validation. This change also means that we no longer use the `.full_clean()` method on model instances, but instead perform all validation explicitly on the serializer. This gives a cleaner separation, and ensures that there's no automatic validation behavior on `ModelSerializer` classes that can't also be easily replicated on regular `Serializer` classes. @@ -189,7 +205,32 @@ REST framework 2.x attempted to automatically support writable nested serializat * It's unclear what behavior the user should expect when related models are passed `None` data. * It's unclear how the user should expect to-many relationships to handle updates, creations and deletions of multiple records. -Using the `depth` option on `ModelSerializer` will now create **read-only nested serializers** by default. To use writable nested serialization you'll want to declare a nested field on the serializer class, and write the `create()` and/or `update()` methods explicitly. +Using the `depth` option on `ModelSerializer` will now create **read-only nested serializers** by default. + +If you try to use a writable nested serializer without writing a custom `create()` and/or `update()` method you'll see an assertion error when you attempt to save the serializer. For example: + + >>> class ProfileSerializer(serializers.ModelSerializer): + >>> class Meta: + >>> model = Profile + >>> fields = ('address', 'phone') + >>> + >>> class UserSerializer(serializers.ModelSerializer): + >>> profile = ProfileSerializer() + >>> class Meta: + >>> model = User + >>> fields = ('username', 'email', 'profile') + >>> + >>> data = { + >>> 'username': 'lizzy', + >>> 'email': 'lizzy@example.com', + >>> 'profile': {'address': '123 Acacia Avenue', 'phone': '01273 100200'} + >>> } + >>> + >>> serializer = UserSerializer(data=data) + >>> serializer.save() + AssertionError: The `.create()` method does not suport nested writable fields by default. Write an explicit `.create()` method for serializer `UserSerializer`, or set `read_only=True` on nested serializer fields. + +To use writable nested serialization you'll want to declare a nested field on the serializer class, and write the `create()` and/or `update()` methods explicitly. class UserSerializer(serializers.ModelSerializer): profile = ProfileSerializer() -- cgit v1.2.3 From 702f47700de2c10f26f06b23099740c408ffe797 Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Fri, 24 Oct 2014 12:12:01 +0100 Subject: Updated requirements --- docs/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/index.md b/docs/index.md index e4c971f9..9d436ad5 100644 --- a/docs/index.md +++ b/docs/index.md @@ -50,7 +50,7 @@ Some reasons you might want to use REST framework: REST framework requires the following: * Python (2.6.5+, 2.7, 3.2, 3.3) -* Django (1.4.2+, 1.5, 1.6, 1.7) +* Django (1.4.11+, 1.5.5+, 1.6, 1.7) The following packages are optional: -- cgit v1.2.3 From f25f05dde58908ca6885c88499e4d5984f0f3502 Mon Sep 17 00:00:00 2001 From: Andrew Conti Date: Wed, 29 Oct 2014 16:31:36 -0400 Subject: Update authentication.md Based on the [new documentation](https://docs.djangoproject.com/en/dev/topics/auth/customizing/#django.contrib.auth.get_user_model) for Django 1.7 we should now use: ```python @receiver(post_save, sender=settings.AUTH_USER_MODEL) ``` instead of: ```python @receiver(post_save, sender=get_user_model()) ``` because `get_user_model()` only works once Django has imported all models. Otherwise you'll get: ```python django.core.exceptions.AppRegistryNotReady: Models aren't loaded yet. ``` When trying to start your sever after adding token authentication. From the Docs, ( linked above as well ) : >New in Django 1.7: >When connecting to signals sent by the User model, you should specify the custom model using the AUTH_USER_MODEL setting.--- docs/api-guide/authentication.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/api-guide/authentication.md b/docs/api-guide/authentication.md index b355012e..3a5156fd 100755 --- a/docs/api-guide/authentication.md +++ b/docs/api-guide/authentication.md @@ -168,12 +168,13 @@ The `curl` command line tool may be useful for testing token authenticated APIs. If you want every user to have an automatically generated Token, you can simply catch the User's `post_save` signal. + from django.conf import settings from django.contrib.auth import get_user_model from django.db.models.signals import post_save from django.dispatch import receiver from rest_framework.authtoken.models import Token - @receiver(post_save, sender=get_user_model()) + @receiver(post_save, sender=settings.AUTH_USER_MODEL) def create_auth_token(sender, instance=None, created=False, **kwargs): if created: Token.objects.create(user=instance) -- cgit v1.2.3 From 27622058872c00e357deb7d7e86619a793ef4b41 Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Fri, 31 Oct 2014 13:47:36 +0000 Subject: Validator documentation and tweaks --- docs/api-guide/validators.md | 183 +++++++++++++++++++++++++++++++++++++++++++ docs/index.md | 2 + docs/template.html | 1 + 3 files changed, 186 insertions(+) (limited to 'docs') diff --git a/docs/api-guide/validators.md b/docs/api-guide/validators.md index e69de29b..52c9e082 100644 --- a/docs/api-guide/validators.md +++ b/docs/api-guide/validators.md @@ -0,0 +1,183 @@ + + +# Validators + +> Validators can be useful for re-using validation logic between different types of fields. +> +> — [Django documentation][cite] + +Most of the time you're dealing with validation in REST framework you'll simply be relying on the default field validation, or writing explicit validation methods on serializer or field classes. + +Sometimes you'll want to place your validation logic into reusable components, so that it can easily be reused throughout your codebase. This can be achieved by using validator functions and validator classes. + +## Validation in REST framework + +Validation in Django REST framework serializers is handled a little differently to how validation works in Django's `ModelForm` class. + +With `ModelForm` the validation is performed partially on the form, and partially on the model instance. With REST framework the validation is performed entirely on the serializer class. This is advantageous for the following reasons: + +* It introduces a proper separation of concerns, making your code behaviour more obvious. +* It is easy to switch between using shortcut `ModelSerializer` classes and using explicit `Serializer` classes. Any validation behaviour being used for `ModelSerializer` is simple to replicate. +* Printing the `repr` of a serializer instance will show you exactly what validation rules it applies. There's no extra hidden validation behaviour being called on the model instance. + +When you're using `ModelSerializer` all of this is handled automatically for you. If you want to drop down to using a `Serializer` classes instead, then you need to define the validation rules explicitly. + +#### Example + +As an example of how REST framework uses explicit validation, we'll take a simple model class that has a field with a uniqueness constraint. + + class CustomerReportRecord(models.Model): + time_raised = models.DateTimeField(default=timezone.now, editable=False) + reference = models.CharField(unique=True, max_length=20) + description = models.TextField() + +Here's a basic `ModelSerializer` that we can use for creating or updating instances of `CustomerReportRecord`: + + class CustomerReportSerializer(serializers.ModelSerializer): + class Meta: + model = CustomerReportRecord + +If we open up the Django shell using `manage.py shell` we can now + + >>> from project.example.serializers import CustomerReportSerializer + >>> serializer = CustomerReportSerializer() + >>> print(repr(serializer)) + CustomerReportSerializer(): + id = IntegerField(label='ID', read_only=True) + time_raised = DateTimeField(read_only=True) + reference = CharField(max_length=20, validators=[]) + description = CharField(style={'type': 'textarea'}) + +The interesting bit here is the `reference` field. We can see that the uniqueness constraint is being explicitly enforced by a validator on the serializer field. + +Because of this more explicit style REST framework includes a few validator classes that are not available in core Django. These classes are detailed below. + +--- + +## UniqueValidator + +This validator can be used to enforce the `unique=True` constraint on model fields. +It takes a single required argument, and an optional `messages` argument: + +* `queryset` *required* - This is the queryset against which uniqueness should be enforced. +* `message` - The error message that should be used when validation fails. + +This validator should be applied to *serializer fields*, like so: + + slug = SlugField( + max_length=100, + validators=[UniqueValidator(queryset=BlogPost.objects.all())] + ) + +## UniqueTogetherValidator + +This validator can be used to enforce `unique_together` constraints on model instances. +It has two required arguments, and a single optional `messages` argument: + +* `queryset` *required* - This is the queryset against which uniqueness should be enforced. +* `fields` *required* - A list or tuple of field names which should make a unique set. These must exist as fields on the serializer class. +* `message` - The error message that should be used when validation fails. + +The validator should be applied to *serializer classes*, like so: + + class ExampleSerializer(serializers.Serializer): + # ... + class Meta: + # ToDo items belong to a parent list, and have an ordering defined + # by the 'position' field. No two items in a given list may share + # the same position. + validators = [ + UniqueTogetherValidator( + queryset=ToDoItem.objects.all(), + fields=('list', 'position') + ) + ] + +## UniqueForDateValidator + +## UniqueForMonthValidator + +## UniqueForYearValidator + +These validators can be used to enforce the `unique_for_date`, `unique_for_month` and `unique_for_year` constraints on model instances. They take the following arguments: + +* `queryset` *required* - This is the queryset against which uniqueness should be enforced. +* `field` *required* - A field name against which uniqueness in the given date range will be validated. This must exist as a field on the serializer class. +* `date_field` *required* - A field name which will be used to determine date range for the uniqueness constrain. This must exist as a field on the serializer class. +* `message` - The error message that should be used when validation fails. + +The validator should be applied to *serializer classes*, like so: + + class ExampleSerializer(serializers.Serializer): + # ... + class Meta: + # Blog posts should have a slug that is unique for the current year. + validators = [ + UniqueForYearValidator( + queryset=BlogPostItem.objects.all(), + field='slug', + date_field='published' + ) + ] + +The date field that is used for the validation is always required to be present on the serializer class. You can't simply rely on a model class `default=...`, because the value being used for the default wouldn't be generated until after the validation has run. + +There are a couple of styles you may want to use for this depending on how you want your API to behave. If you're using `ModelSerializer` you'll probably simply rely on the defaults that REST framework generates for you, but if you are using `Serializer` or simply want more explicit control, use on of the styles demonstrated below. + +#### Using with a writable date field. + +If you want the date field to be writable the only thing worth noting is that you should ensure that it is always available in the input data, either by setting a `default` argument, or by setting `required=True`. + + published = serializers.DateTimeField(required=True) + +#### Using with a read-only date field. + +If you want the date field to be visible, but not editable by the user, then set `read_only=True` and additionally set a `default=...` argument. + + published = serializers.DateTimeField(read_only=True, default=timezone.now) + +The field will not be writable to the user, but the default value will still be passed through to the `validated_data`. + +#### Using with a hidden date field. + +If you want the date field to be entirely hidden from the user, then use `HiddenField`. This field type does not accept user input, but instead always returns it's default value to the `validated_data` in the serializer. + + published = serializers.HiddenField(default=timezone.now) + +--- + +# Writing custom validators + +You can use any of Django's existing validators, or write your own custom validators. + +## Function based + +A validator may be any callable that raises a `serializers.ValidationError` on failure. + + def even_number(value): + if value % 2 != 0: + raise serializers.ValidationError('This field must be an even number.') + +## Class based + +To write a class based validator, use the `__call__` method. Class based validators are useful as they allow you to parameterize and reuse behavior. + + class MultipleOf: + def __init__(self, base): + self.base = base + + def __call__(self, value): + if value % self.base != 0 + message = 'This field must be a multiple of %d.' % self.base + raise serializers.ValidationError(message) + +#### Using `set_context()` + +In some advanced cases you might want a validator to be passed the serializer field it is being used with as additional context. You can do so by declaring a `set_context` method on a class based validator. + + def set_context(self, serializer_field): + # Determine if this is an update or a create operation. + # In `__call__` we can then use that information to modify the validation behavior. + self.is_update = serializer_field.parent.instance is not None + +[cite]: https://docs.djangoproject.com/en/dev/ref/validators/ diff --git a/docs/index.md b/docs/index.md index 9d436ad5..cff7b835 100644 --- a/docs/index.md +++ b/docs/index.md @@ -173,6 +173,7 @@ The API guide is your complete reference manual to all the functionality provide * [Serializers][serializers] * [Serializer fields][fields] * [Serializer relations][relations] +* [Validation][validation] * [Authentication][authentication] * [Permissions][permissions] * [Throttling][throttling] @@ -294,6 +295,7 @@ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. [serializers]: api-guide/serializers.md [fields]: api-guide/fields.md [relations]: api-guide/relations.md +[validation]: api-guide/validation.md [authentication]: api-guide/authentication.md [permissions]: api-guide/permissions.md [throttling]: api-guide/throttling.md diff --git a/docs/template.html b/docs/template.html index bb3ae221..0d2fb16e 100644 --- a/docs/template.html +++ b/docs/template.html @@ -95,6 +95,7 @@ a.fusion-poweredby {
  • Serializers
  • Serializer fields
  • Serializer relations
    • +
  • Validation
  • Authentication
  • Permissions
  • Throttling
    • -- cgit v1.2.3 From 254701230d85612cf0210d4549c2d74f410a181d Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Fri, 31 Oct 2014 13:58:40 +0000 Subject: Fix up validators docs --- docs/api-guide/validators.md | 2 +- docs/index.md | 2 +- docs/template.html | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) (limited to 'docs') diff --git a/docs/api-guide/validators.md b/docs/api-guide/validators.md index 52c9e082..6a0ef4ff 100644 --- a/docs/api-guide/validators.md +++ b/docs/api-guide/validators.md @@ -8,7 +8,7 @@ Most of the time you're dealing with validation in REST framework you'll simply be relying on the default field validation, or writing explicit validation methods on serializer or field classes. -Sometimes you'll want to place your validation logic into reusable components, so that it can easily be reused throughout your codebase. This can be achieved by using validator functions and validator classes. +However, sometimes you'll want to place your validation logic into reusable components, so that it can easily be reused throughout your codebase. This can be achieved by using validator functions and validator classes. ## Validation in REST framework diff --git a/docs/index.md b/docs/index.md index cff7b835..161886a4 100644 --- a/docs/index.md +++ b/docs/index.md @@ -173,7 +173,7 @@ The API guide is your complete reference manual to all the functionality provide * [Serializers][serializers] * [Serializer fields][fields] * [Serializer relations][relations] -* [Validation][validation] +* [Validators][validators] * [Authentication][authentication] * [Permissions][permissions] * [Throttling][throttling] diff --git a/docs/template.html b/docs/template.html index 0d2fb16e..f36cffc6 100644 --- a/docs/template.html +++ b/docs/template.html @@ -95,7 +95,7 @@ a.fusion-poweredby {
  • Serializers
  • Serializer fields
  • Serializer relations
    • -
  • Validation
    • +
  • Validators
  • Authentication
  • Permissions
  • Throttling
    • -- cgit v1.2.3 From 964b3401fbcf27afcc2f1e41c5b0e7c538b1c68f Mon Sep 17 00:00:00 2001 From: Andy Baker Date: Sat, 1 Nov 2014 10:25:59 +0000 Subject: typo fix --- docs/topics/3.0-announcement.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/topics/3.0-announcement.md b/docs/topics/3.0-announcement.md index 9aeb5df6..f69c0b25 100644 --- a/docs/topics/3.0-announcement.md +++ b/docs/topics/3.0-announcement.md @@ -323,7 +323,7 @@ Alternatively, specify the field explicitly on the serializer class: #### Fields for model methods and properties. -With `ModelSerilizer` you can now specify field names in the `fields` option that refer to model methods or properties. For example, suppose you have the following model: +With `ModelSerializer` you can now specify field names in the `fields` option that refer to model methods or properties. For example, suppose you have the following model: class Invitation(models.Model): created = models.DateTimeField() -- cgit v1.2.3 From 96bb77dc35a75df0fd9ad2fabb0f4661b2485600 Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Mon, 3 Nov 2014 11:20:18 +0000 Subject: Version 2.4.4 --- docs/topics/release-notes.md | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'docs') diff --git a/docs/topics/release-notes.md b/docs/topics/release-notes.md index 16589f3b..11d12ae3 100644 --- a/docs/topics/release-notes.md +++ b/docs/topics/release-notes.md @@ -40,6 +40,16 @@ You can determine your currently installed version using `pip freeze`: ## 2.4.x series +### 2.4.4 + +**Date**: [3rd November 2014](https://github.com/tomchristie/django-rest-framework/issues?q=milestone%3A%222.4.4+Release%22+). + +* **Security fix**: Escape URLs when replacing `format=` query parameter, as used in dropdown on `GET` button in browsable API to allow explicit selection of JSON vs HTML output. +* Maintain ordering of URLs in API root view for `DefaultRouter`. +* Fix `follow=True` in `APIRequestFactory` +* Resolve issue with invalid `read_only=True`, `required=True` fields being automatically generated by `ModelSerializer` in some cases. +* Resolve issue with `OPTIONS` requests returning incorrect information for views using `get_serializer_class` to dynamically determine serializer based on request method. + ### 2.4.3 **Date**: [19th September 2014](https://github.com/tomchristie/django-rest-framework/issues?q=milestone%3A%222.4.3+Release%22+). -- cgit v1.2.3 From d27b8cc09b83bac10346effa1021493d2835b794 Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Mon, 3 Nov 2014 12:00:19 +0000 Subject: PUT as create docs, and move mixin out to external gist --- docs/api-guide/generic-views.md | 14 ++++++++++++++ docs/topics/3.0-announcement.md | 2 +- 2 files changed, 15 insertions(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/api-guide/generic-views.md b/docs/api-guide/generic-views.md index 49be0cae..d2836fa6 100755 --- a/docs/api-guide/generic-views.md +++ b/docs/api-guide/generic-views.md @@ -368,6 +368,20 @@ If you are using a mixin across multiple views, you can take this a step further Using custom base classes is a good option if you have custom behavior that consistently needs to be repeated across a large number of views throughout your project. +--- + +# PUT as create + +Prior to version 3.0 the REST framework mixins treated `PUT` as either an update or a create operation, depending on if the object already existed or not. + +Allowing `PUT` as create operations is problematic, as it necessarily exposes information about the existence or non-existance of objects. It's also not obvious that transparently allowing re-creating of previously deleted instances is necessarily a better default behavior than simply returning `404` responses. + +Both styles "`PUT` as 404" and "`PUT` as create" can be valid in different circumstances, but from version 3.0 onwards we now use 404 behavior as the default, due to it being simpler and more obvious. + +If you need to generic PUT-as-create behavior you may want to include something like [this `AllowPUTAsCreateMixin` class](https://gist.github.com/tomchristie/a2ace4577eff2c603b1b) as a mixin to your views. + +--- + # Third party packages The following third party packages provide additional generic view implementations. diff --git a/docs/topics/3.0-announcement.md b/docs/topics/3.0-announcement.md index f69c0b25..97ffdcf3 100644 --- a/docs/topics/3.0-announcement.md +++ b/docs/topics/3.0-announcement.md @@ -694,7 +694,7 @@ Allowing `PUT` as create operations is problematic, as it necessarily exposes in Both styles "`PUT` as 404" and "`PUT` as create" can be valid in different circumstances, but we've now opted for the 404 behavior as the default, due to it being simpler and more obvious. -If you need to restore the previous behavior you can include the `AllowPUTAsCreateMixin` class in your view. This class can be imported from `rest_framework.mixins`. +If you need to restore the previous behavior you may want to include [this `AllowPUTAsCreateMixin` class](https://gist.github.com/tomchristie/a2ace4577eff2c603b1b) as a mixin to your views. #### Customizing error responses. -- cgit v1.2.3 From 9ce130d1b56039b0b7a7b04024f95c8c49c8fff7 Mon Sep 17 00:00:00 2001 From: Rocky Meza Date: Mon, 3 Nov 2014 06:56:42 -0700 Subject: Fixed some typos in 3.0 release notes --- docs/topics/3.0-announcement.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'docs') diff --git a/docs/topics/3.0-announcement.md b/docs/topics/3.0-announcement.md index 97ffdcf3..f9987ad0 100644 --- a/docs/topics/3.0-announcement.md +++ b/docs/topics/3.0-announcement.md @@ -748,7 +748,7 @@ You can revert this behavior, and display filenames in the representation by usi You can also modify serializer fields individually, using the `use_url` argument: - uploaded_file = serializers.FileField(user_url=False) + uploaded_file = serializers.FileField(use_url=False) Also note that you should pass the `request` object to the serializer as context when instantiating it, so that a fully qualified URL can be returned. Returned URLs will then be of the form `https://example.com/url_path/filename.txt`. For example: @@ -790,7 +790,7 @@ You can modify this behavior globally by using the `COERCE_DECIMAL_TO_STRING` se 'COERCE_DECIMAL_TO_STRING': False } -Or modify it on an individual serializer field, using the `corece_to_string` keyword argument. +Or modify it on an individual serializer field, using the `coerce_to_string` keyword argument. # Return `Decimal` instances in `serializer.data`, not strings. amount = serializers.DecimalField( -- cgit v1.2.3 From 0da30e6d1dea68d7c075067dd997fb1e0e26f27b Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Mon, 3 Nov 2014 14:43:00 +0000 Subject: Add note about 3.0 being merged to master --- docs/index.md | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'docs') diff --git a/docs/index.md b/docs/index.md index 5b31cc83..6288efa3 100644 --- a/docs/index.md +++ b/docs/index.md @@ -9,6 +9,10 @@ --- +**Note**: The incoming 3.0 version has now been merged to the `master` branch on GitHub. For the source of the currently available PyPI version, please see the `2.4.4` tag. + +--- +

    -detail`. **required**. +* `view_name` - The view name that should be used as the target of the relationship. If you're using [the standard router classes][routers] this will be a string with the format `-detail`. **required**. * `lookup_field` - The field on the target that should be used for the lookup. Should correspond to a URL keyword argument on the referenced view. Default is `'pk'`. * `format` - If using format suffixes, hyperlinked fields will use the same format suffix for the target unless overridden by using the `format` argument. diff --git a/docs/api-guide/settings.md b/docs/api-guide/settings.md index 2144a2ed..48af30a5 100644 --- a/docs/api-guide/settings.md +++ b/docs/api-guide/settings.md @@ -154,13 +154,13 @@ Default: `None` ### SEARCH_PARAM -The name of a query paramater, which can be used to specify the search term used by `SearchFilter`. +The name of a query parameter, which can be used to specify the search term used by `SearchFilter`. Default: `search` #### ORDERING_PARAM -The name of a query paramater, which can be used to specify the ordering of results returned by `OrderingFilter`. +The name of a query parameter, which can be used to specify the ordering of results returned by `OrderingFilter`. Default: `ordering` @@ -321,7 +321,7 @@ When set to `False`, JSON responses will escape non-ascii characters, like so: {"unicode black star":"\u2605"} -Both styles conform to [RFC 4627][rfc4627], and are syntactically valid JSON. The unicode style is prefered as being more user-friendly when inspecting API responses. +Both styles conform to [RFC 4627][rfc4627], and are syntactically valid JSON. The unicode style is preferred as being more user-friendly when inspecting API responses. Default: `True` diff --git a/docs/api-guide/throttling.md b/docs/api-guide/throttling.md index 16a7457b..147c16ff 100644 --- a/docs/api-guide/throttling.md +++ b/docs/api-guide/throttling.md @@ -74,7 +74,7 @@ If you need to strictly identify unique client IP addresses, you'll need to firs It is important to understand that if you configure the `NUM_PROXIES` setting, then all clients behind a unique [NAT'd](http://en.wikipedia.org/wiki/Network_address_translation) gateway will be treated as a single client. -Further context on how the `X-Forwarded-For` header works, and identifing a remote client IP can be [found here][identifing-clients]. +Further context on how the `X-Forwarded-For` header works, and identifying a remote client IP can be [found here][identifing-clients]. ## Setting up the cache @@ -85,7 +85,7 @@ If you need to use a cache other than `'default'`, you can do so by creating a c class CustomAnonRateThrottle(AnonRateThrottle): cache = get_cache('alternate') -You'll need to rememeber to also set your custom throttle class in the `'DEFAULT_THROTTLE_CLASSES'` settings key, or using the `throttle_classes` view attribute. +You'll need to remember to also set your custom throttle class in the `'DEFAULT_THROTTLE_CLASSES'` settings key, or using the `throttle_classes` view attribute. --- -- cgit v1.2.3 From 59b30307e80fb26f2c7caa82492c78fe265b537e Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Fri, 7 Nov 2014 20:10:15 +0000 Subject: Fixes to release notes --- docs/topics/3.0-announcement.md | 12 +++--------- 1 file changed, 3 insertions(+), 9 deletions(-) (limited to 'docs') diff --git a/docs/topics/3.0-announcement.md b/docs/topics/3.0-announcement.md index e8428bc2..272b730c 100644 --- a/docs/topics/3.0-announcement.md +++ b/docs/topics/3.0-announcement.md @@ -1,17 +1,11 @@ ## Pre-release notes: -The 3.0 release is now ready for some tentative testing and upgrades for super keen early adopters. You can install the development version directly from GitHub like so: +The 3.0 release is now ready for some tentative testing and upgrades for early adopters. You can install the development version directly from GitHub like so: - pip install https://github.com/tomchristie/django-rest-framework/archive/version-3.0.zip + pip install https://github.com/tomchristie/django-rest-framework/archive/master.zip See the [Version 3.0 GitHub issue](https://github.com/tomchristie/django-rest-framework/pull/1800) for more details on remaining work. -The most notable outstanding issues still to be resolved on the `version-3.0` branch are as follows: - -* Finish forms support for serializers and in the browsable API. -* Optimisations for serializing primary keys. -* Refine style of validation errors in some cases, such as validation errors in `ListField`. - **Your feedback on the upgrade process and 3.0 changes is hugely important!** Please do get in touch via twitter, IRC, a GitHub ticket, or the discussion group. @@ -237,7 +231,7 @@ To use writable nested serialization you'll want to declare a nested field on th fields = ('username', 'email', 'profile') def create(self, validated_data): - profile_data = validated_data.pop['profile'] + profile_data = validated_data.pop('profile') user = User.objects.create(**validated_data) Profile.objects.create(user=user, **profile_data) return user -- cgit v1.2.3 From 93633c297c69a1eefda5e153553c4f021cf10bd8 Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Fri, 7 Nov 2014 20:44:12 +0000 Subject: Tweaks to release notes --- docs/topics/3.0-announcement.md | 43 ++++++++++++++++++++++++++--------------- 1 file changed, 27 insertions(+), 16 deletions(-) (limited to 'docs') diff --git a/docs/topics/3.0-announcement.md b/docs/topics/3.0-announcement.md index 272b730c..d3da0607 100644 --- a/docs/topics/3.0-announcement.md +++ b/docs/topics/3.0-announcement.md @@ -27,8 +27,8 @@ Notable features of this new release include: * Printable representations on serializers that allow you to inspect exactly what fields are present on the instance. * Simple model serializers that are vastly easier to understand and debug, and that make it easy to switch between the implicit `ModelSerializer` class and the explicit `Serializer` class. * A new `BaseSerializer` class, making it easier to write serializers for alternative storage backends, or to completely customize your serialization and validation logic. -* A cleaner fields API plus new `ListField` and `MultipleChoiceField` classes. -* Super simple default implementations for the generic views. +* A cleaner fields API including new classes such as `ListField` and `MultipleChoiceField`. +* [Super simple default implementations][mixins.py] for the generic views. * Support for overriding how validation errors are handled by your API. * A metadata API that allows you to customize how `OPTIONS` requests are handled by your API. * A more compact JSON output with unicode style encoding turned on by default. @@ -70,7 +70,7 @@ Previously the serializers used a two-step object creation, as follows: This style is in-line with how the `ModelForm` class works in Django, but is problematic for a number of reasons: * Some data, such as many-to-many relationships, cannot be added to the object instance until after it has been saved. This type of data needed to be hidden in some undocumented state on the object instance, or kept as state on the serializer instance so that it could be used when `.save()` is called. -* Instantiating model instances directly means that you cannot use model manager classes for instance creation, eg `ExampleModel.objects.create(...)`. Manager classes are an excellent layer at which to enforce business logic and application-level data constraints. +* Instantiating model instances directly means that you cannot use model manager classes for instance creation, e.g. `ExampleModel.objects.create(...)`. Manager classes are an excellent layer at which to enforce business logic and application-level data constraints. * The two step process makes it unclear where to put deserialization logic. For example, should extra attributes such as the current user get added to the instance during object creation or during object save? We now use single-step object creation, like so: @@ -184,7 +184,7 @@ This ensures you can still write validation that compares all the input fields, #### Differences between ModelSerializer validation and ModelForm. -This change also means that we no longer use the `.full_clean()` method on model instances, but instead perform all validation explicitly on the serializer. This gives a cleaner separation, and ensures that there's no automatic validation behaviour on `ModelSerializer` classes that can't also be easily replicated on regular `Serializer` classes. +This change also means that we no longer use the `.full_clean()` method on model instances, but instead perform all validation explicitly on the serializer. This gives a cleaner separation, and ensures that there's no automatic validation behavior on `ModelSerializer` classes that can't also be easily replicated on regular `Serializer` classes. It's important to note that this change also means that the model `.clean()` method will not be called as part of serializer validation, as it would be if using a `ModelForm`. Use the serializer `.validate()` method to perform a final validation step on incoming data where required. @@ -219,7 +219,7 @@ If you try to use a writable nested serializer without writing a custom `create( >>> >>> serializer = UserSerializer(data=data) >>> serializer.save() - AssertionError: The `.create()` method does not suport nested writable fields by default. Write an explicit `.create()` method for serializer `UserSerializer`, or set `read_only=True` on nested serializer fields. + AssertionError: The `.create()` method does not support nested writable fields by default. Write an explicit `.create()` method for serializer `UserSerializer`, or set `read_only=True` on nested serializer fields. To use writable nested serialization you'll want to declare a nested field on the serializer class, and write the `create()` and/or `update()` methods explicitly. @@ -274,7 +274,7 @@ The `write_only_fields` option on `ModelSerializer` has been moved to `PendingDe model = MyModel fields = ('id', 'email', 'notes', 'is_admin') extra_kwargs = { - 'is_admin': {'write_only': True} + 'is_admin': {'write_only': True} } Alternatively, specify the field explicitly on the serializer class: @@ -321,8 +321,8 @@ With `ModelSerializer` you can now specify field names in the `fields` option th to_email = models.EmailField() message = models.CharField(max_length=1000) - def expiry_date(self): - return self.created + datetime.timedelta(days=30) + def expiry_date(self): + return self.created + datetime.timedelta(days=30) You can include `expiry_date` as a field option on a `ModelSerializer` class. @@ -584,7 +584,7 @@ Previously relational fields that were explicitly declared on a serializer class This code *would be valid* in `2.4.3`: class AccountSerializer(serializers.ModelSerializer): - organisations = serializers.SlugRelatedField(slug_field='name') + organizations = serializers.SlugRelatedField(slug_field='name') class Meta: model = Account @@ -593,7 +593,7 @@ However this code *would not be valid* in `2.4.3`: # Missing `queryset` class AccountSerializer(serializers.Serializer): - organisations = serializers.SlugRelatedField(slug_field='name') + organizations = serializers.SlugRelatedField(slug_field='name') def restore_object(self, attrs, instance=None): # ... @@ -602,9 +602,9 @@ The queryset argument is now always required for writable relational fields. This removes some magic and makes it easier and more obvious to move between implicit `ModelSerializer` classes and explicit `Serializer` classes. class AccountSerializer(serializers.ModelSerializer): - organisations = serializers.SlugRelatedField( + organizations = serializers.SlugRelatedField( slug_field='name', - queryset=Organisation.objects.all() + queryset=Organization.objects.all() ) class Meta: @@ -637,7 +637,7 @@ The following usage will *now raise an error*: #### The `UniqueValidator` and `UniqueTogetherValidator` classes. -REST framework now provides two new validators that allow you to ensure field uniqueness, while still using a completely explicit `Serializer` class instead of using `ModelSerializer`. +REST framework now provides new validators that allow you to ensure field uniqueness, while still using a completely explicit `Serializer` class instead of using `ModelSerializer`. The `UniqueValidator` should be applied to a serializer field, and takes a single `queryset` argument. @@ -645,11 +645,11 @@ The `UniqueValidator` should be applied to a serializer field, and takes a singl from rest_framework.validators import UniqueValidator class OrganizationSerializer(serializers.Serializer): - url = serializers.HyperlinkedIdentityField(view_name='organisation_detail') + url = serializers.HyperlinkedIdentityField(view_name='organization_detail') created = serializers.DateTimeField(read_only=True) name = serializers.CharField( max_length=100, - validators=UniqueValidator(queryset=Organisation.objects.all()) + validators=UniqueValidator(queryset=Organization.objects.all()) ) The `UniqueTogetherValidator` should be applied to a serializer, and takes a `queryset` argument and a `fields` argument which should be a list or tuple of field names. @@ -664,6 +664,10 @@ The `UniqueTogetherValidator` should be applied to a serializer, and takes a `qu fields=('category', 'position') )] +#### The `UniqueForDateValidator` classes. + +**TODO: Needs documenting.** + ## Generic views #### Simplification of view logic. @@ -700,7 +704,7 @@ I would personally recommend that developers treat view instances as immutable o #### PUT as create. -Allowing `PUT` as create operations is problematic, as it necessarily exposes information about the existence or non-existance of objects. It's also not obvious that transparently allowing re-creating of previously deleted instances is necessarily a better default behavior than simply returning `404` responses. +Allowing `PUT` as create operations is problematic, as it necessarily exposes information about the existence or non-existence of objects. It's also not obvious that transparently allowing re-creating of previously deleted instances is necessarily a better default behavior than simply returning `404` responses. Both styles "`PUT` as 404" and "`PUT` as create" can be valid in different circumstances, but we've now opted for the 404 behavior as the default, due to it being simpler and more obvious. @@ -718,6 +722,10 @@ Behavior for dealing with `OPTIONS` requests was previously built directly into This makes it far easier to use a different style for `OPTIONS` responses throughout your API, and makes it possible to create third-party metadata policies. +## Serializers as HTML forms + +**TODO: Document this.** + ## API style There are some improvements in the default style we use in our API responses. @@ -817,6 +825,7 @@ The default JSON renderer will return float objects for uncoerced `Decimal` inst The 3.1 release is planned to address improvements in the following components: +* Public API for using serializers as HTML forms. * Request parsing, mediatypes & the implementation of the browsable API. * Introduction of a new pagination API. * Better support for API versioning. @@ -824,3 +833,5 @@ The 3.1 release is planned to address improvements in the following components: The 3.2 release is planned to introduce an alternative admin-style interface to the browsable API. You can follow development on the GitHub site, where we use [milestones to indicate planning timescales](https://github.com/tomchristie/django-rest-framework/milestones). + +[mixins.py]: https://github.com/tomchristie/django-rest-framework/blob/master/rest_framework/mixins.py \ No newline at end of file -- cgit v1.2.3 From 058fea23d3a9776e5fb23b77e81c087d0d8d7e6a Mon Sep 17 00:00:00 2001 From: José Padilla Date: Fri, 7 Nov 2014 23:55:42 -0400 Subject: Fix csrf-ajax link. Closes #2045 --- docs/topics/ajax-csrf-cors.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'docs') diff --git a/docs/topics/ajax-csrf-cors.md b/docs/topics/ajax-csrf-cors.md index 97dd4710..ad88810d 100644 --- a/docs/topics/ajax-csrf-cors.md +++ b/docs/topics/ajax-csrf-cors.md @@ -10,7 +10,7 @@ If you’re building a JavaScript client to interface with your Web API, you'll AJAX requests that are made within the same context as the API they are interacting with will typically use `SessionAuthentication`. This ensures that once a user has logged in, any AJAX requests made can be authenticated using the same session-based authentication that is used for the rest of the website. -AJAX requests that are made on a different site from the API they are communicating with will typically need to use a non-session-based authentication scheme, such as `TokenAuthentication`. +AJAX requests that are made on a different site from the API they are communicating with will typically need to use a non-session-based authentication scheme, such as `TokenAuthentication`. ## CSRF protection @@ -19,7 +19,7 @@ AJAX requests that are made on a different site from the API they are communicat To guard against these type of attacks, you need to do two things: 1. Ensure that the 'safe' HTTP operations, such as `GET`, `HEAD` and `OPTIONS` cannot be used to alter any server-side state. -2. Ensure that any 'unsafe' HTTP operations, such as `POST`, `PUT`, `PATCH` and `DELETE`, always require a valid CSRF token. +2. Ensure that any 'unsafe' HTTP operations, such as `POST`, `PUT`, `PATCH` and `DELETE`, always require a valid CSRF token. If you're using `SessionAuthentication` you'll need to include valid CSRF tokens for any `POST`, `PUT`, `PATCH` or `DELETE` operations. @@ -35,7 +35,7 @@ The best way to deal with CORS in REST framework is to add the required response [cite]: http://www.codinghorror.com/blog/2008/10/preventing-csrf-and-xsrf-attacks.html [csrf]: https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF) -[csrf-ajax]: https://docs.djangoproject.com/en/dev/ref/contrib/csrf/#ajax +[csrf-ajax]: https://docs.djangoproject.com/en/dev/ref/csrf/#ajax [cors]: http://www.w3.org/TR/cors/ [ottoyiu]: https://github.com/ottoyiu/ [django-cors-headers]: https://github.com/ottoyiu/django-cors-headers/ -- cgit v1.2.3 From 440d61ab364da971973ae8d784e77e21e5cdaa7f Mon Sep 17 00:00:00 2001 From: Jochen Van de Velde Date: Sat, 8 Nov 2014 11:02:48 +0100 Subject: Fix some typos and other errors --- docs/topics/contributing.md | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) (limited to 'docs') diff --git a/docs/topics/contributing.md b/docs/topics/contributing.md index 96d9a98c..6c289938 100644 --- a/docs/topics/contributing.md +++ b/docs/topics/contributing.md @@ -10,9 +10,9 @@ There are many ways you can contribute to Django REST framework. We'd like it t The most important thing you can do to help push the REST framework project forward is to be actively involved wherever possible. Code contributions are often overvalued as being the primary way to get involved in a project, we don't believe that needs to be the case. -If you use REST framework, we'd love you to be vocal about your experiences with it - you might consider writing a blog post about using REST framework, or publishing a tutorial about building a project with a particular Javascript framework. Experiences from beginners can be particularly helpful because you'll be in the best position to assess which bits of REST framework are more difficult to understand and work with. +If you use REST framework, we'd love you to be vocal about your experiences with it - you might consider writing a blog post about using REST framework, or publishing a tutorial about building a project with a particular JavaScript framework. Experiences from beginners can be particularly helpful because you'll be in the best position to assess which bits of REST framework are more difficult to understand and work with. -Other really great ways you can help move the community forward include helping answer questions on the [discussion group][google-group], or setting up an [email alert on StackOverflow][so-filter] so that you get notified of any new questions with the `django-rest-framework` tag. +Other really great ways you can help move the community forward include helping to answer questions on the [discussion group][google-group], or setting up an [email alert on StackOverflow][so-filter] so that you get notified of any new questions with the `django-rest-framework` tag. When answering questions make sure to help future contributors find their way around by hyperlinking wherever possible to related threads and tickets, and include backlinks from those items if relevant. @@ -33,7 +33,7 @@ Some tips on good issue reporting: * When describing issues try to phrase your ticket in terms of the *behavior* you think needs changing rather than the *code* you think need changing. * Search the issue list first for related items, and make sure you're running the latest version of REST framework before reporting an issue. * If reporting a bug, then try to include a pull request with a failing test case. This will help us quickly identify if there is a valid issue, and make sure that it gets fixed more quickly if there is one. -* Feature requests will often be closed with a recommendation that they be implemented outside of the core REST framework library. Keeping new feature requests implemented as third party libraries allows us to keep down the maintainence overhead of REST framework, so that the focus can be on continued stability, bugfixes, and great documentation. +* Feature requests will often be closed with a recommendation that they be implemented outside of the core REST framework library. Keeping new feature requests implemented as third party libraries allows us to keep down the maintenance overhead of REST framework, so that the focus can be on continued stability, bugfixes, and great documentation. * Closing an issue doesn't necessarily mean the end of a discussion. If you believe your issue has been closed incorrectly, explain why and we'll consider if it needs to be reopened. ## Triaging issues @@ -52,7 +52,7 @@ To start developing on Django REST framework, clone the repo: git clone git@github.com:tomchristie/django-rest-framework.git -Changes should broadly follow the [PEP 8][pep-8] style conventions, and we recommend you setup your editor to automatically indicated non-conforming styles. +Changes should broadly follow the [PEP 8][pep-8] style conventions, and we recommend you set up your editor to automatically indicate non-conforming styles. ## Testing @@ -117,7 +117,7 @@ GitHub's documentation for working on pull requests is [available here][pull-req Always run the tests before submitting pull requests, and ideally run `tox` in order to check that your modifications are compatible with both Python 2 and Python 3, and that they run properly on all supported versions of Django. -Once you've made a pull request take a look at the travis build status in the GitHub interface and make sure the tests are runnning as you'd expect. +Once you've made a pull request take a look at the Travis build status in the GitHub interface and make sure the tests are running as you'd expect. ![Travis status][travis-status] @@ -131,7 +131,7 @@ Sometimes, in order to ensure your code works on various different versions of D The documentation for REST framework is built from the [Markdown][markdown] source files in [the docs directory][docs]. -There are many great markdown editors that make working with the documentation really easy. The [Mou editor for Mac][mou] is one such editor that comes highly recommended. +There are many great Markdown editors that make working with the documentation really easy. The [Mou editor for Mac][mou] is one such editor that comes highly recommended. ## Building the documentation @@ -153,7 +153,7 @@ Some other tips: * Keep paragraphs reasonably short. * Use double spacing after the end of sentences. -* Don't use the abbreviations such as 'e.g.' but instead use long form, such as 'For example'. +* Don't use abbreviations such as 'e.g.' but instead use the long form, such as 'For example'. ## Markdown style @@ -186,7 +186,7 @@ If you are hyperlinking to another REST framework document, you should use a rel [authentication]: ../api-guide/authentication.md -Linking in this style means you'll be able to click the hyperlink in your markdown editor to open the referenced document. When the documentation is built, these links will be converted into regular links to HTML pages. +Linking in this style means you'll be able to click the hyperlink in your Markdown editor to open the referenced document. When the documentation is built, these links will be converted into regular links to HTML pages. ##### 3. Notes -- cgit v1.2.3 From f387cd89da55ef88fcac504f5795ea9b591f3fba Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Mon, 10 Nov 2014 12:21:27 +0000 Subject: Uniqueness constraints imply a forced 'required=True'. Refs #1945 --- docs/api-guide/validators.md | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'docs') diff --git a/docs/api-guide/validators.md b/docs/api-guide/validators.md index 6a0ef4ff..bb073f57 100644 --- a/docs/api-guide/validators.md +++ b/docs/api-guide/validators.md @@ -93,6 +93,12 @@ The validator should be applied to *serializer classes*, like so: ) ] +--- + +**Note**: The `UniqueTogetherValidation` class always imposes an implicit constraint that all the fields it applies to are always treated as required. Fields with `default` values are an exception to this as they always supply a value even when omitted from user input. + +--- + ## UniqueForDateValidator ## UniqueForMonthValidator @@ -146,6 +152,10 @@ If you want the date field to be entirely hidden from the user, then use `Hidden --- +**Note**: The `UniqueForValidation` classes always imposes an implicit constraint that the fields they are applied to are always treated as required. Fields with `default` values are an exception to this as they always supply a value even when omitted from user input. + +--- + # Writing custom validators You can use any of Django's existing validators, or write your own custom validators. -- cgit v1.2.3 From fd7db776addbd5e30f132fe6846ec5c5caab5c40 Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Mon, 10 Nov 2014 12:32:03 +0000 Subject: Bring UniqueValidator implementation in line with other uniquness validators. --- docs/api-guide/validators.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'docs') diff --git a/docs/api-guide/validators.md b/docs/api-guide/validators.md index bb073f57..a50636bc 100644 --- a/docs/api-guide/validators.md +++ b/docs/api-guide/validators.md @@ -16,9 +16,9 @@ Validation in Django REST framework serializers is handled a little differently With `ModelForm` the validation is performed partially on the form, and partially on the model instance. With REST framework the validation is performed entirely on the serializer class. This is advantageous for the following reasons: -* It introduces a proper separation of concerns, making your code behaviour more obvious. -* It is easy to switch between using shortcut `ModelSerializer` classes and using explicit `Serializer` classes. Any validation behaviour being used for `ModelSerializer` is simple to replicate. -* Printing the `repr` of a serializer instance will show you exactly what validation rules it applies. There's no extra hidden validation behaviour being called on the model instance. +* It introduces a proper separation of concerns, making your code behavior more obvious. +* It is easy to switch between using shortcut `ModelSerializer` classes and using explicit `Serializer` classes. Any validation behavior being used for `ModelSerializer` is simple to replicate. +* Printing the `repr` of a serializer instance will show you exactly what validation rules it applies. There's no extra hidden validation behavior being called on the model instance. When you're using `ModelSerializer` all of this is handled automatically for you. If you want to drop down to using a `Serializer` classes instead, then you need to define the validation rules explicitly. -- cgit v1.2.3 From ea98de9b889173235a908ee2ce5a2aba5d8223c7 Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Thu, 13 Nov 2014 19:28:57 +0000 Subject: Model fields with .blank or .null now map to required=False. Closes #2017. Closes #2021. --- docs/topics/3.0-announcement.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'docs') diff --git a/docs/topics/3.0-announcement.md b/docs/topics/3.0-announcement.md index d3da0607..885fc183 100644 --- a/docs/topics/3.0-announcement.md +++ b/docs/topics/3.0-announcement.md @@ -506,9 +506,9 @@ We now use the following: REST framework now has more explicit and clear control over validating empty values for fields. -Previously the meaning of the `required=False` keyword argument was underspecified. In practice its use meant that a field could either be not included in the input, or it could be included, but be `None`. +Previously the meaning of the `required=False` keyword argument was underspecified. In practice its use meant that a field could either be not included in the input, or it could be included, but be `None` or the empty string. -We now have a better separation, with separate `required` and `allow_none` arguments. +We now have a better separation, with separate `required`, `allow_none` and `allow_blank` arguments. The following set of arguments are used to control validation of empty values: @@ -519,7 +519,7 @@ The following set of arguments are used to control validation of empty values: Typically you'll want to use `required=False` if the corresponding model field has a default value, and additionally set either `allow_none=True` or `allow_blank=True` if required. -The `default` argument is there if you need it, but you'll more typically want defaults to be set on model fields, rather than serializer fields. +The `default` argument is also available and always implies that the field is not required to be in the input. It is unnecessary to use the `required` argument when a default is specified, and doing so will result in an error. #### Coercing output types. -- cgit v1.2.3 From d08cfb0559033acaefbc23863c43ef858c2c0e1c Mon Sep 17 00:00:00 2001 From: José Padilla Date: Mon, 17 Nov 2014 08:17:40 -0400 Subject: Fix runtests examples Correctly rename runtests examples to work with current runtests.py file.--- docs/topics/contributing.md | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) (limited to 'docs') diff --git a/docs/topics/contributing.md b/docs/topics/contributing.md index 6c289938..52f6e287 100644 --- a/docs/topics/contributing.md +++ b/docs/topics/contributing.md @@ -71,31 +71,31 @@ To run the tests, clone the repository, and then: Run using a more concise output style. - ./runtests -q + ./runtests.py -q Run the tests using a more concise output style, no coverage, no flake8. - ./runtests --fast + ./runtests.py --fast Don't run the flake8 code linting. - ./runtests --nolint + ./runtests.py --nolint Only run the flake8 code linting, don't run the tests. - ./runtests --lintonly + ./runtests.py --lintonly Run the tests for a given test case. - ./runtests MyTestCase + ./runtests.py MyTestCase Run the tests for a given test method. - ./runtests MyTestCase.test_this_method + ./runtests.py MyTestCase.test_this_method Shorter form to run the tests for a given test method. - ./runtests test_this_method + ./runtests.py test_this_method Note: The test case and test method matching is fuzzy and will sometimes run other tests that contain a partial string match to the given command line input. -- cgit v1.2.3 From 0f508c58211051c873aae5a2d1c65a0c595e732a Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Mon, 17 Nov 2014 18:36:32 +0000 Subject: Docs for advanced default argument usage. Closes #1945 --- docs/api-guide/validators.md | 32 ++++++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) (limited to 'docs') diff --git a/docs/api-guide/validators.md b/docs/api-guide/validators.md index a50636bc..ac2f3248 100644 --- a/docs/api-guide/validators.md +++ b/docs/api-guide/validators.md @@ -156,6 +156,38 @@ If you want the date field to be entirely hidden from the user, then use `Hidden --- +# Advanced 'default' argument usage + +Validators that are applied across multiple fields in the serializer can sometimes require a field input that should not be provided by the API client, but that *is* available as input to the validator. + +Two patterns that you may want to use for this sort of validation include: + +* Using `HiddenField`. This field will be present in `validated_data` but *will not* be used in the serializer output representation. +* Using a standard field with `read_only=True`, but that also includes a `default=…` argument. This field *will* be used in the serializer output representation, but cannot be set directly by the user. + +REST framework includes a couple of defaults that may be useful in this context. + +#### CurrentUserDefault + +A default class that can be used to represent the current user. In order to use this, the 'request' must have been provided as part of the context dictionary when instantiating the serializer. + + owner = serializers.HiddenField( + default=CurrentUserDefault() + ) + +#### CreateOnlyDefault + +A default class that can be used to *only set a default argument during create operations*. During updates the field is omitted. + +It takes a single argument, which is the default value or callable that should be used during create operations. + + created_at = serializers.DateTimeField( + read_only=True, + default=CreateOnlyDefault(timezone.now) + ) + +--- + # Writing custom validators You can use any of Django's existing validators, or write your own custom validators. -- cgit v1.2.3 From 5e74f02d61e05d38bf4e22c6227144def2a96128 Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Tue, 18 Nov 2014 14:49:00 +0000 Subject: Note removal of 'save_object' and fail loudly if it exists --- docs/topics/3.0-announcement.md | 2 ++ 1 file changed, 2 insertions(+) (limited to 'docs') diff --git a/docs/topics/3.0-announcement.md b/docs/topics/3.0-announcement.md index 885fc183..90cbda4d 100644 --- a/docs/topics/3.0-announcement.md +++ b/docs/topics/3.0-announcement.md @@ -84,6 +84,8 @@ The resulting API changes are further detailed below. The `.restore_object()` method is now replaced with two separate methods, `.create()` and `.update()`. +These methods also replace the optional `.save_object()` method, which no longer exists. + When using the `.create()` and `.update()` methods you should both create *and save* the object instance. This is in contrast to the previous `.restore_object()` behavior that would instantiate the object but not save it. The following example from the tutorial previously used `restore_object()` to handle both creating and updating object instances. -- cgit v1.2.3 From f269826a7d8a980536ffbce369be369c4df58d23 Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Tue, 18 Nov 2014 16:26:45 +0000 Subject: Note on 3.0 beta --- docs/topics/3.0-announcement.md | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) (limited to 'docs') diff --git a/docs/topics/3.0-announcement.md b/docs/topics/3.0-announcement.md index 90cbda4d..06fdc9fd 100644 --- a/docs/topics/3.0-announcement.md +++ b/docs/topics/3.0-announcement.md @@ -1,10 +1,12 @@ ## Pre-release notes: -The 3.0 release is now ready for some tentative testing and upgrades for early adopters. You can install the development version directly from GitHub like so: +The 3.0 release is now in beta and ready for final testing. You can install the development version directly from GitHub like so: - pip install https://github.com/tomchristie/django-rest-framework/archive/master.zip + pip install https://github.com/tomchristie/django-rest-framework/archive/3.0-beta.zip -See the [Version 3.0 GitHub issue](https://github.com/tomchristie/django-rest-framework/pull/1800) for more details on remaining work. +Currently the only known remaining blockers are documentation issues and tickets. Any critical bugs raised in the next week or two will be resolved for the 3.0 release, but otherwise consider this as code-complete. + +Please work through this document throughly in order to understand the API differences that exist between 2.4 and 3.0. **Your feedback on the upgrade process and 3.0 changes is hugely important!** -- cgit v1.2.3 From 51b7033e4aeeefe19012a77b09a0b23d4a52a5bc Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Wed, 19 Nov 2014 14:03:19 +0000 Subject: Further notes in 3.0 announcement --- docs/topics/3.0-announcement.md | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'docs') diff --git a/docs/topics/3.0-announcement.md b/docs/topics/3.0-announcement.md index 90cbda4d..3c73881f 100644 --- a/docs/topics/3.0-announcement.md +++ b/docs/topics/3.0-announcement.md @@ -821,6 +821,11 @@ Or modify it on an individual serializer field, using the `coerce_to_string` key The default JSON renderer will return float objects for uncoerced `Decimal` instances. This allows you to easily switch between string or float representations for decimals depending on your API design needs. +## Miscellaneous notes. + +* The serializer `ChoiceField` does not currently display nested choices, as was the case in 2.4. This will be address as part of 3.1. +* Due to the new templated form rendering, the 'widget' option is no longer valid. This means there's no easy way of using third party "autocomplete" widgets for rendering select inputs that contain a large number of choices. You'll either need to use a regular select or a plain text input. We may consider addressing this in 3.1 or 3.2 if there's sufficient demand. + ## What's coming next. 3.0 is an incremental release, and there are several upcoming features that will build on the baseline improvements that it makes. -- cgit v1.2.3 From 928cbc640ef1db2c3fb96d352f69b8ffb66313e6 Mon Sep 17 00:00:00 2001 From: Raony Guimarães Date: Wed, 19 Nov 2014 13:53:36 -0200 Subject: small type --- docs/tutorial/quickstart.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/tutorial/quickstart.md b/docs/tutorial/quickstart.md index c2dc4bea..1c398c1f 100644 --- a/docs/tutorial/quickstart.md +++ b/docs/tutorial/quickstart.md @@ -19,7 +19,7 @@ Create a new Django project named `tutorial`, then start a new app called `quick pip install djangorestframework # Set up a new project with a single application - django-admin.py startproject tutorial . + django-admin.py startproject tutorial cd tutorial django-admin.py startapp quickstart cd .. -- cgit v1.2.3 From 04d2635b24f0699ed8ed24436a58c203ad6a9a11 Mon Sep 17 00:00:00 2001 From: Gil Gonçalves Date: Thu, 20 Nov 2014 11:33:42 +0000 Subject: Removed unused import from code snippet in tutorial --- docs/tutorial/5-relationships-and-hyperlinked-apis.md | 1 - 1 file changed, 1 deletion(-) (limited to 'docs') diff --git a/docs/tutorial/5-relationships-and-hyperlinked-apis.md b/docs/tutorial/5-relationships-and-hyperlinked-apis.md index 36473ce9..50552616 100644 --- a/docs/tutorial/5-relationships-and-hyperlinked-apis.md +++ b/docs/tutorial/5-relationships-and-hyperlinked-apis.md @@ -6,7 +6,6 @@ At the moment relationships within our API are represented by using primary keys Right now we have endpoints for 'snippets' and 'users', but we don't have a single entry point to our API. To create one, we'll use a regular function-based view and the `@api_view` decorator we introduced earlier. In your `snippets/views.py` add: - from rest_framework import renderers from rest_framework.decorators import api_view from rest_framework.response import Response from rest_framework.reverse import reverse -- cgit v1.2.3 From 6a2023a362bcc10978ed725fa8816ddf08ea7c73 Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Thu, 20 Nov 2014 13:52:00 +0000 Subject: Note on 3.1 and 3.2 releases. --- docs/topics/3.0-announcement.md | 3 +++ 1 file changed, 3 insertions(+) (limited to 'docs') diff --git a/docs/topics/3.0-announcement.md b/docs/topics/3.0-announcement.md index 958be2d6..03e3e070 100644 --- a/docs/topics/3.0-announcement.md +++ b/docs/topics/3.0-announcement.md @@ -34,6 +34,9 @@ Notable features of this new release include: * Support for overriding how validation errors are handled by your API. * A metadata API that allows you to customize how `OPTIONS` requests are handled by your API. * A more compact JSON output with unicode style encoding turned on by default. +* Templated based HTML form rendering for serializers. This will be finalized as public API in the upcoming 3.1 release. + +Significant new functionality continues to be planned for the 3.1 and 3.2 releases. These releases will present simple upgrades, without the same level of fundamental API changes necessary for the 3.0 release. Below is an in-depth guide to the API changes and migration notes for 3.0. -- cgit v1.2.3 From 071c064d251bb2f268762fb34cf3f248b5ce4557 Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Thu, 20 Nov 2014 14:22:53 +0000 Subject: Fill in TODOs for 3.0 beta release notes --- docs/topics/3.0-announcement.md | 47 ++++++++++++++++++++++++++++++++++++++--- 1 file changed, 44 insertions(+), 3 deletions(-) (limited to 'docs') diff --git a/docs/topics/3.0-announcement.md b/docs/topics/3.0-announcement.md index 03e3e070..7bbfba5b 100644 --- a/docs/topics/3.0-announcement.md +++ b/docs/topics/3.0-announcement.md @@ -36,7 +36,7 @@ Notable features of this new release include: * A more compact JSON output with unicode style encoding turned on by default. * Templated based HTML form rendering for serializers. This will be finalized as public API in the upcoming 3.1 release. -Significant new functionality continues to be planned for the 3.1 and 3.2 releases. These releases will present simple upgrades, without the same level of fundamental API changes necessary for the 3.0 release. +Significant new functionality continues to be planned for the 3.1 and 3.2 releases. These releases will correspond to the two [Kickstarter stretch goals](https://www.kickstarter.com/projects/tomchristie/django-rest-framework-3) - "Feature improvements" and "Admin interface". Further 3.x releases will present simple upgrades, without the same level of fundamental API changes necessary for the 3.0 release. Below is an in-depth guide to the API changes and migration notes for 3.0. @@ -145,6 +145,16 @@ The corresponding code would now look like this: logging.info('Creating ticket "%s"' % name) serializer.save(user=request.user) # Include the user when saving. +#### Using `.is_valid(raise_exception=True)` + +The `.is_valid()` method now takes an optional boolean flag, `raise_exception`. + +Calling `.is_valid(raise_exception=True)` will cause a `ValidationError` to be raised if the serializer data contains validation errors. This error will be handled by REST framework's default exception handler, allowing you to remove error response handling from your view code. + +The handling and formatting of error responses may be altered globally by using the `EXCEPTION_HANDLER` settings key. + +This change also means it's now possible to alter the style of error responses used by the built-in generic views, without having to include mixin classes or other overrides. + #### Using `serializers.ValidationError`. Previously `serializers.ValidationError` error was simply a synonym for `django.core.exceptions.ValidationError`. This has now been altered so that it inherits from the standard `APIException` base class. @@ -356,6 +366,8 @@ The `ListSerializer` class has now been added, and allows you to create base ser You can also still use the `many=True` argument to serializer classes. It's worth noting that `many=True` argument transparently creates a `ListSerializer` instance, allowing the validation logic for list and non-list data to be cleanly separated in the REST framework codebase. +You will typically want to *continue to use the existing `many=True` flag* rather than declaring `ListSerializer` classes explicitly, but declaring the classes explicitly can be useful if you need to write custom `create` or `update` methods for bulk updates, or provide for other custom behavior. + See also the new `ListField` class, which validates input in the same way, but does not include the serializer interfaces of `.is_valid()`, `.data`, `.save()` and so on. #### The `BaseSerializer` class. @@ -673,7 +685,9 @@ The `UniqueTogetherValidator` should be applied to a serializer, and takes a `qu #### The `UniqueForDateValidator` classes. -**TODO: Needs documenting.** +REST framework also now includes explicit validator classes for validating the `unique_for_date`, `unique_for_month`, and `unique_for_year` model field constraints. These are used internally instead of calling into `Model.full_clean()`. + +These classes are documented in the [Validators](../api-guide/validators.md) section of the documentation. ## Generic views @@ -731,7 +745,34 @@ This makes it far easier to use a different style for `OPTIONS` responses throug ## Serializers as HTML forms -**TODO: Document this.** +REST framework 3.0 includes templated HTML form rendering for serializers. + +This API should not yet be considered finalized, and will only be promoted to public API for the 3.1 release. + +Significant changes that you do need to be aware of include: + +* Nested HTML forms are now supported, for example, a `UserSerializer` with a nested `ProfileSerializer` will now render a nested `fieldset` when used in the browsable API. +* Nested lists of HTML forms are not yet supported, but are planned for 3.1. +* Because we now use templated HTML form generation, **the `widget` option is no longer available for serializer fields**. You can instead control the template that is used for a given field, by using the `style` dictionary. + +#### The `style` keyword argument for serializer fields. + +The `style` keyword argument can be used to pass through additional information from a serializer field, to the renderer class. In particular, the `HTMLFormRenderer` uses the `base_template` key to determine which template to render the field with. + +For example, to use a `textarea` control instead of the default `input` control, you would use the following… + + additional_notes = serializers.CharField( + style={'base_template': 'text_area.html'} + ) + +Similarly, to use a radio button control instead of the default `select` control, you would use the following… + + color_channel = serializers.ChoiceField( + choices=['red', 'blue', 'green'], + style={'base_template': 'radio.html'} + ) + +This API should be considered provisional, and there may be minor alterations with the incoming 3.1 release. ## API style -- cgit v1.2.3 From 8e940a22fb292ed6b20b9e4b5da607ffca1dba2f Mon Sep 17 00:00:00 2001 From: Matthew Dapena-Tretter Date: Fri, 21 Nov 2014 15:58:31 -0500 Subject: Clarify how permission classes are composed all/every/AND or any/OR? all/every/AND! --- docs/api-guide/settings.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/api-guide/settings.md b/docs/api-guide/settings.md index 48af30a5..96d715ea 100644 --- a/docs/api-guide/settings.md +++ b/docs/api-guide/settings.md @@ -74,7 +74,7 @@ Default: #### DEFAULT_PERMISSION_CLASSES -A list or tuple of permission classes, that determines the default set of permissions checked at the start of a view. +A list or tuple of permission classes, that determines the default set of permissions checked at the start of a view. Permission must be granted by every class in the list. Default: -- cgit v1.2.3 From c94d1e6d3ea76eb8bdd28717364e42d14e6722d7 Mon Sep 17 00:00:00 2001 From: Tony Nguyen Date: Sun, 23 Nov 2014 22:40:40 +0700 Subject: Fix typo "serailizers" to "serializers" --- docs/topics/3.0-announcement.md | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) (limited to 'docs') diff --git a/docs/topics/3.0-announcement.md b/docs/topics/3.0-announcement.md index 7bbfba5b..694ad8a5 100644 --- a/docs/topics/3.0-announcement.md +++ b/docs/topics/3.0-announcement.md @@ -189,13 +189,13 @@ You can either return `non_field_errors` from the validate method by raising a s def validate(self, attrs): # serializer.errors == {'non_field_errors': ['A non field error']} - raise serailizers.ValidationError('A non field error') + raise serializers.ValidationError('A non field error') Alternatively if you want the errors to be against a specific field, use a dictionary of when instantiating the `ValidationError`, like so: def validate(self, attrs): # serializer.errors == {'my_field': ['A field error']} - raise serailizers.ValidationError({'my_field': 'A field error'}) + raise serializers.ValidationError({'my_field': 'A field error'}) This ensures you can still write validation that compares all the input fields, but that marks the error against a particular field. @@ -303,7 +303,7 @@ Alternatively, specify the field explicitly on the serializer class: model = MyModel fields = ('id', 'email', 'notes', 'is_admin') -The `read_only_fields` option remains as a convenient shortcut for the more common case. +The `read_only_fields` option remains as a convenient shortcut for the more common case. #### Changes to `HyperlinkedModelSerializer`. @@ -364,7 +364,7 @@ The `ListSerializer` class has now been added, and allows you to create base ser class MultipleUserSerializer(ListSerializer): child = UserSerializer() -You can also still use the `many=True` argument to serializer classes. It's worth noting that `many=True` argument transparently creates a `ListSerializer` instance, allowing the validation logic for list and non-list data to be cleanly separated in the REST framework codebase. +You can also still use the `many=True` argument to serializer classes. It's worth noting that `many=True` argument transparently creates a `ListSerializer` instance, allowing the validation logic for list and non-list data to be cleanly separated in the REST framework codebase. You will typically want to *continue to use the existing `many=True` flag* rather than declaring `ListSerializer` classes explicitly, but declaring the classes explicitly can be useful if you need to write custom `create` or `update` methods for bulk updates, or provide for other custom behavior. @@ -436,7 +436,7 @@ Here's a complete example of our previous `HighScoreSerializer`, that's been upd def to_internal_value(self, data): score = data.get('score') player_name = data.get('player_name') - + # Perform the data validation. if not score: raise ValidationError({ @@ -450,7 +450,7 @@ Here's a complete example of our previous `HighScoreSerializer`, that's been upd raise ValidationError({ 'player_name': 'May not be more than 10 characters.' }) - + # Return the validated values. This will be available as # the `.validated_data` property. return { @@ -463,7 +463,7 @@ Here's a complete example of our previous `HighScoreSerializer`, that's been upd 'score': obj.score, 'player_name': obj.player_name } - + def create(self, validated_data): return HighScore.objects.create(**validated_data) @@ -471,7 +471,7 @@ Here's a complete example of our previous `HighScoreSerializer`, that's been upd The `BaseSerializer` class is also useful if you want to implement new generic serializer classes for dealing with particular serialization styles, or for integrating with alternative storage backends. -The following class is an example of a generic serializer that can handle coercing aribitrary objects into primitive representations. +The following class is an example of a generic serializer that can handle coercing aribitrary objects into primitive representations. class ObjectSerializer(serializers.BaseSerializer): """ @@ -542,7 +542,7 @@ The `default` argument is also available and always implies that the field is no #### Coercing output types. -The previous field implementations did not forcibly coerce returned values into the correct type in many cases. For example, an `IntegerField` would return a string output if the attribute value was a string. We now more strictly coerce to the correct return type, leading to more constrained and expected behavior. +The previous field implementations did not forcibly coerce returned values into the correct type in many cases. For example, an `IntegerField` would return a string output if the attribute value was a string. We now more strictly coerce to the correct return type, leading to more constrained and expected behavior. #### The `ListField` class. @@ -695,7 +695,7 @@ These classes are documented in the [Validators](../api-guide/validators.md) sec The view logic for the default method handlers has been significantly simplified, due to the new serializers API. -#### Changes to pre/post save hooks. +#### Changes to pre/post save hooks. The `pre_save` and `post_save` hooks no longer exist, but are replaced with `perform_create(self, serializer)` and `perform_update(self, serializer)`. @@ -887,4 +887,4 @@ The 3.2 release is planned to introduce an alternative admin-style interface to You can follow development on the GitHub site, where we use [milestones to indicate planning timescales](https://github.com/tomchristie/django-rest-framework/milestones). -[mixins.py]: https://github.com/tomchristie/django-rest-framework/blob/master/rest_framework/mixins.py \ No newline at end of file +[mixins.py]: https://github.com/tomchristie/django-rest-framework/blob/master/rest_framework/mixins.py -- cgit v1.2.3 From 790a651893c4bc6e68bc4d724d5df4ea3f883ced Mon Sep 17 00:00:00 2001 From: Gil Gonçalves Date: Mon, 24 Nov 2014 08:51:08 +0000 Subject: Fixed database update instructions --- docs/tutorial/4-authentication-and-permissions.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/tutorial/4-authentication-and-permissions.md b/docs/tutorial/4-authentication-and-permissions.md index adab1b55..4e4edeea 100644 --- a/docs/tutorial/4-authentication-and-permissions.md +++ b/docs/tutorial/4-authentication-and-permissions.md @@ -44,7 +44,9 @@ When that's all done we'll need to update our database tables. Normally we'd create a database migration in order to do that, but for the purposes of this tutorial, let's just delete the database and start again. rm tmp.db - python manage.py syncdb + rm -r snippets/migrations + python manage.py makemigrations snippets + python manage.py migrate You might also want to create a few different users, to use for testing the API. The quickest way to do this will be with the `createsuperuser` command. -- cgit v1.2.3 From 918b9cc6a605ee4701d77f73e93a62f04c2345b0 Mon Sep 17 00:00:00 2001 From: Gil Gonçalves Date: Mon, 24 Nov 2014 08:54:07 +0000 Subject: Added missing import in tutorial snippet --- docs/tutorial/6-viewsets-and-routers.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/tutorial/6-viewsets-and-routers.md b/docs/tutorial/6-viewsets-and-routers.md index cf37a260..3fad509a 100644 --- a/docs/tutorial/6-viewsets-and-routers.md +++ b/docs/tutorial/6-viewsets-and-routers.md @@ -60,7 +60,7 @@ To see what's going on under the hood let's first explicitly create a set of vie In the `urls.py` file we bind our `ViewSet` classes into a set of concrete views. - from snippets.views import SnippetViewSet, UserViewSet + from snippets.views import SnippetViewSet, UserViewSet, api_root from rest_framework import renderers snippet_list = SnippetViewSet.as_view({ -- cgit v1.2.3 From 83e556ba1e129fac28a74b0a2784e4728f491a41 Mon Sep 17 00:00:00 2001 From: Marc Date: Tue, 25 Nov 2014 12:37:20 +0100 Subject: Missing quotes on validate_score example --- docs/topics/3.0-announcement.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/topics/3.0-announcement.md b/docs/topics/3.0-announcement.md index 694ad8a5..6a662326 100644 --- a/docs/topics/3.0-announcement.md +++ b/docs/topics/3.0-announcement.md @@ -170,7 +170,7 @@ We strongly recommend that you use the namespaced import style of `import serial The `validate_` method hooks that can be attached to serializer classes change their signature slightly and return type. Previously these would take a dictionary of all incoming data, and a key representing the field name, and would return a dictionary including the validated data for that field: def validate_score(self, attrs, source): - if attrs[score] % 10 != 0: + if attrs['score'] % 10 != 0: raise serializers.ValidationError('This field should be a multiple of ten.') return attrs -- cgit v1.2.3 From 2e726e22a394347b7337eb38a2a3a1b0ccde88bc Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Tue, 25 Nov 2014 11:42:43 +0000 Subject: request.DATA, request.FILES -> request.data --- docs/api-guide/exceptions.md | 4 ++-- docs/api-guide/parsers.md | 20 ++++++++++---------- docs/api-guide/requests.md | 21 ++++++++++++--------- docs/api-guide/settings.md | 2 +- docs/api-guide/viewsets.md | 2 +- docs/tutorial/2-requests-and-responses.md | 12 ++++++------ docs/tutorial/3-class-based-views.md | 4 ++-- 7 files changed, 34 insertions(+), 31 deletions(-) (limited to 'docs') diff --git a/docs/api-guide/exceptions.md b/docs/api-guide/exceptions.md index e61dcfa9..8a99abb9 100644 --- a/docs/api-guide/exceptions.md +++ b/docs/api-guide/exceptions.md @@ -100,7 +100,7 @@ For example, if your API relies on a third party service that may sometimes be u **Signature:** `ParseError(detail=None)` -Raised if the request contains malformed data when accessing `request.DATA` or `request.FILES`. +Raised if the request contains malformed data when accessing `request.data`. By default this exception results in a response with the HTTP status code "400 Bad Request". @@ -140,7 +140,7 @@ By default this exception results in a response with the HTTP status code "405 M **Signature:** `UnsupportedMediaType(media_type, detail=None)` -Raised if there are no parsers that can handle the content type of the request data when accessing `request.DATA` or `request.FILES`. +Raised if there are no parsers that can handle the content type of the request data when accessing `request.data`. By default this exception results in a response with the HTTP status code "415 Unsupported Media Type". diff --git a/docs/api-guide/parsers.md b/docs/api-guide/parsers.md index 72a4af64..a50b5240 100644 --- a/docs/api-guide/parsers.md +++ b/docs/api-guide/parsers.md @@ -12,7 +12,7 @@ REST framework includes a number of built in Parser classes, that allow you to a ## How the parser is determined -The set of valid parsers for a view is always defined as a list of classes. When either `request.DATA` or `request.FILES` is accessed, REST framework will examine the `Content-Type` header on the incoming request, and determine which parser to use to parse the request content. +The set of valid parsers for a view is always defined as a list of classes. When `request.data` is accessed, REST framework will examine the `Content-Type` header on the incoming request, and determine which parser to use to parse the request content. --- @@ -48,7 +48,7 @@ using the `APIView` class based views. parser_classes = (YAMLParser,) def post(self, request, format=None): - return Response({'received data': request.DATA}) + return Response({'received data': request.data}) Or, if you're using the `@api_view` decorator with function based views. @@ -58,7 +58,7 @@ Or, if you're using the `@api_view` decorator with function based views. """ A view that can accept POST requests with YAML content. """ - return Response({'received data': request.DATA}) + return Response({'received data': request.data}) --- @@ -92,7 +92,7 @@ Requires the `defusedxml` package to be installed. ## FormParser -Parses HTML form content. `request.DATA` will be populated with a `QueryDict` of data, `request.FILES` will be populated with an empty `QueryDict` of data. +Parses HTML form content. `request.data` will be populated with a `QueryDict` of data. You will typically want to use both `FormParser` and `MultiPartParser` together in order to fully support HTML form data. @@ -100,7 +100,7 @@ You will typically want to use both `FormParser` and `MultiPartParser` together ## MultiPartParser -Parses multipart HTML form content, which supports file uploads. Both `request.DATA` and `request.FILES` will be populated with a `QueryDict`. +Parses multipart HTML form content, which supports file uploads. Both `request.data` will be populated with a `QueryDict`. You will typically want to use both `FormParser` and `MultiPartParser` together in order to fully support HTML form data. @@ -108,7 +108,7 @@ You will typically want to use both `FormParser` and `MultiPartParser` together ## FileUploadParser -Parses raw file upload content. The `request.DATA` property will be an empty `QueryDict`, and `request.FILES` will be a dictionary with a single key `'file'` containing the uploaded file. +Parses raw file upload content. The `request.data` property will be a dictionary with a single key `'file'` containing the uploaded file. If the view used with `FileUploadParser` is called with a `filename` URL keyword argument, then that argument will be used as the filename. If it is called without a `filename` URL keyword argument, then the client must set the filename in the `Content-Disposition` HTTP header. For example `Content-Disposition: attachment; filename=upload.jpg`. @@ -126,7 +126,7 @@ If the view used with `FileUploadParser` is called with a `filename` URL keyword parser_classes = (FileUploadParser,) def put(self, request, filename, format=None): - file_obj = request.FILES['file'] + file_obj = request.data['file'] # ... # do some staff with uploaded file # ... @@ -139,7 +139,7 @@ If the view used with `FileUploadParser` is called with a `filename` URL keyword To implement a custom parser, you should override `BaseParser`, set the `.media_type` property, and implement the `.parse(self, stream, media_type, parser_context)` method. -The method should return the data that will be used to populate the `request.DATA` property. +The method should return the data that will be used to populate the `request.data` property. The arguments passed to `.parse()` are: @@ -161,7 +161,7 @@ By default this will include the following keys: `view`, `request`, `args`, `kwa ## Example -The following is an example plaintext parser that will populate the `request.DATA` property with a string representing the body of the request. +The following is an example plaintext parser that will populate the `request.data` property with a string representing the body of the request. class PlainTextParser(BaseParser): """ @@ -197,4 +197,4 @@ The following third party packages are also available. [juanriaza]: https://github.com/juanriaza [vbabiy]: https://github.com/vbabiy [djangorestframework-msgpack]: https://github.com/juanriaza/django-rest-framework-msgpack -[djangorestframework-camel-case]: https://github.com/vbabiy/djangorestframework-camel-case \ No newline at end of file +[djangorestframework-camel-case]: https://github.com/vbabiy/djangorestframework-camel-case diff --git a/docs/api-guide/requests.md b/docs/api-guide/requests.md index 87425ed1..d659e17a 100644 --- a/docs/api-guide/requests.md +++ b/docs/api-guide/requests.md @@ -14,26 +14,29 @@ REST framework's `Request` class extends the standard `HttpRequest`, adding supp REST framework's Request objects provide flexible request parsing that allows you to treat requests with JSON data or other media types in the same way that you would normally deal with form data. -## .DATA +## .data -`request.DATA` returns the parsed content of the request body. This is similar to the standard `request.POST` attribute except that: +`request.data` returns the parsed content of the request body. This is similar to the standard `request.POST` and `request.FILES` attributes except that: +* It includes all parsed content, including *file and non-file* inputs. * It supports parsing the content of HTTP methods other than `POST`, meaning that you can access the content of `PUT` and `PATCH` requests. * It supports REST framework's flexible request parsing, rather than just supporting form data. For example you can handle incoming JSON data in the same way that you handle incoming form data. For more details see the [parsers documentation]. -## .FILES +## .query_params -`request.FILES` returns any uploaded files that may be present in the content of the request body. This is the same as the standard `HttpRequest` behavior, except that the same flexible request parsing is used for `request.DATA`. +`request.query_params` is a more correctly named synonym for `request.GET`. -For more details see the [parsers documentation]. +For clarity inside your code, we recommend using `request.query_params` instead of the Django's standard `request.GET`. Doing so will help keep your codebase more correct and obvious - any HTTP method type may include query parameters, not just `GET` requests. -## .QUERY_PARAMS +## .DATA and .FILES -`request.QUERY_PARAMS` is a more correctly named synonym for `request.GET`. +The old-style version 2.x `request.data` and `request.FILES` attributes are still available, but are now pending deprecation in favor of the unified `request.data` attribute. + +## .QUERY_PARAMS -For clarity inside your code, we recommend using `request.QUERY_PARAMS` instead of the usual `request.GET`, as *any* HTTP method type may include query parameters. +The old-style version 2.x `request.QUERY_PARAMS` attribute is still available, but is now pending deprecation in favor of the more pythonic `request.query_params`. ## .parsers @@ -43,7 +46,7 @@ You won't typically need to access this property. --- -**Note:** If a client sends malformed content, then accessing `request.DATA` or `request.FILES` may raise a `ParseError`. By default REST framework's `APIView` class or `@api_view` decorator will catch the error and return a `400 Bad Request` response. +**Note:** If a client sends malformed content, then accessing `request.data` may raise a `ParseError`. By default REST framework's `APIView` class or `@api_view` decorator will catch the error and return a `400 Bad Request` response. If a client sends a request with a content-type that cannot be parsed then a `UnsupportedMediaType` exception will be raised, which by default will be caught and return a `415 Unsupported Media Type` response. diff --git a/docs/api-guide/settings.md b/docs/api-guide/settings.md index 96d715ea..ba470f8b 100644 --- a/docs/api-guide/settings.md +++ b/docs/api-guide/settings.md @@ -51,7 +51,7 @@ Default: #### DEFAULT_PARSER_CLASSES -A list or tuple of parser classes, that determines the default set of parsers used when accessing the `request.DATA` property. +A list or tuple of parser classes, that determines the default set of parsers used when accessing the `request.data` property. Default: diff --git a/docs/api-guide/viewsets.md b/docs/api-guide/viewsets.md index 9030e3ee..f60d4a47 100644 --- a/docs/api-guide/viewsets.md +++ b/docs/api-guide/viewsets.md @@ -124,7 +124,7 @@ For example: @detail_route(methods=['post']) def set_password(self, request, pk=None): user = self.get_object() - serializer = PasswordSerializer(data=request.DATA) + serializer = PasswordSerializer(data=request.data) if serializer.is_valid(): user.set_password(serializer.data['password']) user.save() diff --git a/docs/tutorial/2-requests-and-responses.md b/docs/tutorial/2-requests-and-responses.md index 136b0135..f377c712 100644 --- a/docs/tutorial/2-requests-and-responses.md +++ b/docs/tutorial/2-requests-and-responses.md @@ -5,10 +5,10 @@ Let's introduce a couple of essential building blocks. ## Request objects -REST framework introduces a `Request` object that extends the regular `HttpRequest`, and provides more flexible request parsing. The core functionality of the `Request` object is the `request.DATA` attribute, which is similar to `request.POST`, but more useful for working with Web APIs. +REST framework introduces a `Request` object that extends the regular `HttpRequest`, and provides more flexible request parsing. The core functionality of the `Request` object is the `request.data` attribute, which is similar to `request.POST`, but more useful for working with Web APIs. request.POST # Only handles form data. Only works for 'POST' method. - request.DATA # Handles arbitrary data. Works for 'POST', 'PUT' and 'PATCH' methods. + request.data # Handles arbitrary data. Works for 'POST', 'PUT' and 'PATCH' methods. ## Response objects @@ -29,7 +29,7 @@ REST framework provides two wrappers you can use to write API views. These wrappers provide a few bits of functionality such as making sure you receive `Request` instances in your view, and adding context to `Response` objects so that content negotiation can be performed. -The wrappers also provide behaviour such as returning `405 Method Not Allowed` responses when appropriate, and handling any `ParseError` exception that occurs when accessing `request.DATA` with malformed input. +The wrappers also provide behaviour such as returning `405 Method Not Allowed` responses when appropriate, and handling any `ParseError` exception that occurs when accessing `request.data` with malformed input. ## Pulling it all together @@ -55,7 +55,7 @@ We don't need our `JSONResponse` class in `views.py` anymore, so go ahead and de return Response(serializer.data) elif request.method == 'POST': - serializer = SnippetSerializer(data=request.DATA) + serializer = SnippetSerializer(data=request.data) if serializer.is_valid(): serializer.save() return Response(serializer.data, status=status.HTTP_201_CREATED) @@ -80,7 +80,7 @@ Here is the view for an individual snippet, in the `views.py` module. return Response(serializer.data) elif request.method == 'PUT': - serializer = SnippetSerializer(snippet, data=request.DATA) + serializer = SnippetSerializer(snippet, data=request.data) if serializer.is_valid(): serializer.save() return Response(serializer.data) @@ -92,7 +92,7 @@ Here is the view for an individual snippet, in the `views.py` module. This should all feel very familiar - it is not a lot different from working with regular Django views. -Notice that we're no longer explicitly tying our requests or responses to a given content type. `request.DATA` can handle incoming `json` requests, but it can also handle `yaml` and other formats. Similarly we're returning response objects with data, but allowing REST framework to render the response into the correct content type for us. +Notice that we're no longer explicitly tying our requests or responses to a given content type. `request.data` can handle incoming `json` requests, but it can also handle `yaml` and other formats. Similarly we're returning response objects with data, but allowing REST framework to render the response into the correct content type for us. ## Adding optional format suffixes to our URLs diff --git a/docs/tutorial/3-class-based-views.md b/docs/tutorial/3-class-based-views.md index 382f078a..0a9ea3f1 100644 --- a/docs/tutorial/3-class-based-views.md +++ b/docs/tutorial/3-class-based-views.md @@ -24,7 +24,7 @@ We'll start by rewriting the root view as a class based view. All this involves return Response(serializer.data) def post(self, request, format=None): - serializer = SnippetSerializer(data=request.DATA) + serializer = SnippetSerializer(data=request.data) if serializer.is_valid(): serializer.save() return Response(serializer.data, status=status.HTTP_201_CREATED) @@ -49,7 +49,7 @@ So far, so good. It looks pretty similar to the previous case, but we've got be def put(self, request, pk, format=None): snippet = self.get_object(pk) - serializer = SnippetSerializer(snippet, data=request.DATA) + serializer = SnippetSerializer(snippet, data=request.data) if serializer.is_valid(): serializer.save() return Response(serializer.data) -- cgit v1.2.3 From a3c0c8fb90f084d494cdf46551c8a6228ca5ffd0 Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Tue, 25 Nov 2014 12:04:35 +0000 Subject: Add missing period. --- docs/api-guide/generic-views.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/api-guide/generic-views.md b/docs/api-guide/generic-views.md index 49a5e58f..16ae8c55 100755 --- a/docs/api-guide/generic-views.md +++ b/docs/api-guide/generic-views.md @@ -352,7 +352,7 @@ You can then simply apply this mixin to a view or viewset anytime you need to ap serializer_class = UserSerializer lookup_fields = ('account', 'username') -Using custom mixins is a good option if you have custom behavior that needs to be used +Using custom mixins is a good option if you have custom behavior that needs to be used. ## Creating custom base classes -- cgit v1.2.3 From c4dff54ecc487b192d17763e48adc0bfcaa620d3 Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Tue, 25 Nov 2014 12:04:46 +0000 Subject: Docs on ValidationError --- docs/api-guide/exceptions.md | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) (limited to 'docs') diff --git a/docs/api-guide/exceptions.md b/docs/api-guide/exceptions.md index 8a99abb9..33eb74c8 100644 --- a/docs/api-guide/exceptions.md +++ b/docs/api-guide/exceptions.md @@ -152,5 +152,23 @@ Raised when an incoming request fails the throttling checks. By default this exception results in a response with the HTTP status code "429 Too Many Requests". +## ValidationError + +**Signature:** `ValidationError(detail)` + +The `ValidationError` exception is slightly different from the other `APIException` classes: + +* The `detail` argument is mandatory, not optional. +* The `detail` argument may be a list or dictionary of error details, and may also be a nested data structure. +* By convention you should import the serializers module and use a fully qualified `ValidationError` style, in order to differentiate it from Django's built-in validation error. For example. `raise serializers.ValidationError('This field must be an integer value.')` + +The `ValidationError` class should be used for serializer and field validation, and by validator classes. It is also raised when calling `serializer.is_valid` with the `raise_exception` keyword argument: + + serializer.is_valid(raise_exception=True) + +The generic views use the `raise_exception=True` flag, which means that you can override the style of validation error responses globally in your API. To do so, use a custom exception handler, as described above. + +By default this exception results in a response with the HTTP status code "400 Bad Request". + [cite]: http://www.doughellmann.com/articles/how-tos/python-exception-handling/index.html [authentication]: authentication.md -- cgit v1.2.3 From 83281254d1a4685535ab877fb9f9affeb93578bd Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Tue, 25 Nov 2014 12:06:27 +0000 Subject: Hypenate 'un-coerced' --- docs/topics/3.0-announcement.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/topics/3.0-announcement.md b/docs/topics/3.0-announcement.md index 694ad8a5..24b0923f 100644 --- a/docs/topics/3.0-announcement.md +++ b/docs/topics/3.0-announcement.md @@ -865,7 +865,7 @@ Or modify it on an individual serializer field, using the `coerce_to_string` key coerce_to_string=False ) -The default JSON renderer will return float objects for uncoerced `Decimal` instances. This allows you to easily switch between string or float representations for decimals depending on your API design needs. +The default JSON renderer will return float objects for un-coerced `Decimal` instances. This allows you to easily switch between string or float representations for decimals depending on your API design needs. ## Miscellaneous notes. -- cgit v1.2.3 From 3b40f8c1c110ef44d112a705652b9ef57a36d9c9 Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Tue, 25 Nov 2014 12:15:48 +0000 Subject: Drop 0.x release notes --- docs/topics/release-notes.md | 122 ++----------------------------------------- 1 file changed, 4 insertions(+), 118 deletions(-) (limited to 'docs') diff --git a/docs/topics/release-notes.md b/docs/topics/release-notes.md index 88780c3f..efc49ba1 100644 --- a/docs/topics/release-notes.md +++ b/docs/topics/release-notes.md @@ -442,7 +442,7 @@ The security vulnerabilities only affect APIs which use the `XMLParser` class, b * Bugfix: Validation errors instead of exceptions when related fields receive incorrect types. * Bugfix: Handle ObjectDoesNotExist exception when serializing null reverse one-to-one -**Note**: Prior to 2.1.16, The Decimals would render in JSON using floating point if `simplejson` was installed, but otherwise render using string notation. Now that use of `simplejson` has been deprecated, Decimals will consistently render using string notation. See [#582] for more details. +**Note**: Prior to 2.1.16, The Decimals would render in JSON using floating point if `simplejson` was installed, but otherwise render using string notation. Now that use of `simplejson` has been deprecated, Decimals will consistently render using string notation. See [ticket 582](ticket-582) for more details. ### 2.1.15 @@ -614,122 +614,7 @@ This change will not affect user code, so long as it's following the recommended * **Fix all of the things.** (Well, almost.) * For more information please see the [2.0 announcement][announcement]. ---- - -## 0.4.x series - -### 0.4.0 - -* Supports Django 1.5. -* Fixes issues with 'HEAD' method. -* Allow views to specify template used by TemplateRenderer -* More consistent error responses -* Some serializer fixes -* Fix internet explorer ajax behavior -* Minor xml and yaml fixes -* Improve setup (e.g. use staticfiles, not the defunct ADMIN_MEDIA_PREFIX) -* Sensible absolute URL generation, not using hacky set_script_prefix - ---- - -## 0.3.x series - -### 0.3.3 - -* Added DjangoModelPermissions class to support `django.contrib.auth` style permissions. -* Use `staticfiles` for css files. - - Easier to override. Won't conflict with customized admin styles (e.g. grappelli) -* Templates are now nicely namespaced. - - Allows easier overriding. -* Drop implied 'pk' filter if last arg in urlconf is unnamed. - - Too magical. Explicit is better than implicit. -* Saner template variable auto-escaping. -* Tidier setup.py -* Updated for URLObject 2.0 -* Bugfixes: - - Bug with PerUserThrottling when user contains unicode chars. - -### 0.3.2 - -* Bugfixes: - * Fix 403 for POST and PUT from the UI with UserLoggedInAuthentication (#115) - * serialize_model method in serializer.py may cause wrong value (#73) - * Fix Error when clicking OPTIONS button (#146) - * And many other fixes -* Remove short status codes - - Zen of Python: "There should be one-- and preferably only one --obvious way to do it." -* get_name, get_description become methods on the view - makes them overridable. -* Improved model mixin API - Hooks for build_query, get_instance_data, get_model, get_queryset, get_ordering - -### 0.3.1 - -* [not documented] - -### 0.3.0 - -* JSONP Support -* Bugfixes, including support for latest markdown release - ---- - -## 0.2.x series - -### 0.2.4 - -* Fix broken IsAdminUser permission. -* OPTIONS support. -* XMLParser. -* Drop mentions of Blog, BitBucket. - -### 0.2.3 - -* Fix some throttling bugs. -* ``X-Throttle`` header on throttling. -* Support for nesting resources on related models. - -### 0.2.2 - -* Throttling support complete. - -### 0.2.1 - -* Couple of simple bugfixes over 0.2.0 - -### 0.2.0 - -* Big refactoring changes since 0.1.0, ask on the discussion group if anything isn't clear. - The public API has been massively cleaned up. Expect it to be fairly stable from here on in. - -* ``Resource`` becomes decoupled into ``View`` and ``Resource``, your views should now inherit from ``View``, not ``Resource``. - -* The handler functions on views ``.get() .put() .post()`` etc, no longer have the ``content`` and ``auth`` args. - Use ``self.CONTENT`` inside a view to access the deserialized, validated content. - Use ``self.user`` inside a view to access the authenticated user. - -* ``allowed_methods`` and ``anon_allowed_methods`` are now defunct. if a method is defined, it's available. - The ``permissions`` attribute on a ``View`` is now used to provide generic permissions checking. - Use permission classes such as ``FullAnonAccess``, ``IsAuthenticated`` or ``IsUserOrIsAnonReadOnly`` to set the permissions. - -* The ``authenticators`` class becomes ``authentication``. Class names change to ``Authentication``. - -* The ``emitters`` class becomes ``renderers``. Class names change to ``Renderers``. - -* ``ResponseException`` becomes ``ErrorResponse``. - -* The mixin classes have been nicely refactored, the basic mixins are now ``RequestMixin``, ``ResponseMixin``, ``AuthMixin``, and ``ResourceMixin`` - You can reuse these mixin classes individually without using the ``View`` class. - ---- - -## 0.1.x series - -### 0.1.1 - -* Final build before pulling in all the refactoring changes for 0.2, in case anyone needs to hang on to 0.1. - -### 0.1.0 - -* Initial release. +For older release notes, [please see the GitHub repo](old-release-notes). [cite]: http://www.catb.org/~esr/writings/cathedral-bazaar/cathedral-bazaar/ar01s04.html [deprecation-policy]: #deprecation-policy @@ -742,5 +627,6 @@ This change will not affect user code, so long as it's following the recommended [staticfiles13]: https://docs.djangoproject.com/en/1.3/howto/static-files/#with-a-template-tag [2.1.0-notes]: https://groups.google.com/d/topic/django-rest-framework/Vv2M0CMY9bg/discussion [announcement]: rest-framework-2-announcement.md -[#582]: https://github.com/tomchristie/django-rest-framework/issues/582 +[ticket-582]: https://github.com/tomchristie/django-rest-framework/issues/582 [rfc-6266]: http://tools.ietf.org/html/rfc6266#section-4.3 +[old-release-notes]: https://github.com/tomchristie/django-rest-framework/blob/2.4.4/docs/topics/release-notes.md#04x-series -- cgit v1.2.3 From 3a648b9f0b0aa9a955065b96ea1a03376816ec00 Mon Sep 17 00:00:00 2001 From: Dougal Matthews Date: Thu, 9 Oct 2014 10:14:04 +0100 Subject: Migrate documentation to MkDocs proper --- docs/404.html | 201 ------------------------------------------ docs/template.html | 239 ------------------------------------------------- docs/theme/404.html | 201 ++++++++++++++++++++++++++++++++++++++++++ docs/theme/base.html | 244 +++++++++++++++++++++++++++++++++++++++++++++++++++ 4 files changed, 445 insertions(+), 440 deletions(-) delete mode 100644 docs/404.html delete mode 100644 docs/template.html create mode 100644 docs/theme/404.html create mode 100644 docs/theme/base.html (limited to 'docs') diff --git a/docs/404.html b/docs/404.html deleted file mode 100644 index 864247e7..00000000 --- a/docs/404.html +++ /dev/null @@ -1,201 +0,0 @@ - - - - - Django REST framework - 404 - Page not found - - - - - - - - - - - - - - - - - - - -
    - -
    -
    -
    - GitHub - Next - Previous - Search - - - - - - Django REST framework -
    - -
      - -
    -
    -
    -
    -
    - -
    -
    - - - - -
    -
    -

    404

    -

    Page not found

    -

    Try the homepage, or search the documentation.

    -
    -
    -
    -
    - -
    -
    - - - - - - - - - - diff --git a/docs/template.html b/docs/template.html deleted file mode 100644 index f36cffc6..00000000 --- a/docs/template.html +++ /dev/null @@ -1,239 +0,0 @@ - - - - - {{ title }} - - - - - - - - - - - - - - - - - - - - -
    - -
    -
    -
    - GitHub - Next - Previous - Search - - - - - - Django REST framework -
    - -
      - -
    -
    -
    -
    -
    - -
    -
    - - - - -
    - -
    - -
    -
      - {{ toc }} -
      - {{ ad_block }} -
      -
    - -
    -
    - -
    - {{ content }} -
    -
    -
    -
    - -
    -
    - - - - - - - - - - - diff --git a/docs/theme/404.html b/docs/theme/404.html new file mode 100644 index 00000000..864247e7 --- /dev/null +++ b/docs/theme/404.html @@ -0,0 +1,201 @@ + + + + + Django REST framework - 404 - Page not found + + + + + + + + + + + + + + + + + + + +
    + +
    +
    +
    + GitHub + Next + Previous + Search + + + + + + Django REST framework +
    + +
      + +
    +
    +
    +
    +
    + +
    +
    + + + + +
    +
    +

    404

    +

    Page not found

    +

    Try the homepage, or search the documentation.

    +
    +
    +
    +
    + +
    +
    + + + + + + + + + + diff --git a/docs/theme/base.html b/docs/theme/base.html new file mode 100644 index 00000000..45e19cf3 --- /dev/null +++ b/docs/theme/base.html @@ -0,0 +1,244 @@ + + + + + {{ title }} + + + + + + + + + + + + + + + + + + + + +
    + +
    +
    +
    + GitHub + Next + Previous + Search + + + + + + Django REST framework +
    + +
      + +
    +
    +
    +
    +
    + +
    +
    + + + + +
    + +
    + +
    + + +
    +
    + +
    + {{ content }} +
    +
    +
    +
    + +
    +
    + + + + + + + + + + + -- cgit v1.2.3 From 261c4ce9aff6725a4e069cf45d0f57ec97a27bdb Mon Sep 17 00:00:00 2001 From: Dougal Matthews Date: Wed, 22 Oct 2014 21:13:40 +0100 Subject: Remove redundant requirements file --- docs/requirements.txt | 1 - 1 file changed, 1 deletion(-) delete mode 100644 docs/requirements.txt (limited to 'docs') diff --git a/docs/requirements.txt b/docs/requirements.txt deleted file mode 100644 index a91fb978..00000000 --- a/docs/requirements.txt +++ /dev/null @@ -1 +0,0 @@ -markdown>=2.1.0 -- cgit v1.2.3 From 84d9c4b46eacda54b31a3779c623554758f4dccc Mon Sep 17 00:00:00 2001 From: Dougal Matthews Date: Wed, 22 Oct 2014 21:36:11 +0100 Subject: Change site_dir to html to match mkdocs.py --- docs/topics/contributing.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'docs') diff --git a/docs/topics/contributing.md b/docs/topics/contributing.md index 52f6e287..5809af65 100644 --- a/docs/topics/contributing.md +++ b/docs/topics/contributing.md @@ -135,15 +135,15 @@ There are many great Markdown editors that make working with the documentation r ## Building the documentation -To build the documentation, simply run the `mkdocs.py` script. +To build the documentation, simply install MkDocs with `pip install mkdocs` and then run the following command. - ./mkdocs.py + mkdocs build This will build the html output into the `html` directory. -You can build the documentation and open a preview in a browser window by using the `-p` flag. +You can build the documentation and open a preview in a browser window by using the `serve` command. - ./mkdocs.py -p + mkdocs serve ## Language style -- cgit v1.2.3 From 2ddef2d3263b2187fd502e42eaaecc3a4f0ad2b2 Mon Sep 17 00:00:00 2001 From: Dougal Matthews Date: Thu, 23 Oct 2014 14:10:23 +0100 Subject: Drop simply from the mkdocs install lines It is still simple tho', honest ;) --- docs/topics/contributing.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/topics/contributing.md b/docs/topics/contributing.md index 5809af65..c7991a0f 100644 --- a/docs/topics/contributing.md +++ b/docs/topics/contributing.md @@ -135,7 +135,7 @@ There are many great Markdown editors that make working with the documentation r ## Building the documentation -To build the documentation, simply install MkDocs with `pip install mkdocs` and then run the following command. +To build the documentation, install MkDocs with `pip install mkdocs` and then run the following command. mkdocs build -- cgit v1.2.3 From d6b203f013890cc25f5454696805bc85c1ca2482 Mon Sep 17 00:00:00 2001 From: José Padilla Date: Tue, 28 Oct 2014 17:40:29 -0400 Subject: Use page_title instead of title in docs theme --- docs/theme/base.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/theme/base.html b/docs/theme/base.html index 45e19cf3..943a60e4 100644 --- a/docs/theme/base.html +++ b/docs/theme/base.html @@ -2,7 +2,7 @@ - {{ title }} + {{ page_title }} -- cgit v1.2.3 From 18712a5cbcbb25d935b93baac589cacfe1cbb754 Mon Sep 17 00:00:00 2001 From: Dougal Matthews Date: Wed, 29 Oct 2014 20:54:20 +0000 Subject: Fix the Navigation style --- docs/theme/base.html | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) (limited to 'docs') diff --git a/docs/theme/base.html b/docs/theme/base.html index 943a60e4..e5ad4377 100644 --- a/docs/theme/base.html +++ b/docs/theme/base.html @@ -188,15 +188,12 @@ a.fusion-poweredby {
    +
    -- cgit v1.2.3 From 49a493f61f4d5b4447d139d189d78995e65231b2 Mon Sep 17 00:00:00 2001 From: Dougal Matthews Date: Wed, 29 Oct 2014 20:54:31 +0000 Subject: Bring back the promo section --- docs/theme/base.html | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/theme/base.html b/docs/theme/base.html index e5ad4377..7ca7de14 100644 --- a/docs/theme/base.html +++ b/docs/theme/base.html @@ -191,7 +191,8 @@ a.fusion-poweredby {
  • {{ toc_item.title }}
    • {% endfor %}
    - {{ ad_block }} +
    +
    -- cgit v1.2.3 From 3c49b9fe4648d6fb291f0d34bf2e9ef4b72d45be Mon Sep 17 00:00:00 2001 From: Dougal Matthews Date: Wed, 29 Oct 2014 21:03:00 +0000 Subject: Add next and previous page. --- docs/theme/base.html | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'docs') diff --git a/docs/theme/base.html b/docs/theme/base.html index 7ca7de14..0f876cc1 100644 --- a/docs/theme/base.html +++ b/docs/theme/base.html @@ -57,8 +57,8 @@ a.fusion-poweredby {
    GitHub - Next - Previous + Next + Previous Search -- cgit v1.2.3 From 5600878672a47a6aedd49322b4e0c9cce561d1d6 Mon Sep 17 00:00:00 2001 From: Dougal Matthews Date: Wed, 29 Oct 2014 21:26:23 +0000 Subject: Fixed the TOC (again) Not sure how I broke it ;-) --- docs/theme/base.html | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) (limited to 'docs') diff --git a/docs/theme/base.html b/docs/theme/base.html index 0f876cc1..bb3ede2a 100644 --- a/docs/theme/base.html +++ b/docs/theme/base.html @@ -189,11 +189,10 @@ a.fusion-poweredby {
    -- cgit v1.2.3 From 6da9d5aee09aecbfb7afdacdd2e445e7c30c5999 Mon Sep 17 00:00:00 2001 From: Dougal Matthews Date: Wed, 29 Oct 2014 21:26:51 +0000 Subject: Add a workaround for not having the index name --- docs/theme/base.html | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/theme/base.html b/docs/theme/base.html index bb3ede2a..d8ff0e07 100644 --- a/docs/theme/base.html +++ b/docs/theme/base.html @@ -49,7 +49,8 @@ a.fusion-poweredby { } - + {# TODO: This is a bit of a hack. We don't want to refer to the file specifically. #} +
    @@ -193,6 +194,15 @@ a.fusion-poweredby {
  • {{ toc_item.title }}
    • {% endfor %} {% endfor %} + + {# TODO: This is a bit of a hack. We don't want to refer to the file specifically. #} + {% if current_page.input_path == 'index.md' %} +
    +
    + +
    + {% endif %} +
    -- cgit v1.2.3 From b443f81481815423d0f953ca41052b4993dfb12f Mon Sep 17 00:00:00 2001 From: Dougal Matthews Date: Wed, 29 Oct 2014 22:29:11 +0000 Subject: Add meta description --- docs/theme/base.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/theme/base.html b/docs/theme/base.html index d8ff0e07..5187d581 100644 --- a/docs/theme/base.html +++ b/docs/theme/base.html @@ -6,7 +6,7 @@ - + -- cgit v1.2.3 From 5d479c20d8b9a376057517a4d53d58ff891f5483 Mon Sep 17 00:00:00 2001 From: Dougal Matthews Date: Wed, 29 Oct 2014 22:29:41 +0000 Subject: Move nav to it's own template based on the MkDocs theme --- docs/theme/base.html | 93 +--------------------------------------------------- docs/theme/nav.html | 45 +++++++++++++++++++++++++ 2 files changed, 46 insertions(+), 92 deletions(-) create mode 100644 docs/theme/nav.html (limited to 'docs') diff --git a/docs/theme/base.html b/docs/theme/base.html index 5187d581..4ca6cd81 100644 --- a/docs/theme/base.html +++ b/docs/theme/base.html @@ -54,98 +54,7 @@ a.fusion-poweredby {
    -
    -
    -
    - GitHub - Next - Previous - Search - - - - - - Django REST framework -
    - -
      - -
    -
    -
    -
    -
    + {% include "nav.html" %}
    diff --git a/docs/theme/nav.html b/docs/theme/nav.html new file mode 100644 index 00000000..a7a72d68 --- /dev/null +++ b/docs/theme/nav.html @@ -0,0 +1,45 @@ + +
    +
    +
    + GitHub + Next + Previous + Search + + + + + + Django REST framework +
    + {% if include_nav %} + + + {% endif %} +
    + +
    +
    +
    -- cgit v1.2.3 From d72a56f37f59d0700d163b67d5af78fc545c91f7 Mon Sep 17 00:00:00 2001 From: Dougal Matthews Date: Fri, 31 Oct 2014 15:02:47 +0000 Subject: Move the docs theme out of the docs folder. --- docs/theme/404.html | 201 --------------------------------------------------- docs/theme/base.html | 160 ---------------------------------------- docs/theme/nav.html | 45 ------------ 3 files changed, 406 deletions(-) delete mode 100644 docs/theme/404.html delete mode 100644 docs/theme/base.html delete mode 100644 docs/theme/nav.html (limited to 'docs') diff --git a/docs/theme/404.html b/docs/theme/404.html deleted file mode 100644 index 864247e7..00000000 --- a/docs/theme/404.html +++ /dev/null @@ -1,201 +0,0 @@ - - - - - Django REST framework - 404 - Page not found - - - - - - - - - - - - - - - - - - - -
    - -
    -
    -
    - GitHub - Next - Previous - Search - - - - - - Django REST framework -
    - -
      - -
    -
    -
    -
    -
    - -
    -
    - - - - -
    -
    -

    404

    -

    Page not found

    -

    Try the homepage, or search the documentation.

    -
    -
    -
    -
    - -
    -
    - - - - - - - - - - diff --git a/docs/theme/base.html b/docs/theme/base.html deleted file mode 100644 index 4ca6cd81..00000000 --- a/docs/theme/base.html +++ /dev/null @@ -1,160 +0,0 @@ - - - - - {{ page_title }} - - - - - - - - - - - - - - - - - - - {# TODO: This is a bit of a hack. We don't want to refer to the file specifically. #} - - -
    - - {% include "nav.html" %} - -
    -
    - - - - -
    - -
    - -
    -
      - {% for toc_item in toc %} -
    • {{ toc_item.title }}
      • - {% for toc_item in toc_item.children %} -
    • {{ toc_item.title }}
      • - {% endfor %} - {% endfor %} - - {# TODO: This is a bit of a hack. We don't want to refer to the file specifically. #} - {% if current_page.input_path == 'index.md' %} -
      -
      - -
      - {% endif %} - -
    - -
    -
    - -
    - {{ content }} -
    -
    -
    -
    - -
    -
    - - - - - - - - - - - diff --git a/docs/theme/nav.html b/docs/theme/nav.html deleted file mode 100644 index a7a72d68..00000000 --- a/docs/theme/nav.html +++ /dev/null @@ -1,45 +0,0 @@ - -
    -
    -
    - GitHub - Next - Previous - Search - - - - - - Django REST framework -
    - {% if include_nav %} - - - {% endif %} -
    - -
    -
    -
    -- cgit v1.2.3 From 16d442dda3ee9d4ff40d067d76706959aac4c6a3 Mon Sep 17 00:00:00 2001 From: José Padilla Date: Fri, 31 Oct 2014 09:04:39 -0400 Subject: Use MkDocs meta.source to render source code links --- docs/api-guide/authentication.md | 2 +- docs/api-guide/content-negotiation.md | 6 +++--- docs/api-guide/exceptions.md | 2 +- docs/api-guide/fields.md | 4 ++-- docs/api-guide/filtering.md | 24 ++++++++++----------- docs/api-guide/format-suffixes.md | 12 +++++------ docs/api-guide/generic-views.md | 4 ++-- docs/api-guide/pagination.md | 6 +++--- docs/api-guide/parsers.md | 6 +++--- docs/api-guide/permissions.md | 8 +++---- docs/api-guide/relations.md | 40 +++++++++++++++++------------------ docs/api-guide/renderers.md | 14 ++++++------ docs/api-guide/requests.md | 8 +++---- docs/api-guide/responses.md | 4 ++-- docs/api-guide/reverse.md | 4 ++-- docs/api-guide/routers.md | 8 +++---- docs/api-guide/serializers.md | 34 ++++++++++++++--------------- docs/api-guide/settings.md | 2 +- docs/api-guide/status-codes.md | 6 +++--- docs/api-guide/testing.md | 6 +++--- docs/api-guide/throttling.md | 10 ++++----- docs/api-guide/views.md | 7 +++--- docs/api-guide/viewsets.md | 2 +- docs/theme/content.html | 11 ++++++++++ 24 files changed, 121 insertions(+), 109 deletions(-) create mode 100644 docs/theme/content.html (limited to 'docs') diff --git a/docs/api-guide/authentication.md b/docs/api-guide/authentication.md index 01774c10..b04858e3 100755 --- a/docs/api-guide/authentication.md +++ b/docs/api-guide/authentication.md @@ -1,4 +1,4 @@ - +source: authentication.py # Authentication diff --git a/docs/api-guide/content-negotiation.md b/docs/api-guide/content-negotiation.md index 94dd59ca..bc3b09fb 100644 --- a/docs/api-guide/content-negotiation.md +++ b/docs/api-guide/content-negotiation.md @@ -1,4 +1,4 @@ - +source: negotiation.py # Content negotiation @@ -29,7 +29,7 @@ The priorities for each of the given media types would be: If the requested view was only configured with renderers for `YAML` and `HTML`, then REST framework would select whichever renderer was listed first in the `renderer_classes` list or `DEFAULT_RENDERER_CLASSES` setting. -For more information on the `HTTP Accept` header, see [RFC 2616][accept-header] +For more information on the `HTTP Accept` header, see [RFC 2616][accept-header] --- @@ -62,7 +62,7 @@ request when selecting the appropriate parser or renderer. Select the first parser in the `.parser_classes` list. """ return parsers[0] - + def select_renderer(self, request, renderers, format_suffix): """ Select the first renderer in the `.renderer_classes` list. diff --git a/docs/api-guide/exceptions.md b/docs/api-guide/exceptions.md index e61dcfa9..8e0b1958 100644 --- a/docs/api-guide/exceptions.md +++ b/docs/api-guide/exceptions.md @@ -1,4 +1,4 @@ - +source: exceptions.py # Exceptions diff --git a/docs/api-guide/fields.md b/docs/api-guide/fields.md index 292a51d8..354ec966 100644 --- a/docs/api-guide/fields.md +++ b/docs/api-guide/fields.md @@ -1,4 +1,4 @@ - +source: fields.py # Serializer fields @@ -62,7 +62,7 @@ A dictionary of error codes to error messages. ### `widget` Used only if rendering the field to HTML. -This argument sets the widget that should be used to render the field. For more details, and a list of available widgets, see [the Django documentation on form widgets][django-widgets]. +This argument sets the widget that should be used to render the field. For more details, and a list of available widgets, see [the Django documentation on form widgets][django-widgets]. ### `label` diff --git a/docs/api-guide/filtering.md b/docs/api-guide/filtering.md index cfeb4334..83977048 100644 --- a/docs/api-guide/filtering.md +++ b/docs/api-guide/filtering.md @@ -1,4 +1,4 @@ - +source: filters.py # Filtering @@ -26,7 +26,7 @@ For example: class PurchaseList(generics.ListAPIView): serializer_class = PurchaseSerializer - + def get_queryset(self): """ This view should return a list of all the purchases @@ -38,7 +38,7 @@ For example: ## Filtering against the URL -Another style of filtering might involve restricting the queryset based on some part of the URL. +Another style of filtering might involve restricting the queryset based on some part of the URL. For example if your URL config contained an entry like this: @@ -48,7 +48,7 @@ You could then write a view that returned a purchase queryset filtered by the us class PurchaseList(generics.ListAPIView): serializer_class = PurchaseSerializer - + def get_queryset(self): """ This view should return a list of all the purchases for @@ -57,7 +57,7 @@ You could then write a view that returned a purchase queryset filtered by the us username = self.kwargs['username'] return Purchase.objects.filter(purchaser__username=username) -## Filtering against query parameters +## Filtering against query parameters A final example of filtering the initial queryset would be to determine the initial queryset based on query parameters in the url. @@ -65,7 +65,7 @@ We can override `.get_queryset()` to deal with URLs such as `http://example.com/ class PurchaseList(generics.ListAPIView): serializer_class = PurchaseSerializer - + def get_queryset(self): """ Optionally restricts the returned purchases to a given user, @@ -113,7 +113,7 @@ For instance, given the previous example, and a product with an id of `4675`, th http://example.com/api/products/4675/?category=clothing&max_price=10.00 ## Overriding the initial queryset - + Note that you can use both an overridden `.get_queryset()` and generic filtering together, and everything will work as expected. For example, if `Product` had a many-to-many relationship with `User`, named `purchase`, you might want to write a view like this: class PurchasedProductsList(generics.ListAPIView): @@ -124,7 +124,7 @@ Note that you can use both an overridden `.get_queryset()` and generic filtering model = Product serializer_class = ProductSerializer filter_class = ProductFilter - + def get_queryset(self): user = self.request.user return user.purchase_set.all() @@ -135,7 +135,7 @@ Note that you can use both an overridden `.get_queryset()` and generic filtering ## DjangoFilterBackend -The `DjangoFilterBackend` class supports highly customizable field filtering, using the [django-filter package][django-filter]. +The `DjangoFilterBackend` class supports highly customizable field filtering, using the [django-filter package][django-filter]. To use REST framework's `DjangoFilterBackend`, first install `django-filter`. @@ -216,7 +216,7 @@ This is nice, but it exposes the Django's double underscore convention as part o And now you can execute: http://example.com/api/products?manufacturer=foo - + For more details on using filter sets see the [django-filter documentation][django-filter-docs]. --- @@ -224,7 +224,7 @@ For more details on using filter sets see the [django-filter documentation][djan **Hints & Tips** * By default filtering is not enabled. If you want to use `DjangoFilterBackend` remember to make sure it is installed by using the `'DEFAULT_FILTER_BACKENDS'` setting. -* When using boolean fields, you should use the values `True` and `False` in the URL query parameters, rather than `0`, `1`, `true` or `false`. (The allowed boolean values are currently hardwired in Django's [NullBooleanSelect implementation][nullbooleanselect].) +* When using boolean fields, you should use the values `True` and `False` in the URL query parameters, rather than `0`, `1`, `true` or `false`. (The allowed boolean values are currently hardwired in Django's [NullBooleanSelect implementation][nullbooleanselect].) * `django-filter` supports filtering across relationships, using Django's double-underscore syntax. * For Django 1.3 support, make sure to install `django-filter` version 0.5.4, as later versions drop support for 1.3. @@ -316,7 +316,7 @@ Typically you'd instead control this by setting `order_by` on the initial querys queryset = User.objects.all() serializer_class = UserSerializer filter_backends = (filters.OrderingFilter,) - ordering = ('username',) + ordering = ('username',) The `ordering` attribute may be either a string or a list/tuple of strings. diff --git a/docs/api-guide/format-suffixes.md b/docs/api-guide/format-suffixes.md index 76a3367b..20c1e995 100644 --- a/docs/api-guide/format-suffixes.md +++ b/docs/api-guide/format-suffixes.md @@ -1,4 +1,4 @@ - +source: urlpatterns.py # Format suffixes @@ -7,7 +7,7 @@ used all the time. > > — Roy Fielding, [REST discuss mailing list][cite] -A common pattern for Web APIs is to use filename extensions on URLs to provide an endpoint for a given media type. For example, 'http://example.com/api/users.json' to serve a JSON representation. +A common pattern for Web APIs is to use filename extensions on URLs to provide an endpoint for a given media type. For example, 'http://example.com/api/users.json' to serve a JSON representation. Adding format-suffix patterns to each individual entry in the URLconf for your API is error-prone and non-DRY, so REST framework provides a shortcut to adding these patterns to your URLConf. @@ -21,7 +21,7 @@ Arguments: * **urlpatterns**: Required. A URL pattern list. * **suffix_required**: Optional. A boolean indicating if suffixes in the URLs should be optional or mandatory. Defaults to `False`, meaning that suffixes are optional by default. -* **allowed**: Optional. A list or tuple of valid format suffixes. If not provided, a wildcard format suffix pattern will be used. +* **allowed**: Optional. A list or tuple of valid format suffixes. If not provided, a wildcard format suffix pattern will be used. Example: @@ -33,7 +33,7 @@ Example: url(r'^comments/$', views.comment_list), url(r'^comments/(?P[0-9]+)/$', views.comment_detail) ] - + urlpatterns = format_suffix_patterns(urlpatterns, allowed=['json', 'html']) When using `format_suffix_patterns`, you must make sure to add the `'format'` keyword argument to the corresponding views. For example: @@ -56,12 +56,12 @@ The name of the kwarg used may be modified by using the `FORMAT_SUFFIX_KWARG` se Also note that `format_suffix_patterns` does not support descending into `include` URL patterns. --- - + ## Accept headers vs. format suffixes There seems to be a view among some of the Web community that filename extensions are not a RESTful pattern, and that `HTTP Accept` headers should always be used instead. -It is actually a misconception. For example, take the following quote from Roy Fielding discussing the relative merits of query parameter media-type indicators vs. file extension media-type indicators: +It is actually a misconception. For example, take the following quote from Roy Fielding discussing the relative merits of query parameter media-type indicators vs. file extension media-type indicators: “That's why I always prefer extensions. Neither choice has anything to do with REST.” — Roy Fielding, [REST discuss mailing list][cite2] diff --git a/docs/api-guide/generic-views.md b/docs/api-guide/generic-views.md index 49a5e58f..648ece82 100755 --- a/docs/api-guide/generic-views.md +++ b/docs/api-guide/generic-views.md @@ -1,5 +1,5 @@ - - +source: mixins.py + generics.py # Generic views diff --git a/docs/api-guide/pagination.md b/docs/api-guide/pagination.md index e57aed1a..9b7086c5 100644 --- a/docs/api-guide/pagination.md +++ b/docs/api-guide/pagination.md @@ -1,4 +1,4 @@ - +source: pagination.py # Pagination @@ -6,7 +6,7 @@ > > — [Django documentation][cite] -REST framework includes a `PaginationSerializer` class that makes it easy to return paginated data in a way that can then be rendered to arbitrary media types. +REST framework includes a `PaginationSerializer` class that makes it easy to return paginated data in a way that can then be rendered to arbitrary media types. ## Paginating basic data @@ -33,7 +33,7 @@ The `context` argument of the `PaginationSerializer` class may optionally includ request = RequestFactory().get('/foobar') serializer = PaginationSerializer(instance=page, context={'request': request}) serializer.data - # {'count': 4, 'next': 'http://testserver/foobar?page=2', 'previous': None, 'results': [u'john', u'paul']} + # {'count': 4, 'next': 'http://testserver/foobar?page=2', 'previous': None, 'results': [u'john', u'paul']} We could now return that data in a `Response` object, and it would be rendered into the correct media type. diff --git a/docs/api-guide/parsers.md b/docs/api-guide/parsers.md index 72a4af64..42d77b22 100644 --- a/docs/api-guide/parsers.md +++ b/docs/api-guide/parsers.md @@ -1,4 +1,4 @@ - +source: parsers.py # Parsers @@ -161,7 +161,7 @@ By default this will include the following keys: `view`, `request`, `args`, `kwa ## Example -The following is an example plaintext parser that will populate the `request.DATA` property with a string representing the body of the request. +The following is an example plaintext parser that will populate the `request.DATA` property with a string representing the body of the request. class PlainTextParser(BaseParser): """ @@ -197,4 +197,4 @@ The following third party packages are also available. [juanriaza]: https://github.com/juanriaza [vbabiy]: https://github.com/vbabiy [djangorestframework-msgpack]: https://github.com/juanriaza/django-rest-framework-msgpack -[djangorestframework-camel-case]: https://github.com/vbabiy/djangorestframework-camel-case \ No newline at end of file +[djangorestframework-camel-case]: https://github.com/vbabiy/djangorestframework-camel-case diff --git a/docs/api-guide/permissions.md b/docs/api-guide/permissions.md index 446e362e..f068f0f7 100644 --- a/docs/api-guide/permissions.md +++ b/docs/api-guide/permissions.md @@ -1,4 +1,4 @@ - +source: permissions.py # Permissions @@ -12,7 +12,7 @@ Permission checks are always run at the very start of the view, before any other ## How permissions are determined -Permissions in REST framework are always defined as a list of permission classes. +Permissions in REST framework are always defined as a list of permission classes. Before running the main body of the view each permission in the list is checked. If any permission check fails an `exceptions.PermissionDenied` exception will be raised, and the main body of the view will not run. @@ -220,9 +220,9 @@ As well as global permissions, that are run against all incoming requests, you c def has_object_permission(self, request, view, obj): # Read permissions are allowed to any request, # so we'll always allow GET, HEAD or OPTIONS requests. - if request.method in permissions.SAFE_METHODS: + if request.method in permissions.SAFE_METHODS: return True - + # Instance must have an attribute named `owner`. return obj.owner == request.user diff --git a/docs/api-guide/relations.md b/docs/api-guide/relations.md index d03a75ae..ad981b2b 100644 --- a/docs/api-guide/relations.md +++ b/docs/api-guide/relations.md @@ -1,4 +1,4 @@ - +source: relations.py # Serializer relations @@ -33,7 +33,7 @@ In order to explain the various types of relational fields, we'll use a couple o class Meta: unique_together = ('album', 'order') order_by = 'order' - + def __unicode__(self): return '%d: %s' % (self.order, self.title) @@ -42,10 +42,10 @@ In order to explain the various types of relational fields, we'll use a couple o `RelatedField` may be used to represent the target of the relationship using its `__unicode__` method. For example, the following serializer. - + class AlbumSerializer(serializers.ModelSerializer): tracks = serializers.RelatedField(many=True) - + class Meta: model = Album fields = ('album_name', 'artist', 'tracks') @@ -74,10 +74,10 @@ This field is read only. `PrimaryKeyRelatedField` may be used to represent the target of the relationship using its primary key. For example, the following serializer: - + class AlbumSerializer(serializers.ModelSerializer): tracks = serializers.PrimaryKeyRelatedField(many=True, read_only=True) - + class Meta: model = Album fields = ('album_name', 'artist', 'tracks') @@ -108,11 +108,11 @@ By default this field is read-write, although you can change this behavior using `HyperlinkedRelatedField` may be used to represent the target of the relationship using a hyperlink. For example, the following serializer: - + class AlbumSerializer(serializers.ModelSerializer): tracks = serializers.HyperlinkedRelatedField(many=True, read_only=True, view_name='track-detail') - + class Meta: model = Album fields = ('album_name', 'artist', 'tracks') @@ -146,11 +146,11 @@ By default this field is read-write, although you can change this behavior using `SlugRelatedField` may be used to represent the target of the relationship using a field on the target. For example, the following serializer: - + class AlbumSerializer(serializers.ModelSerializer): tracks = serializers.SlugRelatedField(many=True, read_only=True, slug_field='title') - + class Meta: model = Album fields = ('album_name', 'artist', 'tracks') @@ -222,10 +222,10 @@ For example, the following serializer: class Meta: model = Track fields = ('order', 'title') - + class AlbumSerializer(serializers.ModelSerializer): tracks = TrackSerializer(many=True) - + class Meta: model = Album fields = ('album_name', 'artist', 'tracks') @@ -262,7 +262,7 @@ For, example, we could define a relational field, to serialize a track to a cust class AlbumSerializer(serializers.ModelSerializer): tracks = TrackListingField(many=True) - + class Meta: model = Album fields = ('album_name', 'artist', 'tracks') @@ -302,7 +302,7 @@ If you have not set a related name for the reverse relationship, you'll need to class AlbumSerializer(serializers.ModelSerializer): class Meta: - fields = ('track_set', ...) + fields = ('track_set', ...) See the Django documentation on [reverse relationships][reverse-relationships] for more details. @@ -315,14 +315,14 @@ For example, given the following model for a tag, which has a generic relationsh class TaggedItem(models.Model): """ Tags arbitrary model instances using a generic relation. - + See: https://docs.djangoproject.com/en/dev/ref/contrib/contenttypes/ """ tag_name = models.SlugField() content_type = models.ForeignKey(ContentType) object_id = models.PositiveIntegerField() tagged_object = GenericForeignKey('content_type', 'object_id') - + def __unicode__(self): return self.tag @@ -353,7 +353,7 @@ We could define a custom field that could be used to serialize tagged instances, def to_native(self, value): """ Serialize tagged objects to a simple textual representation. - """ + """ if isinstance(value, Bookmark): return 'Bookmark: ' + value.url elif isinstance(value, Note): @@ -366,7 +366,7 @@ If you need the target of the relationship to have a nested representation, you """ Serialize bookmark instances using a bookmark serializer, and note instances using a note serializer. - """ + """ if isinstance(value, Bookmark): serializer = BookmarkSerializer(value) elif isinstance(value, Note): @@ -391,7 +391,7 @@ to ``True``. ## Advanced Hyperlinked fields -If you have very specific requirements for the style of your hyperlinked relationships you can override `HyperlinkedRelatedField`. +If you have very specific requirements for the style of your hyperlinked relationships you can override `HyperlinkedRelatedField`. There are two methods you'll need to override. @@ -411,7 +411,7 @@ May raise an `ObjectDoesNotExist` exception. ### Example -For example, if all your object URLs used both a account and a slug in the the URL to reference the object, you might create a custom field like this: +For example, if all your object URLs used both a account and a slug in the the URL to reference the object, you might create a custom field like this: class CustomHyperlinkedField(serializers.HyperlinkedRelatedField): def get_url(self, obj, view_name, request, format): diff --git a/docs/api-guide/renderers.md b/docs/api-guide/renderers.md index db7436c2..035ec1d2 100644 --- a/docs/api-guide/renderers.md +++ b/docs/api-guide/renderers.md @@ -1,4 +1,4 @@ - +source: renderers.py # Renderers @@ -115,7 +115,7 @@ The `jsonp` approach is essentially a browser hack, and is [only appropriate for ## YAMLRenderer -Renders the request data into `YAML`. +Renders the request data into `YAML`. Requires the `pyyaml` package to be installed. @@ -131,7 +131,7 @@ Note that non-ascii characters will be rendered using `\uXXXX` character escape. ## UnicodeYAMLRenderer -Renders the request data into `YAML`. +Renders the request data into `YAML`. Requires the `pyyaml` package to be installed. @@ -184,7 +184,7 @@ An example of a view that uses `TemplateHTMLRenderer`: def get(self, request, *args, **kwargs): self.object = self.get_object() return Response({'user': self.object}, template_name='user_detail.html') - + You can use `TemplateHTMLRenderer` either to return regular HTML pages using REST framework, or to return both HTML and API responses from a single endpoint. If you're building websites that use `TemplateHTMLRenderer` along with other renderer classes, you should consider listing `TemplateHTMLRenderer` as the first class in the `renderer_classes` list, so that it will be prioritised first even for browsers that send poorly formed `ACCEPT:` headers. @@ -205,7 +205,7 @@ An example of a view that uses `TemplateHTMLRenderer`: @api_view(('GET',)) @renderer_classes((StaticHTMLRenderer,)) - def simple_html_view(request): + def simple_html_view(request): data = '

    Hello, world

    ' return Response(data) @@ -300,7 +300,7 @@ The following is an example plaintext renderer that will return a response with class PlainTextRenderer(renderers.BaseRenderer): media_type = 'text/plain' format = 'txt' - + def render(self, data, media_type=None, renderer_context=None): return data.encode(self.charset) @@ -340,7 +340,7 @@ You can do some pretty flexible things using REST framework's renderers. Some e * Provide either flat or nested representations from the same endpoint, depending on the requested media type. * Serve both regular HTML webpages, and JSON based API responses from the same endpoints. * Specify multiple types of HTML representation for API clients to use. -* Underspecify a renderer's media type, such as using `media_type = 'image/*'`, and use the `Accept` header to vary the encoding of the response. +* Underspecify a renderer's media type, such as using `media_type = 'image/*'`, and use the `Accept` header to vary the encoding of the response. ## Varying behaviour by media type diff --git a/docs/api-guide/requests.md b/docs/api-guide/requests.md index 87425ed1..8713fa2a 100644 --- a/docs/api-guide/requests.md +++ b/docs/api-guide/requests.md @@ -1,4 +1,4 @@ - +source: request.py # Requests @@ -105,7 +105,7 @@ REST framework supports a few browser enhancements such as browser-based `PUT`, Browser-based `PUT`, `PATCH` and `DELETE` forms are transparently supported. -For more information see the [browser enhancements documentation]. +For more information see the [browser enhancements documentation]. ## .content_type @@ -115,7 +115,7 @@ You won't typically need to directly access the request's content type, as you'l If you do need to access the content type of the request you should use the `.content_type` property in preference to using `request.META.get('HTTP_CONTENT_TYPE')`, as it provides transparent support for browser-based non-form content. -For more information see the [browser enhancements documentation]. +For more information see the [browser enhancements documentation]. ## .stream @@ -125,7 +125,7 @@ You won't typically need to directly access the request's content, as you'll nor If you do need to access the raw content directly, you should use the `.stream` property in preference to using `request.content`, as it provides transparent support for browser-based non-form content. -For more information see the [browser enhancements documentation]. +For more information see the [browser enhancements documentation]. --- diff --git a/docs/api-guide/responses.md b/docs/api-guide/responses.md index 5a42aa92..97f31271 100644 --- a/docs/api-guide/responses.md +++ b/docs/api-guide/responses.md @@ -1,4 +1,4 @@ - +source: response.py # Responses @@ -90,6 +90,6 @@ The `Response` class extends `SimpleTemplateResponse`, and all the usual attribu As with any other `TemplateResponse`, this method is called to render the serialized data of the response into the final response content. When `.render()` is called, the response content will be set to the result of calling the `.render(data, accepted_media_type, renderer_context)` method on the `accepted_renderer` instance. You won't typically need to call `.render()` yourself, as it's handled by Django's standard response cycle. - + [cite]: https://docs.djangoproject.com/en/dev/ref/template-response/ [statuscodes]: status-codes.md diff --git a/docs/api-guide/reverse.md b/docs/api-guide/reverse.md index 383eca4c..71fb83f9 100644 --- a/docs/api-guide/reverse.md +++ b/docs/api-guide/reverse.md @@ -1,4 +1,4 @@ - +source: reverse.py # Returning URLs @@ -30,7 +30,7 @@ You should **include the request as a keyword argument** to the function, for ex from rest_framework.reverse import reverse from rest_framework.views import APIView from django.utils.timezone import now - + class APIRootView(APIView): def get(self, request): year = now().year diff --git a/docs/api-guide/routers.md b/docs/api-guide/routers.md index 61a476b8..080230fa 100644 --- a/docs/api-guide/routers.md +++ b/docs/api-guide/routers.md @@ -1,4 +1,4 @@ - +source: routers.py # Routers @@ -56,10 +56,10 @@ For example, given a method like this on the `UserViewSet` class: from myapp.permissions import IsAdminOrIsSelf from rest_framework.decorators import detail_route - + class UserViewSet(ModelViewSet): ... - + @detail_route(methods=['post'], permission_classes=[IsAdminOrIsSelf]) def set_password(self, request, pk=None): ... @@ -228,7 +228,7 @@ For another example of setting the `.routes` attribute, see the source code for ## Advanced custom routers -If you want to provide totally custom behavior, you can override `BaseRouter` and override the `get_urls(self)` method. The method should inspect the registered viewsets and return a list of URL patterns. The registered prefix, viewset and basename tuples may be inspected by accessing the `self.registry` attribute. +If you want to provide totally custom behavior, you can override `BaseRouter` and override the `get_urls(self)` method. The method should inspect the registered viewsets and return a list of URL patterns. The registered prefix, viewset and basename tuples may be inspected by accessing the `self.registry` attribute. You may also want to override the `get_default_base_name(self, viewset)` method, or else always explicitly set the `base_name` argument when registering your viewsets with the router. diff --git a/docs/api-guide/serializers.md b/docs/api-guide/serializers.md index eeeffa13..2d0ff79a 100644 --- a/docs/api-guide/serializers.md +++ b/docs/api-guide/serializers.md @@ -1,4 +1,4 @@ - +source: serializers.py # Serializers @@ -21,7 +21,7 @@ Let's start by creating a simple object we can use for example purposes: self.email = email self.content = content self.created = created or datetime.datetime.now() - + comment = Comment(email='leila@example.com', content='foo bar') We'll declare a serializer that we can use to serialize and deserialize `Comment` objects. @@ -45,7 +45,7 @@ Declaring a serializer looks very similar to declaring a form: instance.content = attrs.get('content', instance.content) instance.created = attrs.get('created', instance.created) return instance - return Comment(**attrs) + return Comment(**attrs) The first part of serializer class defines the fields that get serialized/deserialized. The `restore_object` method defines how fully fledged instances get created when deserializing data. @@ -83,8 +83,8 @@ If you need to customize the serialized value of a particular field, you can do These methods are essentially the reverse of `validate_` (see *Validation* below.) ## Deserializing objects - -Deserialization is similar. First we parse a stream into Python native datatypes... + +Deserialization is similar. First we parse a stream into Python native datatypes... from StringIO import StringIO from rest_framework.parsers import JSONParser @@ -174,7 +174,7 @@ To save the deserialized objects created by a serializer, call the `.save()` met The default behavior of the method is to simply call `.save()` on the deserialized object instance. You can override the default save behaviour by overriding the `.save_object(obj)` method on the serializer class. -The generic views provided by REST framework call the `.save()` method when updating or creating entities. +The generic views provided by REST framework call the `.save()` method when updating or creating entities. ## Dealing with nested objects @@ -288,12 +288,12 @@ By default the serializer class will use the `id` key on the incoming data to de slug = serializers.CharField(max_length=100) created = serializers.DateTimeField() ... # Various other fields - + def get_identity(self, data): """ This hook is required for bulk update. We need to override the default, to use the slug as the identity. - + Note that the data has not yet been validated at this point, so we need to deal gracefully with incorrect datatypes. """ @@ -361,7 +361,7 @@ The `depth` option should be set to an integer value that indicates the depth of If you want to customize the way the serialization is done (e.g. using `allow_add_remove`) you'll need to define the field yourself. -## Specifying which fields should be read-only +## Specifying which fields should be read-only You may wish to specify multiple fields as read-only. Instead of adding each field explicitly with the `read_only=True` attribute, you may use the `read_only_fields` Meta option, like so: @@ -371,9 +371,9 @@ You may wish to specify multiple fields as read-only. Instead of adding each fi fields = ('id', 'account_name', 'users', 'created') read_only_fields = ('account_name',) -Model fields which have `editable=False` set, and `AutoField` fields will be set to read-only by default, and do not need to be added to the `read_only_fields` option. +Model fields which have `editable=False` set, and `AutoField` fields will be set to read-only by default, and do not need to be added to the `read_only_fields` option. -## Specifying which fields should be write-only +## Specifying which fields should be write-only You may wish to specify multiple fields as write-only. Instead of adding each field explicitly with the `write_only=True` attribute, you may use the `write_only_fields` Meta option, like so: @@ -387,12 +387,12 @@ You may wish to specify multiple fields as write-only. Instead of adding each f """ Instantiate a new User instance. """ - assert instance is None, 'Cannot update users with CreateUserSerializer' + assert instance is None, 'Cannot update users with CreateUserSerializer' user = User(email=attrs['email'], username=attrs['username']) user.set_password(attrs['password']) return user - -## Specifying fields explicitly + +## Specifying fields explicitly You can add extra fields to a `ModelSerializer` or override the default fields by declaring fields on the class, just as you would for a `Serializer` class. @@ -524,10 +524,10 @@ For example, if you wanted to be able to set which fields should be used by a se def __init__(self, *args, **kwargs): # Don't pass the 'fields' arg up to the superclass fields = kwargs.pop('fields', None) - + # Instantiate the superclass normally super(DynamicFieldsModelSerializer, self).__init__(*args, **kwargs) - + if fields: # Drop any fields that are not specified in the `fields` argument. allowed = set(fields) @@ -550,7 +550,7 @@ This would then allow you to do the following: ## Customising the default fields -The `field_mapping` attribute is a dictionary that maps model classes to serializer classes. Overriding the attribute will let you set a different set of default serializer classes. +The `field_mapping` attribute is a dictionary that maps model classes to serializer classes. Overriding the attribute will let you set a different set of default serializer classes. For more advanced customization than simply changing the default serializer class you can override various `get__field` methods. Doing so will allow you to customize the arguments that each serializer field is initialized with. Each of these methods may either return a field or serializer instance, or `None`. diff --git a/docs/api-guide/settings.md b/docs/api-guide/settings.md index 96d715ea..0aa4b6a9 100644 --- a/docs/api-guide/settings.md +++ b/docs/api-guide/settings.md @@ -1,4 +1,4 @@ - +source: settings.py # Settings diff --git a/docs/api-guide/status-codes.md b/docs/api-guide/status-codes.md index 64c46434..d81e092c 100644 --- a/docs/api-guide/status-codes.md +++ b/docs/api-guide/status-codes.md @@ -1,4 +1,4 @@ - +source: status.py # Status Codes @@ -27,7 +27,7 @@ The module also includes a set of helper functions for testing if a status code url = reverse('index') response = self.client.get(url) self.assertTrue(status.is_success(response.status_code)) - + For more information on proper usage of HTTP status codes see [RFC 2616][rfc2616] and [RFC 6585][rfc6585]. @@ -51,7 +51,7 @@ This class of status code indicates that the client's request was successfully r HTTP_205_RESET_CONTENT HTTP_206_PARTIAL_CONTENT -## Redirection - 3xx +## Redirection - 3xx This class of status code indicates that further action needs to be taken by the user agent in order to fulfill the request. diff --git a/docs/api-guide/testing.md b/docs/api-guide/testing.md index 72c33961..d059fdab 100644 --- a/docs/api-guide/testing.md +++ b/docs/api-guide/testing.md @@ -1,4 +1,4 @@ - +source: test.py # Testing @@ -170,7 +170,7 @@ This can be a useful shortcut if you're testing the API but don't want to have t To unauthenticate subsequent requests, call `force_authenticate` setting the user and/or token to `None`. - client.force_authenticate(user=None) + client.force_authenticate(user=None) ## CSRF validation @@ -197,7 +197,7 @@ You can use any of REST framework's test case classes as you would for the regul from django.core.urlresolvers import reverse from rest_framework import status - from rest_framework.test import APITestCase + from rest_framework.test import APITestCase class AccountTests(APITestCase): def test_create_account(self): diff --git a/docs/api-guide/throttling.md b/docs/api-guide/throttling.md index 147c16ff..3f668867 100644 --- a/docs/api-guide/throttling.md +++ b/docs/api-guide/throttling.md @@ -1,4 +1,4 @@ - +source: throttling.py # Throttling @@ -83,7 +83,7 @@ The throttle classes provided by REST framework use Django's cache backend. You If you need to use a cache other than `'default'`, you can do so by creating a custom throttle class and setting the `cache` attribute. For example: class CustomAnonRateThrottle(AnonRateThrottle): - cache = get_cache('alternate') + cache = get_cache('alternate') You'll need to remember to also set your custom throttle class in the `'DEFAULT_THROTTLE_CLASSES'` settings key, or using the `throttle_classes` view attribute. @@ -147,15 +147,15 @@ For example, given the following views... class ContactListView(APIView): throttle_scope = 'contacts' ... - + class ContactDetailView(ApiView): throttle_scope = 'contacts' ... - class UploadView(APIView): + class UploadView(APIView): throttle_scope = 'uploads' ... - + ...and the following settings. REST_FRAMEWORK = { diff --git a/docs/api-guide/views.md b/docs/api-guide/views.md index 194a7a6b..31c62682 100644 --- a/docs/api-guide/views.md +++ b/docs/api-guide/views.md @@ -1,4 +1,5 @@ - +source: decorators.py + views.py # Class Based Views @@ -26,7 +27,7 @@ For example: class ListUsers(APIView): """ View to list all users in the system. - + * Requires token authentication. * Only admin users are able to access this view. """ @@ -54,7 +55,7 @@ The following attributes control the pluggable aspects of API views. ### .permission_classes -### .content_negotiation_class +### .content_negotiation_class ## API policy instantiation methods diff --git a/docs/api-guide/viewsets.md b/docs/api-guide/viewsets.md index 9030e3ee..9249d875 100644 --- a/docs/api-guide/viewsets.md +++ b/docs/api-guide/viewsets.md @@ -1,4 +1,4 @@ - +source: viewsets.py # ViewSets diff --git a/docs/theme/content.html b/docs/theme/content.html new file mode 100644 index 00000000..93a437ff --- /dev/null +++ b/docs/theme/content.html @@ -0,0 +1,11 @@ +{% if meta.source %} + + {% for filename in meta.source %} + + {{ filename }} + + {% endfor %} + +{% endif %} + +{{ content }} -- cgit v1.2.3 From 361827350a8bd4efb4d6a09bcb29c0185a5454ed Mon Sep 17 00:00:00 2001 From: José Padilla Date: Fri, 31 Oct 2014 10:25:19 -0400 Subject: Move content template into base.html --- docs/theme/content.html | 11 ----------- 1 file changed, 11 deletions(-) delete mode 100644 docs/theme/content.html (limited to 'docs') diff --git a/docs/theme/content.html b/docs/theme/content.html deleted file mode 100644 index 93a437ff..00000000 --- a/docs/theme/content.html +++ /dev/null @@ -1,11 +0,0 @@ -{% if meta.source %} - - {% for filename in meta.source %} - - {{ filename }} - - {% endfor %} - -{% endif %} - -{{ content }} -- cgit v1.2.3 From 200e0b17daecd07de6d1f9926a430d29b3ee948f Mon Sep 17 00:00:00 2001 From: José Padilla Date: Fri, 31 Oct 2014 13:03:39 -0400 Subject: Clean up extra white space --- docs/topics/2.2-announcement.md | 8 ++++---- docs/topics/2.3-announcement.md | 8 ++++---- docs/topics/documenting-your-api.md | 8 ++++---- docs/topics/kickstarter-announcement.md | 2 +- docs/topics/release-notes.md | 2 +- docs/topics/rest-framework-2-announcement.md | 4 ++-- docs/topics/writable-nested-serializers.md | 10 +++++----- docs/tutorial/1-serialization.md | 2 +- 8 files changed, 22 insertions(+), 22 deletions(-) (limited to 'docs') diff --git a/docs/topics/2.2-announcement.md b/docs/topics/2.2-announcement.md index a997c782..1df52cff 100644 --- a/docs/topics/2.2-announcement.md +++ b/docs/topics/2.2-announcement.md @@ -42,7 +42,7 @@ The 2.2 release makes a few changes to the API, in order to make it more consist The `ManyRelatedField()` style is being deprecated in favor of a new `RelatedField(many=True)` syntax. -For example, if a user is associated with multiple questions, which we want to represent using a primary key relationship, we might use something like the following: +For example, if a user is associated with multiple questions, which we want to represent using a primary key relationship, we might use something like the following: class UserSerializer(serializers.HyperlinkedModelSerializer): questions = serializers.PrimaryKeyRelatedField(many=True) @@ -58,10 +58,10 @@ The change also applies to serializers. If you have a nested serializer, you sh class Meta: model = Track fields = ('name', 'duration') - + class AlbumSerializer(serializer.ModelSerializer): tracks = TrackSerializer(many=True) - + class Meta: model = Album fields = ('album_name', 'artist', 'tracks') @@ -87,7 +87,7 @@ For example, is a user account has an optional foreign key to a company, that yo This is in line both with the rest of the serializer fields API, and with Django's `Form` and `ModelForm` API. -Using `required` throughout the serializers API means you won't need to consider if a particular field should take `blank` or `null` arguments instead of `required`, and also means there will be more consistent behavior for how fields are treated when they are not present in the incoming data. +Using `required` throughout the serializers API means you won't need to consider if a particular field should take `blank` or `null` arguments instead of `required`, and also means there will be more consistent behavior for how fields are treated when they are not present in the incoming data. The `null=True` argument will continue to function, and will imply `required=False`, but will raise a `PendingDeprecationWarning`. diff --git a/docs/topics/2.3-announcement.md b/docs/topics/2.3-announcement.md index 7c800afa..9c9f3e9f 100644 --- a/docs/topics/2.3-announcement.md +++ b/docs/topics/2.3-announcement.md @@ -27,7 +27,7 @@ As an example of just how simple REST framework APIs can now be, here's an API w class GroupViewSet(viewsets.ModelViewSet): model = Group - + # Routers provide an easy way of automatically determining the URL conf router = routers.DefaultRouter() router.register(r'users', UserViewSet) @@ -197,13 +197,13 @@ Usage of the old-style attributes continues to be supported, but will raise a `P For most cases APIs using model fields will behave as previously, however if you are using a custom renderer, not provided by REST framework, then you may now need to add support for rendering `Decimal` instances to your renderer implementation. -## ModelSerializers and reverse relationships +## ModelSerializers and reverse relationships The support for adding reverse relationships to the `fields` option on a `ModelSerializer` class means that the `get_related_field` and `get_nested_field` method signatures have now changed. In the unlikely event that you're providing a custom serializer class, and implementing these methods you should note the new call signature for both methods is now `(self, model_field, related_model, to_many)`. For reverse relationships `model_field` will be `None`. -The old-style signature will continue to function but will raise a `PendingDeprecationWarning`. +The old-style signature will continue to function but will raise a `PendingDeprecationWarning`. ## View names and descriptions @@ -211,7 +211,7 @@ The mechanics of how the names and descriptions used in the browseable API are g If you've been customizing this behavior, for example perhaps to use `rst` markup for the browseable API, then you'll need to take a look at the implementation to see what updates you need to make. -Note that the relevant methods have always been private APIs, and the docstrings called them out as intended to be deprecated. +Note that the relevant methods have always been private APIs, and the docstrings called them out as intended to be deprecated. --- diff --git a/docs/topics/documenting-your-api.md b/docs/topics/documenting-your-api.md index e20f9712..d65e251f 100644 --- a/docs/topics/documenting-your-api.md +++ b/docs/topics/documenting-your-api.md @@ -54,7 +54,7 @@ The title that is used in the browsable API is generated from the view class nam For example, the view `UserListView`, will be named `User List` when presented in the browsable API. -When working with viewsets, an appropriate suffix is appended to each generated view. For example, the view set `UserViewSet` will generate views named `User List` and `User Instance`. +When working with viewsets, an appropriate suffix is appended to each generated view. For example, the view set `UserViewSet` will generate views named `User List` and `User Instance`. #### Setting the description @@ -65,9 +65,9 @@ If the python `markdown` library is installed, then [markdown syntax][markdown] class AccountListView(views.APIView): """ Returns a list of all **active** accounts in the system. - + For more details on how accounts are activated please [see here][ref]. - + [ref]: http://example.com/activating-accounts """ @@ -84,7 +84,7 @@ You can modify the response behavior to `OPTIONS` requests by overriding the `me def metadata(self, request): """ Don't include the view description in OPTIONS responses. - """ + """ data = super(ExampleView, self).metadata(request) data.pop('description') return data diff --git a/docs/topics/kickstarter-announcement.md b/docs/topics/kickstarter-announcement.md index 7d1f6d0e..e8bad95b 100644 --- a/docs/topics/kickstarter-announcement.md +++ b/docs/topics/kickstarter-announcement.md @@ -160,4 +160,4 @@ The following individuals made a significant financial contribution to the devel ### Supporters -There were also almost 300 further individuals choosing to help fund the project at other levels or choosing to give anonymously. Again, thank you, thank you, thank you! \ No newline at end of file +There were also almost 300 further individuals choosing to help fund the project at other levels or choosing to give anonymously. Again, thank you, thank you, thank you! diff --git a/docs/topics/release-notes.md b/docs/topics/release-notes.md index 88780c3f..9fca949a 100644 --- a/docs/topics/release-notes.md +++ b/docs/topics/release-notes.md @@ -63,7 +63,7 @@ You can determine your currently installed version using `pip freeze`: * Bugfix: Fix migration in `authtoken` application. * Bugfix: Allow selection of integer keys in nested choices. * Bugfix: Return `None` instead of `'None'` in `CharField` with `allow_none=True`. -* Bugfix: Ensure custom model fields map to equivelent serializer fields more reliably. +* Bugfix: Ensure custom model fields map to equivelent serializer fields more reliably. * Bugfix: `DjangoFilterBackend` no longer quietly changes queryset ordering. ### 2.4.2 diff --git a/docs/topics/rest-framework-2-announcement.md b/docs/topics/rest-framework-2-announcement.md index f1060d90..a7746932 100644 --- a/docs/topics/rest-framework-2-announcement.md +++ b/docs/topics/rest-framework-2-announcement.md @@ -8,7 +8,7 @@ What it is, and why you should care. --- -**Announcement:** REST framework 2 released - Tue 30th Oct 2012 +**Announcement:** REST framework 2 released - Tue 30th Oct 2012 --- @@ -37,7 +37,7 @@ REST framework 2 includes a totally re-worked serialization engine, that was ini * A declarative serialization API, that mirrors Django's `Forms`/`ModelForms` API. * Structural concerns are decoupled from encoding concerns. * Able to support rendering and parsing to many formats, including both machine-readable representations and HTML forms. -* Validation that can be mapped to obvious and comprehensive error responses. +* Validation that can be mapped to obvious and comprehensive error responses. * Serializers that support both nested, flat, and partially-nested representations. * Relationships that can be expressed as primary keys, hyperlinks, slug fields, and other custom representations. diff --git a/docs/topics/writable-nested-serializers.md b/docs/topics/writable-nested-serializers.md index abc6a82f..ed614bd2 100644 --- a/docs/topics/writable-nested-serializers.md +++ b/docs/topics/writable-nested-serializers.md @@ -8,7 +8,7 @@ Although flat data structures serve to properly delineate between the individual Nested data structures are easy enough to work with if they're read-only - simply nest your serializer classes and you're good to go. However, there are a few more subtleties to using writable nested serializers, due to the dependencies between the various model instances, and the need to save or delete multiple instances in a single action. -## One-to-many data structures +## One-to-many data structures *Example of a **read-only** nested serializer. Nothing complex to worry about here.* @@ -16,10 +16,10 @@ Nested data structures are easy enough to work with if they're read-only - simpl class Meta: model = ToDoItem fields = ('text', 'is_completed') - + class ToDoListSerializer(serializers.ModelSerializer): items = ToDoItemSerializer(many=True, read_only=True) - + class Meta: model = ToDoList fields = ('title', 'items') @@ -31,7 +31,7 @@ Some example output from our serializer. 'items': { {'text': 'Compile playlist', 'is_completed': True}, {'text': 'Send invites', 'is_completed': False}, - {'text': 'Clean house', 'is_completed': False} + {'text': 'Clean house', 'is_completed': False} } } @@ -44,4 +44,4 @@ Let's take a look at updating our nested one-to-many data structure. ### Making PATCH requests -[cite]: http://jsonapi.org/format/#url-based-json-api \ No newline at end of file +[cite]: http://jsonapi.org/format/#url-based-json-api diff --git a/docs/tutorial/1-serialization.md b/docs/tutorial/1-serialization.md index db5b9ea7..f9027b68 100644 --- a/docs/tutorial/1-serialization.md +++ b/docs/tutorial/1-serialization.md @@ -134,7 +134,7 @@ A serializer class is very similar to a Django `Form` class, and includes simila The field flags can also control how the serializer should be displayed in certain circumstances, such as when rendering to HTML. The `style={'type': 'textarea'}` flag above is equivelent to using `widget=widgets.Textarea` on a Django `Form` class. This is particularly useful for controlling how the browsable API should be displayed, as we'll see later in the tutorial. -We can actually also save ourselves some time by using the `ModelSerializer` class, as we'll see later, but for now we'll keep our serializer definition explicit. +We can actually also save ourselves some time by using the `ModelSerializer` class, as we'll see later, but for now we'll keep our serializer definition explicit. ## Working with Serializers -- cgit v1.2.3 From a0c12bf7c5cf96fbbdf0a0eb12702a093ccd3a51 Mon Sep 17 00:00:00 2001 From: Dougal Matthews Date: Wed, 19 Nov 2014 16:22:23 +0000 Subject: Change the background of the selected page on the dropdown --- docs/css/default.css | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) (limited to 'docs') diff --git a/docs/css/default.css b/docs/css/default.css index 7f3acfed..8c9cd536 100644 --- a/docs/css/default.css +++ b/docs/css/default.css @@ -181,7 +181,7 @@ body{ } .navbar .navbar-inner .nav li, .navbar .navbar-inner .nav li a, .navbar .navbar-inner .brand{ - color: white; + color: white; } .nav-list > .active > a, .navbar .navbar-inner .nav li a:hover { @@ -190,8 +190,20 @@ body{ } .navbar .navbar-inner .dropdown-menu li a, .navbar .navbar-inner .dropdown-menu li{ - color: #A30000; + color: #A30000; +} + +.dropdown-menu .active > a, +.dropdown-menu .active > a:hover { + background-image: none; } + +.navbar-inverse .nav .dropdown .active > a, +.navbar-inverse .nav .dropdown .active > a:hover, +.navbar-inverse .nav .dropdown .active > a:focus { + background-color: #eeeeee; +} + .navbar .navbar-inner .dropdown-menu li a:hover{ background: #eeeeee; color: #c20000; -- cgit v1.2.3 From 673f48242f34ee6b7ba91ab4cf8a67f1bb26a272 Mon Sep 17 00:00:00 2001 From: Dougal Matthews Date: Tue, 25 Nov 2014 13:11:30 +0000 Subject: Remove commented out title --- docs/index.md | 3 --- 1 file changed, 3 deletions(-) (limited to 'docs') diff --git a/docs/index.md b/docs/index.md index 6288efa3..ca10befe 100644 --- a/docs/index.md +++ b/docs/index.md @@ -26,9 +26,6 @@ Django REST Framework

    - Django REST framework is a powerful and flexible toolkit that makes it easy to build Web APIs. -- cgit v1.2.3 From 38fe2c9dad89e58c97aad26fa16d91dddf377ddd Mon Sep 17 00:00:00 2001 From: José Padilla Date: Tue, 25 Nov 2014 09:36:57 -0400 Subject: Document writing third party packages Add the following sections: - “About Third Party Packages” - “How to create a Third Party Package” - “Existing Third Party Packages” Resolve #2043--- docs/topics/third-party-resources.md | 332 +++++++++++++++++++++++++++++------ 1 file changed, 281 insertions(+), 51 deletions(-) (limited to 'docs') diff --git a/docs/topics/third-party-resources.md b/docs/topics/third-party-resources.md index 0317dd64..d6a4346e 100644 --- a/docs/topics/third-party-resources.md +++ b/docs/topics/third-party-resources.md @@ -1,92 +1,322 @@ # Third Party Resources -Django REST Framework has a growing community of developers, packages, and resources. +## About Third Party Packages + +Third Party Packages allow developers to share code that extends the functionality of Django REST framework, in order to support additional use-cases. + +We **support**, **encourage** and **strongly favour** the creation of Third Party Packages to encapsulate new behaviour rather than adding additional functionality directly to Django REST Framework. + +We aim to make creating Third Party Packages as easy as possible, whilst keeping the **simplicity** of the core API and ensuring that **maintainance** of the main project remains under control. If a Third Party Package proves popular it is relatively easy to move it into the main project; removing features is much more problematic. + +If you have an idea for a new feature please consider how it may be packaged as a Third Party Package. We're always happy to dicuss ideas on the [Mailing List][discussion-group]. + +## How to create a Third Party Package + +### Creating your package + +You can use [this cookiecutter template][cookiecutter] for creating reusable Django REST Framework packages quickly. Cookiecutter creates projects from project templates. While optional, this cookiecutter template includes best practices from Django REST framework and other packages, as well as a Travis CI configuration, Tox configuration, and a sane setup.py for easy PyPI registration/distribution. + +Note: Let us know if you have an alternate cookiecuter package so we can also link to it. + +#### Running the initial cookiecutter command + +To run the initial cookiecutter command, you'll first need to install the Python `cookiecutter` package. + + $ pip install cookiecutter + +Once `cookiecutter` is installed just run the following to create a new project. + + $ cookiecutter gh:jpadilla/cookiecutter-django-rest-framework + +You'll be prompted for some questions, answer them, then it'll create your Python package in the current working directory based on those values. + + full_name (default is "Your full name here")? Johnny Appleseed + email (default is "you@example.com")? jappleseed@example.com + github_username (default is "yourname")? jappleseed + pypi_project_name (default is "dj-package")? djangorestframework-custom-auth + repo_name (default is "dj-package")? django-rest-framework-custom-auth + app_name (default is "djpackage")? custom_auth + project_short_description (default is "Your project description goes here")? + year (default is "2014")? + version (default is "0.1.0")? + +#### Getting it onto GitHub + +To put your project up on GitHub, you'll need a repository for it to live in. You can create a new repository [here][new-repo]. If you need help, check out the [Create A Repo][create-a-repo] article on GitHub. + + +#### Adding to Travis CI + +We recommend using [Travis CI][travis-ci], a hosted continuous integration service which integrates well with GitHub and is free for public repositories. + +To get started with Travis CI, [sign in][travis-ci] with your GitHub account. Once you're signed in, go to your [profile page][travis-profile] and enable the service hook for the repository you want. + +If you use the cookiecutter template, your project will already contain a `.travis.yml` file which Travis CI will use to build your project and run tests. By default, builds are triggered everytime you push to your repository or create Pull Request. + +#### Uploading to PyPI + +Once you've got at least a prototype working and tests running, you should publish it on PyPI to allow others to install it via `pip`. + +You must [register][pypi-register] an account before publishing to PyPI. + +To register your package on PyPI run the following command. + + $ python setup.py register + +If this is the first time publishing to PyPI, you'll be prompted to login. + +Note: Before publishing you'll need to make sure you have the latest pip that supports `wheel` as well as install the `wheel` package. + + $ pip install --upgrade pip + $ pip install wheel + +After this, every time you want to release a new version on PyPI just run the following command. + + $ python setup.py publish + You probably want to also tag the version now: + git tag -a {0} -m 'version 0.1.0' + git push --tags + +After releasing a new version to PyPI, it's always a good idea to tag the version and make available as a GitHub Release. + +We recommend to follow [Semantic Versioning][semver] for your package's versions. + +### Development + +#### Version requirements + +The cookiecutter template assumes a set of supported versions will be provided for Python and Django. Make sure you correctly update your requirements, docs, `tox.ini`, `.travis.yml`, and `setup.py` to match the set of versions you wish to support. + +#### Tests + +The cookiecutter template includes a `runtests.py` which uses the `pytest` package as a test runner. + +Before running, you'll need to install a couple test requirements. + + $ pip install -r requirements-test.txt -Check out a grid detailing all the packages and ecosystem around Django REST Framework at [Django Packages](https://www.djangopackages.com/grids/g/django-rest-framework/). +Once requirements installed, you can run `runtests.py`. -To submit new content, [open an issue](https://github.com/tomchristie/django-rest-framework/issues/new) or [create a pull request](https://github.com/tomchristie/django-rest-framework/). + $ ./runtests.py -## Libraries and Extensions +Run using a more concise output style. + + $ ./runtests.py -q + +Run the tests using a more concise output style, no coverage, no flake8. + + $ ./runtests.py --fast + +Don't run the flake8 code linting. + + $ ./runtests.py --nolint + +Only run the flake8 code linting, don't run the tests. + + $ ./runtests.py --lintonly + +Run the tests for a given test case. + + $ ./runtests.py MyTestCase + +Run the tests for a given test method. + + $ ./runtests.py MyTestCase.test_this_method + +Shorter form to run the tests for a given test method. + + $ ./runtests.py test_this_method + +To run your tests against multiple versions of Python as different versions of requirements such as Django we recommend using `tox`. [Tox][tox-docs] is a generic virtualenv management and test command line tool. + +First, install `tox` globally. + + $ pip install tox + +To run `tox`, just simply run: + + $ tox + +To run a particular `tox` environment: + + $ tox -e envlist + +`envlist` is a comma-separated value to that specifies the environments to run tests against. To view a list of all possible test environments, run: + + $ tox -l + +#### Version compatibility + +Sometimes, in order to ensure your code works on various different versions of Django, Python or third party libraries, you'll need to run slightly different code depending on the environment. Any code that branches in this way should be isolated into a `compat.py` module, and should provide a single common interface that the rest of the codebase can use. + +Check out Django REST framework's [compat.py][drf-compat] for an example. + +### Once your package is available + +Once your package is decently documented and available on PyPI, you might want share it with others that might find it useful. + +#### Adding to the Django REST framework grid + +We suggest adding your package to the [REST Framework][rest-framework-grid] grid on Django Packages. + +#### Adding to the Django REST framework docs + +Create a [Pull Request][drf-create-pr] or [Issue][drf-create-issue] on GitHub, and we'll add a link to it from the main REST framework documentation. You can add your package under **Third party packages** of the API Guide section that best applies, like [Authentication][authentication] or [Permissions][permissions]. You can also link your package under the [Third Party Resources][third-party-resources] section. + +#### Announce on the discussion group. + +You can also let others know about your package through the [discussion group][discussion-group]. + +## Existing Third Party Packages + +Django REST Framework has a growing community of developers, packages, and resources. + +Check out a grid detailing all the packages and ecosystem around Django REST Framework at [Django Packages][rest-framework-grid]. + +To submit new content, [open an issue][drf-create-issue] or [create a pull request][drf-create-pr]. ### Authentication -* [djangorestframework-digestauth](https://github.com/juanriaza/django-rest-framework-digestauth) - Provides Digest Access Authentication support. -* [django-oauth-toolkit](https://github.com/evonove/django-oauth-toolkit) - Provides OAuth 2.0 support. -* [doac](https://github.com/Rediker-Software/doac) - Provides OAuth 2.0 support. -* [djangorestframework-jwt](https://github.com/GetBlimp/django-rest-framework-jwt) - Provides JSON Web Token Authentication support. -* [hawkrest](https://github.com/kumar303/hawkrest) - Provides Hawk HTTP Authorization. -* [djangorestframework-httpsignature](https://github.com/etoccalino/django-rest-framework-httpsignature) - Provides an easy to use HTTP Signature Authentication mechanism. -* [djoser](https://github.com/sunscrapers/djoser) - Provides a set of views to handle basic actions such as registration, login, logout, password reset and account activation. +* [djangorestframework-digestauth][djangorestframework-digestauth] - Provides Digest Access Authentication support. +* [django-oauth-toolkit][django-oauth-toolkit] - Provides OAuth 2.0 support. +* [doac][doac] - Provides OAuth 2.0 support. +* [djangorestframework-jwt][djangorestframework-jwt] - Provides JSON Web Token Authentication support. +* [hawkrest][hawkrest] - Provides Hawk HTTP Authorization. +* [djangorestframework-httpsignature][djangorestframework-httpsignature] - Provides an easy to use HTTP Signature Authentication mechanism. +* [djoser][djoser] - Provides a set of views to handle basic actions such as registration, login, logout, password reset and account activation. ### Permissions -* [drf-any-permissions](https://github.com/kevin-brown/drf-any-permissions) - Provides alternative permission handling. -* [djangorestframework-composed-permissions](https://github.com/niwibe/djangorestframework-composed-permissions) - Provides a simple way to define complex permissions. -* [rest_condition](https://github.com/caxap/rest_condition) - Another extension for building complex permissions in a simple and convenient way. +* [drf-any-permissions][drf-any-permissions] - Provides alternative permission handling. +* [djangorestframework-composed-permissions][djangorestframework-composed-permissions] - Provides a simple way to define complex permissions. +* [rest_condition][rest-condition] - Another extension for building complex permissions in a simple and convenient way. ### Serializers -* [django-rest-framework-mongoengine](https://github.com/umutbozkurt/django-rest-framework-mongoengine) - Serializer class that supports using MongoDB as the storage layer for Django REST framework. -* [djangorestframework-gis](https://github.com/djangonauts/django-rest-framework-gis) - Geographic add-ons -* [djangorestframework-hstore](https://github.com/djangonauts/django-rest-framework-hstore) - Serializer class to support django-hstore DictionaryField model field and its schema-mode feature. +* [django-rest-framework-mongoengine][django-rest-framework-mongoengine] - Serializer class that supports using MongoDB as the storage layer for Django REST framework. +* [djangorestframework-gis][djangorestframework-gis] - Geographic add-ons +* [djangorestframework-hstore][djangorestframework-hstore] - Serializer class to support django-hstore DictionaryField model field and its schema-mode feature. ### Serializer fields -* [drf-compound-fields](https://github.com/estebistec/drf-compound-fields) - Provides "compound" serializer fields, such as lists of simple values. -* [django-extra-fields](https://github.com/Hipo/drf-extra-fields) - Provides extra serializer fields. +* [drf-compound-fields][drf-compound-fields] - Provides "compound" serializer fields, such as lists of simple values. +* [django-extra-fields][django-extra-fields] - Provides extra serializer fields. ### Views -* [djangorestframework-bulk](https://github.com/miki725/django-rest-framework-bulk) - Implements generic view mixins as well as some common concrete generic views to allow to apply bulk operations via API requests. +* [djangorestframework-bulk][djangorestframework-bulk] - Implements generic view mixins as well as some common concrete generic views to allow to apply bulk operations via API requests. ### Routers -* [drf-nested-routers](https://github.com/alanjds/drf-nested-routers) - Provides routers and relationship fields for working with nested resources. -* [wq.db.rest](http://wq.io/docs/about-rest) - Provides an admin-style model registration API with reasonable default URLs and viewsets. +* [drf-nested-routers][drf-nested-routers] - Provides routers and relationship fields for working with nested resources. +* [wq.db.rest][wq.db.rest] - Provides an admin-style model registration API with reasonable default URLs and viewsets. ### Parsers -* [djangorestframework-msgpack](https://github.com/juanriaza/django-rest-framework-msgpack) - Provides MessagePack renderer and parser support. -* [djangorestframework-camel-case](https://github.com/vbabiy/djangorestframework-camel-case) - Provides camel case JSON renderers and parsers. +* [djangorestframework-msgpack][djangorestframework-msgpack] - Provides MessagePack renderer and parser support. +* [djangorestframework-camel-case][djangorestframework-camel-case] - Provides camel case JSON renderers and parsers. ### Renderers -* [djangorestframework-csv](https://github.com/mjumbewu/django-rest-framework-csv) - Provides CSV renderer support. -* [drf_ujson](https://github.com/gizmag/drf-ujson-renderer) - Implements JSON rendering using the UJSON package. -* [Django REST Pandas](https://github.com/wq/django-rest-pandas) - Pandas DataFrame-powered renderers including Excel, CSV, and SVG formats. +* [djangorestframework-csv][djangorestframework-csv] - Provides CSV renderer support. +* [drf_ujson][drf_ujson] - Implements JSON rendering using the UJSON package. +* [rest-pandas][rest-pandas] - Pandas DataFrame-powered renderers including Excel, CSV, and SVG formats. ### Filtering -* [djangorestframework-chain](https://github.com/philipn/django-rest-framework-chain) - Allows arbitrary chaining of both relations and lookup filters. +* [djangorestframework-chain][djangorestframework-chain] - Allows arbitrary chaining of both relations and lookup filters. ### Misc -* [djangorestrelationalhyperlink](https://github.com/fredkingham/django_rest_model_hyperlink_serializers_project) - A hyperlinked serialiser that can can be used to alter relationships via hyperlinks, but otherwise like a hyperlink model serializer. -* [django-rest-swagger](https://github.com/marcgibbons/django-rest-swagger) - An API documentation generator for Swagger UI. -* [django-rest-framework-proxy ](https://github.com/eofs/django-rest-framework-proxy) - Proxy to redirect incoming request to another API server. -* [gaiarestframework](https://github.com/AppsFuel/gaiarestframework) - Utils for django-rest-framewok -* [drf-extensions](https://github.com/chibisov/drf-extensions) - A collection of custom extensions -* [ember-data-django-rest-adapter](https://github.com/toranb/ember-data-django-rest-adapter) - An ember-data adapter +* [djangorestrelationalhyperlink][djangorestrelationalhyperlink] - A hyperlinked serialiser that can can be used to alter relationships via hyperlinks, but otherwise like a hyperlink model serializer. +* [django-rest-swagger][django-rest-swagger] - An API documentation generator for Swagger UI. +* [django-rest-framework-proxy][django-rest-framework-proxy] - Proxy to redirect incoming request to another API server. +* [gaiarestframework][gaiarestframework] - Utils for django-rest-framewok +* [drf-extensions][drf-extensions] - A collection of custom extensions +* [ember-data-django-rest-adapter][ember-data-django-rest-adapter] - An ember-data adapter + +## Other Resources + +### Tutorials + +* [Beginner's Guide to the Django Rest Framework][beginners-guide-to-the-django-rest-framework] +* [Getting Started with Django Rest Framework and AngularJS][getting-started-with-django-rest-framework-and-angularjs] +* [End to end web app with Django-Rest-Framework & AngularJS][end-to-end-web-app-with-django-rest-framework-angularjs] +* [Start Your API - django-rest-framework part 1][start-your-api-django-rest-framework-part-1] +* [Permissions & Authentication - django-rest-framework part 2][permissions-authentication-django-rest-framework-part-2] +* [ViewSets and Routers - django-rest-framework part 3][viewsets-and-routers-django-rest-framework-part-3] +* [Django Rest Framework User Endpoint][django-rest-framework-user-endpoint] +* [Check credentials using Django Rest Framework][check-credentials-using-django-rest-framework] -## Tutorials +### Videos -* [Beginner's Guide to the Django Rest Framework](http://code.tutsplus.com/tutorials/beginners-guide-to-the-django-rest-framework--cms-19786) -* [Getting Started with Django Rest Framework and AngularJS](http://blog.kevinastone.com/getting-started-with-django-rest-framework-and-angularjs.html) -* [End to end web app with Django-Rest-Framework & AngularJS](http://blog.mourafiq.com/post/55034504632/end-to-end-web-app-with-django-rest-framework) -* [Start Your API - django-rest-framework part 1](https://godjango.com/41-start-your-api-django-rest-framework-part-1/) -* [Permissions & Authentication - django-rest-framework part 2](https://godjango.com/43-permissions-authentication-django-rest-framework-part-2/) -* [ViewSets and Routers - django-rest-framework part 3](https://godjango.com/45-viewsets-and-routers-django-rest-framework-part-3/) -* [Django Rest Framework User Endpoint](http://richardtier.com/2014/02/25/django-rest-framework-user-endpoint/) -* [Check credentials using Django Rest Framework](http://richardtier.com/2014/03/06/110/) +* [Ember and Django Part 1 (Video)][ember-and-django-part 1-video] +* [Django Rest Framework Part 1 (Video)][django-rest-framework-part-1-video] +* [Pyowa July 2013 - Django Rest Framework (Video)][pyowa-july-2013-django-rest-framework-video] +* [django-rest-framework and angularjs (Video)][django-rest-framework-and-angularjs-video] -## Videos +### Articles -* [Ember and Django Part 1 (Video)](http://www.neckbeardrepublic.com/screencasts/ember-and-django-part-1) -* [Django Rest Framework Part 1 (Video)](http://www.neckbeardrepublic.com/screencasts/django-rest-framework-part-1) -* [Pyowa July 2013 - Django Rest Framework (Video)](http://www.youtube.com/watch?v=E1ZrehVxpBo) -* [django-rest-framework and angularjs (Video)](http://www.youtube.com/watch?v=Q8FRBGTJ020) +* [Web API performance: profiling Django REST framework][web-api-performance-profiling-django-rest-framework] +* [API Development with Django and Django REST Framework][api-development-with-django-and-django-rest-framework] -## Articles -* [Web API performance: profiling Django REST framework](http://dabapps.com/blog/api-performance-profiling-django-rest-framework/) -* [API Development with Django and Django REST Framework](https://bnotions.com/api-development-with-django-and-django-rest-framework/) +[cookiecutter]: https://github.com/jpadilla/cookiecutter-django-rest-framework +[new-repo]: https://github.com/new +[create-a-repo]: https://help.github.com/articles/create-a-repo/ +[travis-ci]: https://travis-ci.org +[travis-profile]: https://travis-ci.org/profile +[pypi-register]: https://pypi.python.org/pypi?%3Aaction=register_form +[semver]: http://semver.org/ +[tox-docs]: https://tox.readthedocs.org/en/latest/ +[drf-compat]: https://github.com/tomchristie/django-rest-framework/blob/master/rest_framework/compat.py +[rest-framework-grid]: https://www.djangopackages.com/grids/g/django-rest-framework/ +[drf-create-pr]: https://github.com/tomchristie/django-rest-framework/compare +[drf-create-issue]: https://github.com/tomchristie/django-rest-framework/issues/new +[authentication]: ../api-guide/authentication.md +[permissions]: ../api-guide/permissions.md +[discussion-group]: https://groups.google.com/forum/#!forum/django-rest-framework +[djangorestframework-digestauth]: https://github.com/juanriaza/django-rest-framework-digestauth +[django-oauth-toolkit]: https://github.com/evonove/django-oauth-toolkit +[doac]: https://github.com/Rediker-Software/doac +[djangorestframework-jwt]: https://github.com/GetBlimp/django-rest-framework-jwt +[hawkrest]: https://github.com/kumar303/hawkrest +[djangorestframework-httpsignature]: https://github.com/etoccalino/django-rest-framework-httpsignature +[djoser]: https://github.com/sunscrapers/djoser +[drf-any-permissions]: https://github.com/kevin-brown/drf-any-permissions +[djangorestframework-composed-permissions]: https://github.com/niwibe/djangorestframework-composed-permissions +[rest-condition]: https://github.com/caxap/rest_condition +[django-rest-framework-mongoengine]: https://github.com/umutbozkurt/django-rest-framework-mongoengine +[djangorestframework-gis]: https://github.com/djangonauts/django-rest-framework-gis +[djangorestframework-hstore]: https://github.com/djangonauts/django-rest-framework-hstore +[drf-compound-fields]: https://github.com/estebistec/drf-compound-fields +[django-extra-fields]: https://github.com/Hipo/drf-extra-fields +[djangorestframework-bulk]: https://github.com/miki725/django-rest-framework-bulk +[drf-nested-routers]: https://github.com/alanjds/drf-nested-routers +[wq.db.rest]: http://wq.io/docs/about-rest +[djangorestframework-msgpack]: https://github.com/juanriaza/django-rest-framework-msgpack +[djangorestframework-camel-case]: https://github.com/vbabiy/djangorestframework-camel-case +[djangorestframework-csv]: https://github.com/mjumbewu/django-rest-framework-csv +[drf_ujson]: https://github.com/gizmag/drf-ujson-renderer +[rest-pandas]: https://github.com/wq/django-rest-pandas +[djangorestframework-chain]: https://github.com/philipn/django-rest-framework-chain +[djangorestrelationalhyperlink]: https://github.com/fredkingham/django_rest_model_hyperlink_serializers_project +[django-rest-swagger]: https://github.com/marcgibbons/django-rest-swagger +[django-rest-framework-proxy]: https://github.com/eofs/django-rest-framework-proxy +[gaiarestframework]: https://github.com/AppsFuel/gaiarestframework +[drf-extensions]: https://github.com/chibisov/drf-extensions +[ember-data-django-rest-adapter]: https://github.com/toranb/ember-data-django-rest-adapter +[beginners-guide-to-the-django-rest-framework]: http://code.tutsplus.com/tutorials/beginners-guide-to-the-django-rest-framework--cms-19786 +[getting-started-with-django-rest-framework-and-angularjs]: http://blog.kevinastone.com/getting-started-with-django-rest-framework-and-angularjs.html +[end-to-end-web-app-with-django-rest-framework-angularjs]: http://blog.mourafiq.com/post/55034504632/end-to-end-web-app-with-django-rest-framework +[start-your-api-django-rest-framework-part-1]: https://godjango.com/41-start-your-api-django-rest-framework-part-1/ +[permissions-authentication-django-rest-framework-part-2]: https://godjango.com/43-permissions-authentication-django-rest-framework-part-2/ +[viewsets-and-routers-django-rest-framework-part-3]: https://godjango.com/45-viewsets-and-routers-django-rest-framework-part-3/ +[django-rest-framework-user-endpoint]: http://richardtier.com/2014/02/25/django-rest-framework-user-endpoint/ +[check-credentials-using-django-rest-framework]: http://richardtier.com/2014/03/06/110/ +[ember-and-django-part 1-video]: http://www.neckbeardrepublic.com/screencasts/ember-and-django-part-1 +[django-rest-framework-part-1-video]: http://www.neckbeardrepublic.com/screencasts/django-rest-framework-part-1 +[pyowa-july-2013-django-rest-framework-video]: http://www.youtube.com/watch?v=e1zrehvxpbo +[django-rest-framework-and-angularjs-video]: http://www.youtube.com/watch?v=q8frbgtj020 +[web-api-performance-profiling-django-rest-framework]: http://dabapps.com/blog/api-performance-profiling-django-rest-framework/ +[api-development-with-django-and-django-rest-framework]: https://bnotions.com/api-development-with-django-and-django-rest-framework/ -- cgit v1.2.3 From 64d8e3dcb6846610e1908e067962b0c8457a86f8 Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Tue, 25 Nov 2014 13:50:35 +0000 Subject: Typo. Refs #2132. --- docs/topics/third-party-resources.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/topics/third-party-resources.md b/docs/topics/third-party-resources.md index d6a4346e..ffb490af 100644 --- a/docs/topics/third-party-resources.md +++ b/docs/topics/third-party-resources.md @@ -6,7 +6,7 @@ Third Party Packages allow developers to share code that extends the functionali We **support**, **encourage** and **strongly favour** the creation of Third Party Packages to encapsulate new behaviour rather than adding additional functionality directly to Django REST Framework. -We aim to make creating Third Party Packages as easy as possible, whilst keeping the **simplicity** of the core API and ensuring that **maintainance** of the main project remains under control. If a Third Party Package proves popular it is relatively easy to move it into the main project; removing features is much more problematic. +We aim to make creating Third Party Packages as easy as possible, whilst keeping the **simplicity** of the core API and ensuring that **maintenance** of the main project remains under control. If a Third Party Package proves popular it is relatively easy to move it into the main project; removing features is much more problematic. If you have an idea for a new feature please consider how it may be packaged as a Third Party Package. We're always happy to dicuss ideas on the [Mailing List][discussion-group]. -- cgit v1.2.3 From 8c91e7b742067b6d4e4ed6d476bfe2cf5839ac8b Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Tue, 25 Nov 2014 15:52:13 +0000 Subject: Add missing options --- docs/api-guide/fields.md | 40 +++++++++++++++++++++++++++++++++------- 1 file changed, 33 insertions(+), 7 deletions(-) (limited to 'docs') diff --git a/docs/api-guide/fields.md b/docs/api-guide/fields.md index 292a51d8..aef7792b 100644 --- a/docs/api-guide/fields.md +++ b/docs/api-guide/fields.md @@ -22,7 +22,7 @@ Each serializer field class constructor takes at least these arguments. Some Fi The name of the attribute that will be used to populate the field. May be a method that only takes a `self` argument, such as `Field(source='get_absolute_url')`, or may use dotted notation to traverse attributes, such as `Field(source='user.email')`. -The value `source='*'` has a special meaning, and is used to indicate that the entire object should be passed through to the field. This can be useful for creating nested representations. (See the implementation of the `PaginationSerializer` class for an example.) +The value `source='*'` has a special meaning, and is used to indicate that the entire object should be passed through to the field. This can be useful for creating nested representations, or for fields which require access to the complete object in order to determine the output representation. Defaults to the name of the field. @@ -45,25 +45,28 @@ Set to false if this field is not required to be present during deserialization. Defaults to `True`. +### `allow_null` + +Normally an error will be raise if `None` is passed to a serializer field. Set this keyword argument to `True` if `None` should be considered a valid value. + +Defaults to `False` + ### `default` If set, this gives the default value that will be used for the field if no input value is supplied. If not set the default behavior is to not populate the attribute at all. May be set to a function or other callable, in which case the value will be evaluated each time it is used. +Note that setting a `default` value implies that the field is not required. Including both the `default` and `required` keyword arguments is invalid and will raise an error. + ### `validators` -A list of Django validators that should be used to validate deserialized values. +A list of validator functions which should be applied to the incoming field input, and which either raise a validation error or simply return. Validator functions should typically raise `serializers.ValidationError`, but Django's built-in `ValidationError` is also supported for compatibility with validators defined in the Django codebase or third party Django packages. ### `error_messages` A dictionary of error codes to error messages. -### `widget` - -Used only if rendering the field to HTML. -This argument sets the widget that should be used to render the field. For more details, and a list of available widgets, see [the Django documentation on form widgets][django-widgets]. - ### `label` A short text string that may be used as the name of the field in HTML form fields or other descriptive elements. @@ -72,6 +75,29 @@ A short text string that may be used as the name of the field in HTML form field A text string that may be used as a description of the field in HTML form fields or other descriptive elements. +### `initial` + +A value that should be used for pre-populating the value of HTML form fields. + +### `style` + +A dictionary of key-value pairs that can be used to control how renderers should render the field. The API for this should still be considered experimental, and will be formalized with the 3.1 release. + +Two options are currently used in HTML form generation, `'input_type'` and `'base_template'`. + + # Use for the input. + password = serializers.CharField( + style={'input_type': 'password'} + ) + + # Use a radio input instead of a select input. + color_channel = serializers.ChoiceField( + choices=['red', 'green', 'blue'] + style = {'base_template': 'radio.html'} + } + +**Note**: The `style` argument replaces the old-style version 2.x `widget` keyword argument. Because REST framework 3 now uses templated HTML form generation, the `widget` option that was used to support Django built-in widgets can no longer be supported. Version 3.1 is planned to include public API support for customizing HTML form generation. + --- # Generic Fields -- cgit v1.2.3 From 929135ea58d5a41f1980d23280c6ae65bb5b3443 Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Tue, 25 Nov 2014 16:01:32 +0000 Subject: Include CNAME file --- docs/CNAME | 1 + 1 file changed, 1 insertion(+) create mode 100644 docs/CNAME (limited to 'docs') diff --git a/docs/CNAME b/docs/CNAME new file mode 100644 index 00000000..4e332899 --- /dev/null +++ b/docs/CNAME @@ -0,0 +1 @@ +www.django-rest-framework.org -- cgit v1.2.3 From c7701cd75a746a863ddf8c517a4ec9c6272d66ca Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Tue, 25 Nov 2014 16:08:48 +0000 Subject: Tweak --- docs/topics/contributing.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/topics/contributing.md b/docs/topics/contributing.md index c7991a0f..7654136c 100644 --- a/docs/topics/contributing.md +++ b/docs/topics/contributing.md @@ -139,7 +139,7 @@ To build the documentation, install MkDocs with `pip install mkdocs` and then ru mkdocs build -This will build the html output into the `html` directory. +This will build the documentation into the `site` directory. You can build the documentation and open a preview in a browser window by using the `serve` command. -- cgit v1.2.3 From b733f85ff1e3f70e9f5dee6f52bebe861bc0f411 Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Tue, 25 Nov 2014 16:24:35 +0000 Subject: Minor docs tweaks --- docs/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/index.md b/docs/index.md index ca10befe..9312bb2f 100644 --- a/docs/index.md +++ b/docs/index.md @@ -172,7 +172,7 @@ The API guide is your complete reference manual to all the functionality provide * [Serializers][serializers] * [Serializer fields][fields] * [Serializer relations][relations] -* [Validators][validators] + * [Authentication][authentication] * [Permissions][permissions] * [Throttling][throttling] -- cgit v1.2.3 From 4ed0ae82e353e918c4f8e2b1c3bd27d67d349fe3 Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Tue, 25 Nov 2014 16:29:14 +0000 Subject: Add validators page --- docs/index.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'docs') diff --git a/docs/index.md b/docs/index.md index 9312bb2f..b18f3d6a 100644 --- a/docs/index.md +++ b/docs/index.md @@ -172,7 +172,7 @@ The API guide is your complete reference manual to all the functionality provide * [Serializers][serializers] * [Serializer fields][fields] * [Serializer relations][relations] - +* [Validators][validators] * [Authentication][authentication] * [Permissions][permissions] * [Throttling][throttling] @@ -294,7 +294,7 @@ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. [serializers]: api-guide/serializers.md [fields]: api-guide/fields.md [relations]: api-guide/relations.md -[validation]: api-guide/validation.md +[validators]: api-guide/validators.md [authentication]: api-guide/authentication.md [permissions]: api-guide/permissions.md [throttling]: api-guide/throttling.md -- cgit v1.2.3 From 31536566d7fee430fb549621b4e324ddec4081fd Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Tue, 25 Nov 2014 17:35:27 +0000 Subject: Updating fields docs --- docs/api-guide/fields.md | 254 +++++++++++++++++++++++++++++++---------------- 1 file changed, 166 insertions(+), 88 deletions(-) (limited to 'docs') diff --git a/docs/api-guide/fields.md b/docs/api-guide/fields.md index 68cdc622..17a65ab8 100644 --- a/docs/api-guide/fields.md +++ b/docs/api-guide/fields.md @@ -47,7 +47,7 @@ Defaults to `True`. ### `allow_null` -Normally an error will be raise if `None` is passed to a serializer field. Set this keyword argument to `True` if `None` should be considered a valid value. +Normally an error will be raised if `None` is passed to a serializer field. Set this keyword argument to `True` if `None` should be considered a valid value. Defaults to `False` @@ -100,10 +100,6 @@ Two options are currently used in HTML form generation, `'input_type'` and `'bas --- -# Generic Fields - -These generic fields are used for representing arbitrary model fields or the output of model methods. - ## Field A generic, **read-only** field. You can use this field for any attribute that does not need to support write operations. @@ -146,96 +142,143 @@ By default, the `Field` class will perform a basic translation of the source val You can customize this behavior by overriding the `.to_native(self, value)` method. -## WritableField +**TODO**: Note removal of `WritableField` -A field that supports both read and write operations. By itself `WritableField` does not perform any translation of input values into a given type. You won't typically use this field directly, but you may want to override it and implement the `.to_native(self, value)` and `.from_native(self, value)` methods. +--- -## ModelField +# Boolean fields -A generic field that can be tied to any arbitrary model field. The `ModelField` class delegates the task of serialization/deserialization to its associated model field. This field can be used to create serializer fields for custom model fields, without having to create a new custom serializer field. +## BooleanField -The `ModelField` class is generally intended for internal use, but can be used by your API if needed. In order to properly instantiate a `ModelField`, it must be passed a field that is attached to an instantiated model. For example: `ModelField(model_field=MyModel()._meta.get_field('custom_field'))` +A boolean representation. -**Signature:** `ModelField(model_field=)` +Corresponds to `django.db.models.fields.BooleanField`. -## SerializerMethodField +## NullBooleanField -This is a read-only field. It gets its value by calling a method on the serializer class it is attached to. It can be used to add any sort of data to the serialized representation of your object. The field's constructor accepts a single argument, which is the name of the method on the serializer to be called. The method should accept a single argument (in addition to `self`), which is the object being serialized. It should return whatever you want to be included in the serialized representation of the object. For example: +A boolean representation that also accepts `None` as a valid value. - from django.contrib.auth.models import User - from django.utils.timezone import now - from rest_framework import serializers +Corresponds to `django.db.models.fields.NullBooleanField`. - class UserSerializer(serializers.ModelSerializer): - days_since_joined = serializers.SerializerMethodField('get_days_since_joined') +--- - class Meta: - model = User +# String fields - def get_days_since_joined(self, obj): - return (now() - obj.date_joined).days +## CharField ---- +A text representation. Optionally validates the text to be shorter than `max_length` and longer than `min_length`. -# Typed Fields +Corresponds to `django.db.models.fields.CharField` or `django.db.models.fields.TextField`. -These fields represent basic datatypes, and support both reading and writing values. +**Signature:** `CharField(max_length=None, min_length=None, allow_none=False)` -## BooleanField +## EmailField -A Boolean representation. +A text representation, validates the text to be a valid e-mail address. -Corresponds to `django.db.models.fields.BooleanField`. +Corresponds to `django.db.models.fields.EmailField` -## CharField +**Signature:** `EmailField(max_length=None, min_length=None)` -A text representation, optionally validates the text to be shorter than `max_length` and longer than `min_length`. -If `allow_none` is `False` (default), `None` values will be converted to an empty string. +## RegexField -Corresponds to `django.db.models.fields.CharField` -or `django.db.models.fields.TextField`. +A text representation, that validates the given value matches against a certain regular expression. -**Signature:** `CharField(max_length=None, min_length=None, allow_none=False)` +The mandatory `regex` argument may either be a string, or a compiled python regular expression object. -## URLField +Uses Django's `django.core.validators.RegexValidator` for validation. -Corresponds to `django.db.models.fields.URLField`. Uses Django's `django.core.validators.URLValidator` for validation. +Corresponds to `django.forms.fields.RegexField` -**Signature:** `URLField(max_length=200, min_length=None)` +**Signature:** `RegexField(regex, max_length=None, min_length=None)` ## SlugField +A `RegexField` that validates the input against the pattern `[a-zA-Z0-9_-]+`. + Corresponds to `django.db.models.fields.SlugField`. **Signature:** `SlugField(max_length=50, min_length=None)` -## ChoiceField +## URLField -A field that can accept a value out of a limited set of choices. Optionally takes a `blank_display_value` parameter that customizes the display value of an empty choice. +A `RegexField` that validates the input against a URL matching pattern. Expects fully qualified URLs of the form `http:///`. -**Signature:** `ChoiceField(choices=(), blank_display_value=None)` +Corresponds to `django.db.models.fields.URLField`. Uses Django's `django.core.validators.URLValidator` for validation. -## EmailField +**Signature:** `URLField(max_length=200, min_length=None)` -A text representation, validates the text to be a valid e-mail address. +--- -Corresponds to `django.db.models.fields.EmailField` +# Numeric fields -## RegexField +## IntegerField -A text representation, that validates the given value matches against a certain regular expression. +An integer representation. -Uses Django's `django.core.validators.RegexValidator` for validation. +Has two optional arguments: -Corresponds to `django.forms.fields.RegexField` +- `max_value` Validate that the number provided is no greater than this value. -**Signature:** `RegexField(regex, max_length=None, min_length=None)` +- `min_value` Validate that the number provided is no less than this value. + +Corresponds to `django.db.models.fields.IntegerField`, `django.db.models.fields.SmallIntegerField`, `django.db.models.fields.PositiveIntegerField` and `django.db.models.fields.PositiveSmallIntegerField`. + +## FloatField + +A floating point representation. + +Has two optional arguments: + +- `max_value` Validate that the number provided is no greater than this value. + +- `min_value` Validate that the number provided is no less than this value. + +Corresponds to `django.db.models.fields.FloatField`. + +## DecimalField + +A decimal representation, represented in Python by a Decimal instance. + +Has two required arguments, and three optional arguments: + +- `max_digits` The maximum number of digits allowed in the number. Note that this number must be greater than or equal to decimal_places. + +- `decimal_places` The number of decimal places to store with the number. + +- `coerce_to_string` Set to `True` if string values should be returned for the representation, or `False` if `Decimal` objects should be returned. Defaults to the same value as the `COERCE_DECIMAL_TO_STRING` settings key, which will be `True` unless overridden. If `Decimal` objects are returned by the serializer, then the final output format will be determined by the renderer. + +- `max_value` Validate that the number provided is no greater than this value. + +- `min_value` Validate that the number provided is no less than this value. + +#### Example usage + +To validate numbers up to 999 with a resolution of 2 decimal places, you would use: + + serializers.DecimalField(max_digits=5, decimal_places=2) + +And to validate numbers up to anything less than one billion with a resolution of 10 decimal places: + + serializers.DecimalField(max_digits=19, decimal_places=10) + +This field also takes an optional argument, `coerce_to_string`. If set to `True` the representation will be output as a string. If set to `False` the representation will be left as a `Decimal` instance and the final representation will be determined by the renderer. + +If unset, this will default to the same value as the `COERCE_DECIMAL_TO_STRING` setting, which is `True` unless set otherwise. + +**Signature:** `DecimalField(max_digits, decimal_places, coerce_to_string=None)` + +Corresponds to `django.db.models.fields.DecimalField`. + +--- + +# Date and time fields ## DateTimeField A date and time representation. -Corresponds to `django.db.models.fields.DateTimeField` +Corresponds to `django.db.models.fields.DateTimeField`. When using `ModelSerializer` or `HyperlinkedModelSerializer`, note that any model fields with `auto_now=True` or `auto_now_add=True` will use serializer fields that are `read_only=True` by default. @@ -253,10 +296,10 @@ In the case of JSON this means the default datetime representation uses the [ECM **Signature:** `DateTimeField(format=None, input_formats=None)` -* `format` - A string representing the output format. If not specified, this defaults to `None`, which indicates that Python `datetime` objects should be returned by `to_native`. In this case the datetime encoding will be determined by the renderer. +* `format` - A string representing the output format. If not specified, this defaults to the same value as the `DATETIME_FORMAT` settings key, which will be `'iso-8601'` unless set. Setting to a format string indicates that `to_representation` return values should be coerced to string output. Format strings are described below. Setting this value to `None` indicates that Python `datetime` objects should be returned by `to_representation`. In this case the datetime encoding will be determined by the renderer. * `input_formats` - A list of strings representing the input formats which may be used to parse the date. If not specified, the `DATETIME_INPUT_FORMATS` setting will be used, which defaults to `['iso-8601']`. -DateTime format strings may either be [Python strftime formats][strftime] which explicitly specify the format, or the special string `'iso-8601'`, which indicates that [ISO 8601][iso8601] style datetimes should be used. (eg `'2013-01-29T12:34:56.000000Z'`) +**DateTimeField format strings**: Format strings may either be [Python strftime formats][strftime] which explicitly specify the format, or the special string `'iso-8601'`, which indicates that [ISO 8601][iso8601] style datetimes should be used. (eg `'2013-01-29T12:34:56.000000Z'`) ## DateField @@ -266,63 +309,47 @@ Corresponds to `django.db.models.fields.DateField` **Signature:** `DateField(format=None, input_formats=None)` -* `format` - A string representing the output format. If not specified, this defaults to `None`, which indicates that Python `date` objects should be returned by `to_native`. In this case the date encoding will be determined by the renderer. +* `format` - A string representing the output format. If not specified, this defaults to the same value as the `DATE_FORMAT` settings key, which will be `'iso-8601'` unless set. Setting to a format string indicates that `to_representation` return values should be coerced to string output. Format strings are described below. Setting this value to `None` indicates that Python `date` objects should be returned by `to_representation`. In this case the date encoding will be determined by the renderer. * `input_formats` - A list of strings representing the input formats which may be used to parse the date. If not specified, the `DATE_INPUT_FORMATS` setting will be used, which defaults to `['iso-8601']`. -Date format strings may either be [Python strftime formats][strftime] which explicitly specify the format, or the special string `'iso-8601'`, which indicates that [ISO 8601][iso8601] style dates should be used. (eg `'2013-01-29'`) +**DateField format strings**: Format strings may either be [Python strftime formats][strftime] which explicitly specify the format, or the special string `'iso-8601'`, which indicates that [ISO 8601][iso8601] style dates should be used. (eg `'2013-01-29'`) ## TimeField A time representation. -Optionally takes `format` as parameter to replace the matching pattern. - Corresponds to `django.db.models.fields.TimeField` **Signature:** `TimeField(format=None, input_formats=None)` -* `format` - A string representing the output format. If not specified, this defaults to `None`, which indicates that Python `time` objects should be returned by `to_native`. In this case the time encoding will be determined by the renderer. +* `format` - A string representing the output format. If not specified, this defaults to the same value as the `TIME_FORMAT` settings key, which will be `'iso-8601'` unless set. Setting to a format string indicates that `to_representation` return values should be coerced to string output. Format strings are described below. Setting this value to `None` indicates that Python `time` objects should be returned by `to_representation`. In this case the time encoding will be determined by the renderer. * `input_formats` - A list of strings representing the input formats which may be used to parse the date. If not specified, the `TIME_INPUT_FORMATS` setting will be used, which defaults to `['iso-8601']`. -Time format strings may either be [Python strftime formats][strftime] which explicitly specify the format, or the special string `'iso-8601'`, which indicates that [ISO 8601][iso8601] style times should be used. (eg `'12:34:56.000000'`) - -## IntegerField - -An integer representation. - -Corresponds to `django.db.models.fields.IntegerField`, `django.db.models.fields.SmallIntegerField`, `django.db.models.fields.PositiveIntegerField` and `django.db.models.fields.PositiveSmallIntegerField` +**TimeField format strings**: Format strings may either be [Python strftime formats][strftime] which explicitly specify the format, or the special string `'iso-8601'`, which indicates that [ISO 8601][iso8601] style times should be used. (eg `'12:34:56.000000'`) -## FloatField - -A floating point representation. - -Corresponds to `django.db.models.fields.FloatField`. +--- -## DecimalField +# Choice selection fields -A decimal representation, represented in Python by a Decimal instance. - -Has two required arguments: +## ChoiceField -- `max_digits` The maximum number of digits allowed in the number. Note that this number must be greater than or equal to decimal_places. +A field that can accept a value out of a limited set of choices. Takes a single mandatory argument. -- `decimal_places` The number of decimal places to store with the number. +- `choices` - A list of valid values, or a list of `(key, display_name)` tuples. -For example, to validate numbers up to 999 with a resolution of 2 decimal places, you would use: +**Signature:** `ChoiceField(choices=())` - serializers.DecimalField(max_digits=5, decimal_places=2) +## MultipleChoiceField -And to validate numbers up to anything less than one billion with a resolution of 10 decimal places: +A field that can accept a set of zero, one or many values, chosen from a limited set of choices. Takes a single mandatory argument. `to_internal_representation` returns a `set` containing the selected values. - serializers.DecimalField(max_digits=19, decimal_places=10) +- `choices` - A list of valid values, or a list of `(key, display_name)` tuples. -This field also takes an optional argument, `coerce_to_string`. If set to `True` the representation will be output as a string. If set to `False` the representation will be left as a `Decimal` instance and the final representation will be determined by the renderer. +**Signature:** `MultipleChoiceField(choices=())` -If unset, this will default to the same value as the `COERCE_DECIMAL_TO_STRING` setting, which is `True` unless set otherwise. +--- -**Signature:** `DecimalField(max_digits, decimal_places, coerce_to_string=None)` - -Corresponds to `django.db.models.fields.DecimalField`. +# File upload fields ## FileField @@ -330,15 +357,17 @@ A file representation. Performs Django's standard FileField validation. Corresponds to `django.forms.fields.FileField`. -**Signature:** `FileField(max_length=None, allow_empty_file=False)` +**Signature:** `FileField(max_length=None, allow_empty_file=False, use_url=UPLOADED_FILES_USE_URL)` + + - `max_length` - designates the maximum length for the file name. - - `max_length` designates the maximum length for the file name. + - `allow_empty_file` - designates if empty files are allowed. - - `allow_empty_file` designates if empty files are allowed. +- `use_url` - If set to `True` then URL string values will be used for the output representation. If set to `False` then filename string values will be used for the output representation. Defaults to the value of the `UPLOADED_FILES_USE_URL` settings key, which is `True` unless set otherwise. ## ImageField -An image representation. +An image representation. Validates the uploaded file content as matching a known image format. Corresponds to `django.forms.fields.ImageField`. @@ -348,11 +377,60 @@ Signature and validation is the same as with `FileField`. --- -**Note:** `FileFields` and `ImageFields` are only suitable for use with MultiPartParser, since e.g. json doesn't support file uploads. +**Note:** `FileFields` and `ImageFields` are only suitable for use with `MultiPartParser` or `FileUploadParser`. Most parsers, such as e.g. JSON don't support file uploads. Django's regular [FILE_UPLOAD_HANDLERS] are used for handling uploaded files. --- +# Composite fields + +## ListField + +**TODO** + +--- + +# Miscellaneous fields + +## ReadOnlyField + +**TODO** + +## HiddenField + +**TODO** + +## ModelField + +A generic field that can be tied to any arbitrary model field. The `ModelField` class delegates the task of serialization/deserialization to its associated model field. This field can be used to create serializer fields for custom model fields, without having to create a new custom serializer field. + +The `ModelField` class is generally intended for internal use, but can be used by your API if needed. In order to properly instantiate a `ModelField`, it must be passed a field that is attached to an instantiated model. For example: `ModelField(model_field=MyModel()._meta.get_field('custom_field'))` + +**Signature:** `ModelField(model_field=)` + +## SerializerMethodField + +This is a read-only field. It gets its value by calling a method on the serializer class it is attached to. It can be used to add any sort of data to the serialized representation of your object. + +The field constructor accepts a single optional argument, which is the name of the method on the serializer to be called. If not included this defaults to `get_`. + +The method should accept a single argument (in addition to `self`), which is the object being serialized. It should return whatever you want to be included in the serialized representation of the object. For example: + + from django.contrib.auth.models import User + from django.utils.timezone import now + from rest_framework import serializers + + class UserSerializer(serializers.ModelSerializer): + days_since_joined = serializers.SerializerMethodField() + + class Meta: + model = User + + def get_days_since_joined(self, obj): + return (now() - obj.date_joined).days + +--- + # Custom fields If you want to create a custom field, you'll probably want to override either one or both of the `.to_native()` and `.from_native()` methods. These two methods are used to convert between the initial datatype, and a primitive, serializable datatype. Primitive datatypes may be any of a number, string, date/time/datetime or None. They may also be any list or dictionary like object that only contains other primitive objects. -- cgit v1.2.3 From c01c631ef2c5a0f303460c505810c4987371dbcc Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Wed, 26 Nov 2014 09:04:48 +0000 Subject: perform_create, perform_update, perform_destroy hooks --- docs/api-guide/fields.md | 19 ++++++++++++------- docs/api-guide/generic-views.md | 28 ++++++++++++++-------------- 2 files changed, 26 insertions(+), 21 deletions(-) (limited to 'docs') diff --git a/docs/api-guide/fields.md b/docs/api-guide/fields.md index 17a65ab8..1e856853 100644 --- a/docs/api-guide/fields.md +++ b/docs/api-guide/fields.md @@ -433,9 +433,9 @@ The method should accept a single argument (in addition to `self`), which is the # Custom fields -If you want to create a custom field, you'll probably want to override either one or both of the `.to_native()` and `.from_native()` methods. These two methods are used to convert between the initial datatype, and a primitive, serializable datatype. Primitive datatypes may be any of a number, string, date/time/datetime or None. They may also be any list or dictionary like object that only contains other primitive objects. +If you want to create a custom field, you'll probably want to override either one or both of the `.to_representation()` and `.to_internal_value()` methods. These two methods are used to convert between the initial datatype, and a primitive, serializable datatype. Primitive datatypes may be any of a number, string, date/time/datetime or None. They may also be any list or dictionary like object that only contains other primitive objects. -The `.to_native()` method is called to convert the initial datatype into a primitive, serializable datatype. The `from_native()` method is called to restore a primitive datatype into its initial representation. +The `.to_representation()` method is called to convert the initial datatype into a primitive, serializable datatype. The `to_internal_value()` method is called to restore a primitive datatype into its internal python representation. ## Examples @@ -450,25 +450,30 @@ Let's look at an example of serializing a class that represents an RGB color val assert(red < 256 and green < 256 and blue < 256) self.red, self.green, self.blue = red, green, blue - class ColourField(serializers.WritableField): + class ColorField(serializers.Field): """ Color objects are serialized into "rgb(#, #, #)" notation. """ - def to_native(self, obj): + def to_representation(self, obj): return "rgb(%d, %d, %d)" % (obj.red, obj.green, obj.blue) - def from_native(self, data): + def to_internal_value(self, data): data = data.strip('rgb(').rstrip(')') red, green, blue = [int(col) for col in data.split(',')] return Color(red, green, blue) -By default field values are treated as mapping to an attribute on the object. If you need to customize how the field value is accessed and set you need to override `.field_to_native()` and/or `.field_from_native()`. +By default field values are treated as mapping to an attribute on the object. If you need to customize how the field value is accessed and set you need to override `.get_attribute()` and/or `.get_value()`. As an example, let's create a field that can be used represent the class name of the object being serialized: class ClassNameField(serializers.Field): - def field_to_native(self, obj, field_name): + def get_attribute(self, obj): + # We pass the object instance onto `to_representation`, + # not just the field attribute. + return obj + + def to_representation(self, obj): """ Serialize the object's class name. """ diff --git a/docs/api-guide/generic-views.md b/docs/api-guide/generic-views.md index 489b628f..dc51189c 100755 --- a/docs/api-guide/generic-views.md +++ b/docs/api-guide/generic-views.md @@ -7,7 +7,7 @@ source: mixins.py > > — [Django Documentation][cite] -One of the key benefits of class based views is the way they allow you to compose bits of reusable behaviour. REST framework takes advantage of this by providing a number of pre-built views that provide for commonly used patterns. +One of the key benefits of class based views is the way they allow you to compose bits of reusable behavior. REST framework takes advantage of this by providing a number of pre-built views that provide for commonly used patterns. The generic views provided by REST framework allow you to quickly build API views that map closely to your database models. @@ -171,24 +171,24 @@ For example: return 20 return 100 -**Save / deletion hooks**: +**Save and deletion hooks**: -The following methods are provided as placeholder interfaces. They contain empty implementations and are not called directly by `GenericAPIView`, but they are overridden and used by some of the mixin classes. +The following methods are provided by the mixin classes, and provide easy overriding of the object save or deletion behavior. -* `pre_save(self, obj)` - A hook that is called before saving an object. -* `post_save(self, obj, created=False)` - A hook that is called after saving an object. -* `pre_delete(self, obj)` - A hook that is called before deleting an object. -* `post_delete(self, obj)` - A hook that is called after deleting an object. +* `perform_create(self, serializer)` - Called by `CreateModelMixin` when saving a new object instance. +* `perform_update(self, serializer)` - Called by `UpdateModelMixin` when saving an existing object instance. +* `perform_destroy(self, instance)` - Called by `DestroyModelMixin` when deleting an object instance. -The `pre_save` method in particular is a useful hook for setting attributes that are implicit in the request, but are not part of the request data. For instance, you might set an attribute on the object based on the request user, or based on a URL keyword argument. +These hooks are particularly useful for setting attributes that are implicit in the request, but are not part of the request data. For instance, you might set an attribute on the object based on the request user, or based on a URL keyword argument. - def pre_save(self, obj): - """ - Set the object's owner, based on the incoming request. - """ - obj.owner = self.request.user + def perform_create(self, serializer): + serializer.save(user=self.request.user) + +These override points are also particularly useful for adding behavior that occurs before or after saving an object, such as emailing a confirmation, or logging the update. -Remember that the `pre_save()` method is not called by `GenericAPIView` itself, but it is called by `create()` and `update()` methods on the `CreateModelMixin` and `UpdateModelMixin` classes. + def perform_update(self, serializer): + instance = serializer.save() + send_email_confirmation(user=self.request.user, modified=instance) **Other methods**: -- cgit v1.2.3 From 0f5338ada90ca2c6e53b9e095bec6a3b853d107b Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Wed, 26 Nov 2014 09:06:15 +0000 Subject: Call out removal of pre_save/post_save more strongly --- docs/api-guide/generic-views.md | 2 ++ 1 file changed, 2 insertions(+) (limited to 'docs') diff --git a/docs/api-guide/generic-views.md b/docs/api-guide/generic-views.md index dc51189c..8c1b7dc9 100755 --- a/docs/api-guide/generic-views.md +++ b/docs/api-guide/generic-views.md @@ -190,6 +190,8 @@ These override points are also particularly useful for adding behavior that occu instance = serializer.save() send_email_confirmation(user=self.request.user, modified=instance) +**Note**: These methods replace the old-style version 2.x `pre_save`, `post_save`, `pre_delete` and `post_delete` methods, which are no longer available. + **Other methods**: You won't typically need to override the following methods, although you might need to call into them if you're writing custom views using `GenericAPIView`. -- cgit v1.2.3 From e1b14cbe4acafa47154acf66c21cd9e627c7ba1a Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Wed, 26 Nov 2014 10:27:29 +0000 Subject: 3.0 docs for serializer fields --- docs/api-guide/fields.md | 251 +++++++++++++++++++++++++---------------------- 1 file changed, 132 insertions(+), 119 deletions(-) (limited to 'docs') diff --git a/docs/api-guide/fields.md b/docs/api-guide/fields.md index 1e856853..ca551540 100644 --- a/docs/api-guide/fields.md +++ b/docs/api-guide/fields.md @@ -10,7 +10,7 @@ Serializer fields handle converting between primitive values and internal dataty --- -**Note:** The serializer fields are declared in fields.py, but by convention you should import them using `from rest_framework import serializers` and refer to fields as `serializers.`. +**Note:** The serializer fields are declared in `fields.py`, but by convention you should import them using `from rest_framework import serializers` and refer to fields as `serializers.`. --- @@ -18,14 +18,6 @@ Serializer fields handle converting between primitive values and internal dataty Each serializer field class constructor takes at least these arguments. Some Field classes take additional, field-specific arguments, but the following should always be accepted: -### `source` - -The name of the attribute that will be used to populate the field. May be a method that only takes a `self` argument, such as `Field(source='get_absolute_url')`, or may use dotted notation to traverse attributes, such as `Field(source='user.email')`. - -The value `source='*'` has a special meaning, and is used to indicate that the entire object should be passed through to the field. This can be useful for creating nested representations, or for fields which require access to the complete object in order to determine the output representation. - -Defaults to the name of the field. - ### `read_only` Set this to `True` to ensure that the field is used when serializing a representation, but is not used when creating or updating an instance during deserialization. @@ -59,6 +51,14 @@ May be set to a function or other callable, in which case the value will be eval Note that setting a `default` value implies that the field is not required. Including both the `default` and `required` keyword arguments is invalid and will raise an error. +### `source` + +The name of the attribute that will be used to populate the field. May be a method that only takes a `self` argument, such as `URLField('get_absolute_url')`, or may use dotted notation to traverse attributes, such as `EmailField(source='user.email')`. + +The value `source='*'` has a special meaning, and is used to indicate that the entire object should be passed through to the field. This can be useful for creating nested representations, or for fields which require access to the complete object in order to determine the output representation. + +Defaults to the name of the field. + ### `validators` A list of validator functions which should be applied to the incoming field input, and which either raise a validation error or simply return. Validator functions should typically raise `serializers.ValidationError`, but Django's built-in `ValidationError` is also supported for compatibility with validators defined in the Django codebase or third party Django packages. @@ -100,52 +100,6 @@ Two options are currently used in HTML form generation, `'input_type'` and `'bas --- -## Field - -A generic, **read-only** field. You can use this field for any attribute that does not need to support write operations. - -For example, using the following model. - - from django.db import models - from django.utils.timezone import now - - class Account(models.Model): - owner = models.ForeignKey('auth.user') - name = models.CharField(max_length=100) - created = models.DateTimeField(auto_now_add=True) - payment_expiry = models.DateTimeField() - - def has_expired(self): - return now() > self.payment_expiry - -A serializer definition that looked like this: - - from rest_framework import serializers - - class AccountSerializer(serializers.HyperlinkedModelSerializer): - expired = serializers.Field(source='has_expired') - - class Meta: - model = Account - fields = ('url', 'owner', 'name', 'expired') - -Would produce output similar to: - - { - 'url': 'http://example.com/api/accounts/3/', - 'owner': 'http://example.com/api/users/12/', - 'name': 'FooCorp business account', - 'expired': True - } - -By default, the `Field` class will perform a basic translation of the source value into primitive datatypes, falling back to unicode representations of complex datatypes when necessary. - -You can customize this behavior by overriding the `.to_native(self, value)` method. - -**TODO**: Note removal of `WritableField` - ---- - # Boolean fields ## BooleanField @@ -154,12 +108,16 @@ A boolean representation. Corresponds to `django.db.models.fields.BooleanField`. +**Signature:** `BooleanField()` + ## NullBooleanField A boolean representation that also accepts `None` as a valid value. Corresponds to `django.db.models.fields.NullBooleanField`. +**Signature:** `NullBooleanField()` + --- # String fields @@ -170,7 +128,13 @@ A text representation. Optionally validates the text to be shorter than `max_len Corresponds to `django.db.models.fields.CharField` or `django.db.models.fields.TextField`. -**Signature:** `CharField(max_length=None, min_length=None, allow_none=False)` +**Signature:** `CharField(max_length=None, min_length=None, allow_blank=False)` + +- `max_length` - Validates that the input contains no more than this number of characters. +- `min_length` - Validates that the input contains no fewer than this number of characters. +- `allow_blank` - If set to `True` then the empty string should be considered a valid value. If set to `False` then the empty string is considered invalid and will raise a validation error. Defaults to `False`. + +The `allow_null` option is also available for string fields, although its usage is discouraged in favor of `allow_blank`. It is valid to set both `allow_blank=True` and `allow_null=True`, but doing so means that there will be two differing types of empty value permissible for string representations, which can lead to data inconsistencies and subtle application bugs. ## EmailField @@ -178,19 +142,19 @@ A text representation, validates the text to be a valid e-mail address. Corresponds to `django.db.models.fields.EmailField` -**Signature:** `EmailField(max_length=None, min_length=None)` +**Signature:** `EmailField(max_length=None, min_length=None, allow_blank=False)` ## RegexField A text representation, that validates the given value matches against a certain regular expression. -The mandatory `regex` argument may either be a string, or a compiled python regular expression object. +Corresponds to `django.forms.fields.RegexField`. -Uses Django's `django.core.validators.RegexValidator` for validation. +**Signature:** `RegexField(regex, max_length=None, min_length=None, allow_blank=False)` -Corresponds to `django.forms.fields.RegexField` +The mandatory `regex` argument may either be a string, or a compiled python regular expression object. -**Signature:** `RegexField(regex, max_length=None, min_length=None)` +Uses Django's `django.core.validators.RegexValidator` for validation. ## SlugField @@ -198,7 +162,7 @@ A `RegexField` that validates the input against the pattern `[a-zA-Z0-9_-]+`. Corresponds to `django.db.models.fields.SlugField`. -**Signature:** `SlugField(max_length=50, min_length=None)` +**Signature:** `SlugField(max_length=50, min_length=None, allow_blank=False)` ## URLField @@ -206,7 +170,7 @@ A `RegexField` that validates the input against a URL matching pattern. Expects Corresponds to `django.db.models.fields.URLField`. Uses Django's `django.core.validators.URLValidator` for validation. -**Signature:** `URLField(max_length=200, min_length=None)` +**Signature:** `URLField(max_length=200, min_length=None, allow_blank=False)` --- @@ -216,40 +180,36 @@ Corresponds to `django.db.models.fields.URLField`. Uses Django's `django.core.v An integer representation. -Has two optional arguments: +Corresponds to `django.db.models.fields.IntegerField`, `django.db.models.fields.SmallIntegerField`, `django.db.models.fields.PositiveIntegerField` and `django.db.models.fields.PositiveSmallIntegerField`. -- `max_value` Validate that the number provided is no greater than this value. +**Signature**: `IntegerField(max_value=None, min_value=None)` +- `max_value` Validate that the number provided is no greater than this value. - `min_value` Validate that the number provided is no less than this value. -Corresponds to `django.db.models.fields.IntegerField`, `django.db.models.fields.SmallIntegerField`, `django.db.models.fields.PositiveIntegerField` and `django.db.models.fields.PositiveSmallIntegerField`. - ## FloatField A floating point representation. -Has two optional arguments: +Corresponds to `django.db.models.fields.FloatField`. + +**Signature**: `FloatField(max_value=None, min_value=None)` - `max_value` Validate that the number provided is no greater than this value. - - `min_value` Validate that the number provided is no less than this value. -Corresponds to `django.db.models.fields.FloatField`. - ## DecimalField -A decimal representation, represented in Python by a Decimal instance. +A decimal representation, represented in Python by a `Decimal` instance. -Has two required arguments, and three optional arguments: +Corresponds to `django.db.models.fields.DecimalField`. -- `max_digits` The maximum number of digits allowed in the number. Note that this number must be greater than or equal to decimal_places. +**Signature**: `DecimalField(max_digits, decimal_places, coerce_to_string=None, max_value=None, min_value=None)` +- `max_digits` The maximum number of digits allowed in the number. Note that this number must be greater than or equal to decimal_places. - `decimal_places` The number of decimal places to store with the number. - - `coerce_to_string` Set to `True` if string values should be returned for the representation, or `False` if `Decimal` objects should be returned. Defaults to the same value as the `COERCE_DECIMAL_TO_STRING` settings key, which will be `True` unless overridden. If `Decimal` objects are returned by the serializer, then the final output format will be determined by the renderer. - - `max_value` Validate that the number provided is no greater than this value. - - `min_value` Validate that the number provided is no less than this value. #### Example usage @@ -266,10 +226,6 @@ This field also takes an optional argument, `coerce_to_string`. If set to `True` If unset, this will default to the same value as the `COERCE_DECIMAL_TO_STRING` setting, which is `True` unless set otherwise. -**Signature:** `DecimalField(max_digits, decimal_places, coerce_to_string=None)` - -Corresponds to `django.db.models.fields.DecimalField`. - --- # Date and time fields @@ -280,26 +236,30 @@ A date and time representation. Corresponds to `django.db.models.fields.DateTimeField`. -When using `ModelSerializer` or `HyperlinkedModelSerializer`, note that any model fields with `auto_now=True` or `auto_now_add=True` will use serializer fields that are `read_only=True` by default. +**Signature:** `DateTimeField(format=None, input_formats=None)` -If you want to override this behavior, you'll need to declare the `DateTimeField` explicitly on the serializer. For example: +* `format` - A string representing the output format. If not specified, this defaults to the same value as the `DATETIME_FORMAT` settings key, which will be `'iso-8601'` unless set. Setting to a format string indicates that `to_representation` return values should be coerced to string output. Format strings are described below. Setting this value to `None` indicates that Python `datetime` objects should be returned by `to_representation`. In this case the datetime encoding will be determined by the renderer. +* `input_formats` - A list of strings representing the input formats which may be used to parse the date. If not specified, the `DATETIME_INPUT_FORMATS` setting will be used, which defaults to `['iso-8601']`. - class CommentSerializer(serializers.ModelSerializer): - created = serializers.DateTimeField() +#### `DateTimeField` format strings. - class Meta: - model = Comment +Format strings may either be [Python strftime formats][strftime] which explicitly specify the format, or the special string `'iso-8601'`, which indicates that [ISO 8601][iso8601] style datetimes should be used. (eg `'2013-01-29T12:34:56.000000Z'`) -Note that by default, datetime representations are determined by the renderer in use, although this can be explicitly overridden as detailed below. +When a value of `None` is used for the format `datetime` objects will be returned by `to_representation` and the final output representation will determined by the renderer class. In the case of JSON this means the default datetime representation uses the [ECMA 262 date time string specification][ecma262]. This is a subset of ISO 8601 which uses millisecond precision, and includes the 'Z' suffix for the UTC timezone, for example: `2013-01-29T12:34:56.123Z`. -**Signature:** `DateTimeField(format=None, input_formats=None)` +#### `auto_now` and `auto_now_add` model fields. -* `format` - A string representing the output format. If not specified, this defaults to the same value as the `DATETIME_FORMAT` settings key, which will be `'iso-8601'` unless set. Setting to a format string indicates that `to_representation` return values should be coerced to string output. Format strings are described below. Setting this value to `None` indicates that Python `datetime` objects should be returned by `to_representation`. In this case the datetime encoding will be determined by the renderer. -* `input_formats` - A list of strings representing the input formats which may be used to parse the date. If not specified, the `DATETIME_INPUT_FORMATS` setting will be used, which defaults to `['iso-8601']`. +When using `ModelSerializer` or `HyperlinkedModelSerializer`, note that any model fields with `auto_now=True` or `auto_now_add=True` will use serializer fields that are `read_only=True` by default. + +If you want to override this behavior, you'll need to declare the `DateTimeField` explicitly on the serializer. For example: + + class CommentSerializer(serializers.ModelSerializer): + created = serializers.DateTimeField() -**DateTimeField format strings**: Format strings may either be [Python strftime formats][strftime] which explicitly specify the format, or the special string `'iso-8601'`, which indicates that [ISO 8601][iso8601] style datetimes should be used. (eg `'2013-01-29T12:34:56.000000Z'`) + class Meta: + model = Comment ## DateField @@ -312,7 +272,9 @@ Corresponds to `django.db.models.fields.DateField` * `format` - A string representing the output format. If not specified, this defaults to the same value as the `DATE_FORMAT` settings key, which will be `'iso-8601'` unless set. Setting to a format string indicates that `to_representation` return values should be coerced to string output. Format strings are described below. Setting this value to `None` indicates that Python `date` objects should be returned by `to_representation`. In this case the date encoding will be determined by the renderer. * `input_formats` - A list of strings representing the input formats which may be used to parse the date. If not specified, the `DATE_INPUT_FORMATS` setting will be used, which defaults to `['iso-8601']`. -**DateField format strings**: Format strings may either be [Python strftime formats][strftime] which explicitly specify the format, or the special string `'iso-8601'`, which indicates that [ISO 8601][iso8601] style dates should be used. (eg `'2013-01-29'`) +#### `DateField` format strings + +Format strings may either be [Python strftime formats][strftime] which explicitly specify the format, or the special string `'iso-8601'`, which indicates that [ISO 8601][iso8601] style dates should be used. (eg `'2013-01-29'`) ## TimeField @@ -325,7 +287,9 @@ Corresponds to `django.db.models.fields.TimeField` * `format` - A string representing the output format. If not specified, this defaults to the same value as the `TIME_FORMAT` settings key, which will be `'iso-8601'` unless set. Setting to a format string indicates that `to_representation` return values should be coerced to string output. Format strings are described below. Setting this value to `None` indicates that Python `time` objects should be returned by `to_representation`. In this case the time encoding will be determined by the renderer. * `input_formats` - A list of strings representing the input formats which may be used to parse the date. If not specified, the `TIME_INPUT_FORMATS` setting will be used, which defaults to `['iso-8601']`. -**TimeField format strings**: Format strings may either be [Python strftime formats][strftime] which explicitly specify the format, or the special string `'iso-8601'`, which indicates that [ISO 8601][iso8601] style times should be used. (eg `'12:34:56.000000'`) +#### `TimeField` format strings + +Format strings may either be [Python strftime formats][strftime] which explicitly specify the format, or the special string `'iso-8601'`, which indicates that [ISO 8601][iso8601] style times should be used. (eg `'12:34:56.000000'`) --- @@ -333,24 +297,31 @@ Corresponds to `django.db.models.fields.TimeField` ## ChoiceField -A field that can accept a value out of a limited set of choices. Takes a single mandatory argument. +A field that can accept a value out of a limited set of choices. -- `choices` - A list of valid values, or a list of `(key, display_name)` tuples. +Used by `ModelSerializer` to automatically generate fields if the corresponding model field includes a `choices=…` argument. -**Signature:** `ChoiceField(choices=())` +**Signature:** `ChoiceField(choices)` + +- `choices` - A list of valid values, or a list of `(key, display_name)` tuples. ## MultipleChoiceField A field that can accept a set of zero, one or many values, chosen from a limited set of choices. Takes a single mandatory argument. `to_internal_representation` returns a `set` containing the selected values. -- `choices` - A list of valid values, or a list of `(key, display_name)` tuples. +**Signature:** `MultipleChoiceField(choices)` -**Signature:** `MultipleChoiceField(choices=())` +- `choices` - A list of valid values, or a list of `(key, display_name)` tuples. --- # File upload fields +#### Parsers and file uploads. + +The `FileField` and `ImageField` classes are only suitable for use with `MultiPartParser` or `FileUploadParser`. Most parsers, such as e.g. JSON don't support file uploads. +Django's regular [FILE_UPLOAD_HANDLERS] are used for handling uploaded files. + ## FileField A file representation. Performs Django's standard FileField validation. @@ -359,10 +330,8 @@ Corresponds to `django.forms.fields.FileField`. **Signature:** `FileField(max_length=None, allow_empty_file=False, use_url=UPLOADED_FILES_USE_URL)` - - `max_length` - designates the maximum length for the file name. - - - `allow_empty_file` - designates if empty files are allowed. - + - `max_length` - Designates the maximum length for the file name. + - `allow_empty_file` - Designates if empty files are allowed. - `use_url` - If set to `True` then URL string values will be used for the output representation. If set to `False` then filename string values will be used for the output representation. Defaults to the value of the `UPLOADED_FILES_USE_URL` settings key, which is `True` unless set otherwise. ## ImageField @@ -371,14 +340,13 @@ An image representation. Validates the uploaded file content as matching a known Corresponds to `django.forms.fields.ImageField`. -Requires either the `Pillow` package or `PIL` package. The `Pillow` package is recommended, as `PIL` is no longer actively maintained. +**Signature:** `ImageField(max_length=None, allow_empty_file=False, use_url=UPLOADED_FILES_USE_URL)` -Signature and validation is the same as with `FileField`. - ---- + - `max_length` - Designates the maximum length for the file name. + - `allow_empty_file` - Designates if empty files are allowed. +- `use_url` - If set to `True` then URL string values will be used for the output representation. If set to `False` then filename string values will be used for the output representation. Defaults to the value of the `UPLOADED_FILES_USE_URL` settings key, which is `True` unless set otherwise. -**Note:** `FileFields` and `ImageFields` are only suitable for use with `MultiPartParser` or `FileUploadParser`. Most parsers, such as e.g. JSON don't support file uploads. -Django's regular [FILE_UPLOAD_HANDLERS] are used for handling uploaded files. +Requires either the `Pillow` package or `PIL` package. The `Pillow` package is recommended, as `PIL` is no longer actively maintained. --- @@ -386,7 +354,24 @@ Django's regular [FILE_UPLOAD_HANDLERS] are used for handling uploaded files. ## ListField -**TODO** +A field class that validates a list of objects. + +**Signature**: `ListField(child)` + +- `child` - A field instance that should be used for validating the objects in the list. + +For example, to validate a list of integers you might use something like the following: + + scores = serializers.ListField( + child=serializers.IntegerField(min_value=0, max_value=100) + ) + +The `ListField` class also supports a declarative style that allows you to write reusable list field classes. + + class StringListField(serializers.ListField): + child = serializers.CharField() + +We can now reuse our custom `StringListField` class throughout our application, without having to provide a `child` argument to it. --- @@ -394,27 +379,52 @@ Django's regular [FILE_UPLOAD_HANDLERS] are used for handling uploaded files. ## ReadOnlyField -**TODO** +A field class that simply returns the value of the field without modification. + +This field is used by default with `ModelSerializer` when including field names that relate to an attribute rather than a model field. + +**Signature**: `ReadOnlyField()` + +For example, is `has_expired` was a property on the `Account` model, then the following serializer would automatically generate it as a `ReadOnlyField`: + + class AccountSerializer(serializers.ModelSerializer): + class Meta: + model = Account + fields = ('id', 'account_name', 'has_expired') ## HiddenField -**TODO** +A field class that does not take a value based on user input, but instead takes its value from a default value or callable. + +**Signature**: `HiddenField()` + +For example, to include a field that always provides the current time as part of the serializer validated data, you would use the following: + + modified = serializer.HiddenField(default=timezone.now) + +The `HiddenField` class is usually only needed if you have some validation that needs to run based on some pre-provided field values, but you do not want to expose all of those fields to the end user. + +For further examples on `HiddenField` see the [validators](validators.md) documentation. ## ModelField -A generic field that can be tied to any arbitrary model field. The `ModelField` class delegates the task of serialization/deserialization to its associated model field. This field can be used to create serializer fields for custom model fields, without having to create a new custom serializer field. +A generic field that can be tied to any arbitrary model field. The `ModelField` class delegates the task of serialization/deserialization to its associated model field. This field can be used to create serializer fields for custom model fields, without having to create a new custom serializer field. -The `ModelField` class is generally intended for internal use, but can be used by your API if needed. In order to properly instantiate a `ModelField`, it must be passed a field that is attached to an instantiated model. For example: `ModelField(model_field=MyModel()._meta.get_field('custom_field'))` +This field is used by `ModelSerializer` to correspond to custom model field classes. **Signature:** `ModelField(model_field=)` +The `ModelField` class is generally intended for internal use, but can be used by your API if needed. In order to properly instantiate a `ModelField`, it must be passed a field that is attached to an instantiated model. For example: `ModelField(model_field=MyModel()._meta.get_field('custom_field'))` + ## SerializerMethodField This is a read-only field. It gets its value by calling a method on the serializer class it is attached to. It can be used to add any sort of data to the serialized representation of your object. -The field constructor accepts a single optional argument, which is the name of the method on the serializer to be called. If not included this defaults to `get_`. +**Signature**: `SerializerMethodField(method_name=None)` + +- `method-name` - The name of the method on the serializer to be called. If not included this defaults to `get_`. -The method should accept a single argument (in addition to `self`), which is the object being serialized. It should return whatever you want to be included in the serialized representation of the object. For example: +The serializer method referred to by the `method_name` argument should accept a single argument (in addition to `self`), which is the object being serialized. It should return whatever you want to be included in the serialized representation of the object. For example: from django.contrib.auth.models import User from django.utils.timezone import now @@ -433,9 +443,13 @@ The method should accept a single argument (in addition to `self`), which is the # Custom fields -If you want to create a custom field, you'll probably want to override either one or both of the `.to_representation()` and `.to_internal_value()` methods. These two methods are used to convert between the initial datatype, and a primitive, serializable datatype. Primitive datatypes may be any of a number, string, date/time/datetime or None. They may also be any list or dictionary like object that only contains other primitive objects. +If you want to create a custom field, you'll need to subclass `Field` and then override either one or both of the `.to_representation()` and `.to_internal_value()` methods. These two methods are used to convert between the initial datatype, and a primitive, serializable datatype. Primitive datatypes will typically be any of a number, string, boolean, `date`/`time`/`datetime` or `None`. They may also be any list or dictionary like object that only contains other primitive objects. Other types might be supported, depending on the renderer that you are using. -The `.to_representation()` method is called to convert the initial datatype into a primitive, serializable datatype. The `to_internal_value()` method is called to restore a primitive datatype into its internal python representation. +The `.to_representation()` method is called to convert the initial datatype into a primitive, serializable datatype. + +The `to_internal_value()` method is called to restore a primitive datatype into its internal python representation. + +Note that the `WritableField` class that was present in version 2.x no longer exists. You should subclass `Field` and override `to_internal_value()` if the field supports data input. ## Examples @@ -462,7 +476,6 @@ Let's look at an example of serializing a class that represents an RGB color val red, green, blue = [int(col) for col in data.split(',')] return Color(red, green, blue) - By default field values are treated as mapping to an attribute on the object. If you need to customize how the field value is accessed and set you need to override `.get_attribute()` and/or `.get_value()`. As an example, let's create a field that can be used represent the class name of the object being serialized: -- cgit v1.2.3 From 678f7b4c654ccc1bc147d36e0ecb4a3a3a1cacdb Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Wed, 26 Nov 2014 10:43:45 +0000 Subject: Update notes on autocomplete --- docs/topics/browsable-api.md | 33 +++++++++++---------------------- 1 file changed, 11 insertions(+), 22 deletions(-) (limited to 'docs') diff --git a/docs/topics/browsable-api.md b/docs/topics/browsable-api.md index ad812f4b..2879db74 100644 --- a/docs/topics/browsable-api.md +++ b/docs/topics/browsable-api.md @@ -130,34 +130,24 @@ You can override the `BrowsableAPIRenderer.get_context()` method to customise th For more advanced customization, such as not having a Bootstrap basis or tighter integration with the rest of your site, you can simply choose not to have `api.html` extend `base.html`. Then the page content and capabilities are entirely up to you. -#### Autocompletion +#### Handling `ChoiceField` with large numbers of items. -When a `ChoiceField` has too many items, rendering the widget containing all the options can become very slow, and cause the browsable API rendering to perform poorly. One solution is to replace the selector by an autocomplete widget, that only loads and renders a subset of the available options as needed. +When a relationship or `ChoiceField` has too many items, rendering the widget containing all the options can become very slow, and cause the browsable API rendering to perform poorly. -There are [a variety of packages for autocomplete widgets][autocomplete-packages], such as [django-autocomplete-light][django-autocomplete-light]. To setup `django-autocomplete-light`, follow the [installation documentation][django-autocomplete-light-install], add the the following to the `api.html` template: +The simplest option in this case is to replace the select input with a standard text input. For example: - {% block script %} - {{ block.super }} - {% include 'autocomplete_light/static.html' %} - {% endblock %} - -You can now add the `autocomplete_light.ChoiceWidget` widget to the serializer field. - - import autocomplete_light + author = serializers.HyperlinkedRelatedField( + queryset=User.objects.all(), + style={'base_template': 'input.html'} + ) - class BookSerializer(serializers.ModelSerializer): - author = serializers.ChoiceField( - widget=autocomplete_light.ChoiceWidget('AuthorAutocomplete') - ) +#### Autocomplete - class Meta: - model = Book - ---- +An alternative, but more complex option would be to replace the input with an autocomplete widget, that only loads and renders a subset of the available options as needed. If you need to do this you'll need to do some work to build a custom autocomplete HTML template yourself. -![Autocomplete][autocomplete-image] +There are [a variety of packages for autocomplete widgets][autocomplete-packages], such as [django-autocomplete-light][django-autocomplete-light], that you may want to refer to. Note that you will not be able to simply include these components as standard widgets, but will need to write the HTML template explicitly. This is because REST framework 3.0 no longer supports the `widget` keyword argument since it now uses templated HTML generation. -*Screenshot of the autocomplete-light widget* +Better support for autocomplete inputs is planned in future versions. --- @@ -175,4 +165,3 @@ You can now add the `autocomplete_light.ChoiceWidget` widget to the serializer f [autocomplete-packages]: https://www.djangopackages.com/grids/g/auto-complete/ [django-autocomplete-light]: https://github.com/yourlabs/django-autocomplete-light [django-autocomplete-light-install]: http://django-autocomplete-light.readthedocs.org/en/latest/#install -[autocomplete-image]: ../img/autocomplete.png -- cgit v1.2.3 From 5a5a73c7fef49899a37721e6c68228ef605e11f8 Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Wed, 26 Nov 2014 11:30:49 +0000 Subject: 3.0 docs and tidy-up for serializer relationships --- docs/api-guide/relations.md | 81 +++++++++++++++++++++++---------------------- 1 file changed, 41 insertions(+), 40 deletions(-) (limited to 'docs') diff --git a/docs/api-guide/relations.md b/docs/api-guide/relations.md index ad981b2b..7d19eba2 100644 --- a/docs/api-guide/relations.md +++ b/docs/api-guide/relations.md @@ -16,6 +16,20 @@ Relational fields are used to represent model relationships. They can be applie --- +#### Inspecting automatically generated relationships. + +When using the `ModelSerializer` class, serializer fields and relationships will be automatically generated for you. Inspecting these automatically generated fields can be a useful tool for determining how to customize the relationship style. + +To do so, open the Django shell, using `python manage.py shell`, then import the serializer class, instantiate it, and print the object representation… + + >>> from myapp.serializers import AccountSerializer + >>> serializer = AccountSerializer() + >>> print repr(serializer) # Or `print(repr(serializer))` in Python 3.x. + AccountSerializer(): + id = IntegerField(label='ID', read_only=True) + name = CharField(allow_blank=True, max_length=100, required=False) + owner = PrimaryKeyRelatedField(queryset=User.objects.all()) + # API Reference In order to explain the various types of relational fields, we'll use a couple of simple models for our examples. Our models will be for music albums, and the tracks listed on each album. @@ -37,14 +51,14 @@ In order to explain the various types of relational fields, we'll use a couple o def __unicode__(self): return '%d: %s' % (self.order, self.title) -## RelatedField +## StringRelatedField -`RelatedField` may be used to represent the target of the relationship using its `__unicode__` method. +`StringRelatedField` may be used to represent the target of the relationship using its `__unicode__` method. For example, the following serializer. class AlbumSerializer(serializers.ModelSerializer): - tracks = serializers.RelatedField(many=True) + tracks = serializers.StringRelatedField(many=True) class Meta: model = Album @@ -99,9 +113,9 @@ By default this field is read-write, although you can change this behavior using **Arguments**: +* `queryset` - The queryset used for model instance lookups when validating the field input. Relationships must either set a queryset explicitly, or set `read_only=True`. * `many` - If applied to a to-many relationship, you should set this argument to `True`. -* `required` - If set to `False`, the field will accept values of `None` or the empty-string for nullable relationships. -* `queryset` - By default `ModelSerializer` classes will use the default queryset for the relationship. `Serializer` classes must either set a queryset explicitly, or set `read_only=True`. +* `allow_null` - If set to `True`, the field will accept values of `None` or the empty string for nullable relationships. Defaults to `False`. ## HyperlinkedRelatedField @@ -110,8 +124,11 @@ By default this field is read-write, although you can change this behavior using For example, the following serializer: class AlbumSerializer(serializers.ModelSerializer): - tracks = serializers.HyperlinkedRelatedField(many=True, read_only=True, - view_name='track-detail') + tracks = serializers.HyperlinkedRelatedField( + many=True, + read_only=True, + view_name='track-detail' + ) class Meta: model = Album @@ -134,11 +151,12 @@ By default this field is read-write, although you can change this behavior using **Arguments**: -* `view_name` - The view name that should be used as the target of the relationship. If you're using [the standard router classes][routers] this wil be a string with the format `-detail`. **required**. +* `view_name` - The view name that should be used as the target of the relationship. If you're using [the standard router classes][routers] this will be a string with the format `-detail`. **required**. +* `queryset` - The queryset used for model instance lookups when validating the field input. Relationships must either set a queryset explicitly, or set `read_only=True`. * `many` - If applied to a to-many relationship, you should set this argument to `True`. -* `required` - If set to `False`, the field will accept values of `None` or the empty-string for nullable relationships. -* `queryset` - By default `ModelSerializer` classes will use the default queryset for the relationship. `Serializer` classes must either set a queryset explicitly, or set `read_only=True`. +* `allow_null` - If set to `True`, the field will accept values of `None` or the empty string for nullable relationships. Defaults to `False`. * `lookup_field` - The field on the target that should be used for the lookup. Should correspond to a URL keyword argument on the referenced view. Default is `'pk'`. +* `lookup_url_kwarg` - The name of the keyword argument defined in the URL conf that corresponds to the lookup field. Defaults to using the same value as `lookup_field`. * `format` - If using format suffixes, hyperlinked fields will use the same format suffix for the target unless overridden by using the `format` argument. ## SlugRelatedField @@ -148,8 +166,11 @@ By default this field is read-write, although you can change this behavior using For example, the following serializer: class AlbumSerializer(serializers.ModelSerializer): - tracks = serializers.SlugRelatedField(many=True, read_only=True, - slug_field='title') + tracks = serializers.SlugRelatedField( + many=True, + read_only=True, + slug_field='title' + ) class Meta: model = Album @@ -175,9 +196,9 @@ When using `SlugRelatedField` as a read-write field, you will normally want to e **Arguments**: * `slug_field` - The field on the target that should be used to represent it. This should be a field that uniquely identifies any given instance. For example, `username`. **required** +* `queryset` - The queryset used for model instance lookups when validating the field input. Relationships must either set a queryset explicitly, or set `read_only=True`. * `many` - If applied to a to-many relationship, you should set this argument to `True`. -* `required` - If set to `False`, the field will accept values of `None` or the empty-string for nullable relationships. -* `queryset` - By default `ModelSerializer` classes will use the default queryset for the relationship. `Serializer` classes must either set a queryset explicitly, or set `read_only=True`. +* `allow_null` - If set to `True`, the field will accept values of `None` or the empty string for nullable relationships. Defaults to `False`. ## HyperlinkedIdentityField @@ -245,9 +266,9 @@ Would serialize to a nested representation like this: # Custom relational fields -To implement a custom relational field, you should override `RelatedField`, and implement the `.to_native(self, value)` method. This method takes the target of the field as the `value` argument, and should return the representation that should be used to serialize the target. +To implement a custom relational field, you should override `RelatedField`, and implement the `.to_representation(self, value)` method. This method takes the target of the field as the `value` argument, and should return the representation that should be used to serialize the target. The `value` argument will typically be a model instance. -If you want to implement a read-write relational field, you must also implement the `.from_native(self, data)` method, and add `read_only = False` to the class definition. +If you want to implement a read-write relational field, you must also implement the `.to_internal_value(self, data)` method. ## Example @@ -256,7 +277,7 @@ For, example, we could define a relational field, to serialize a track to a cust import time class TrackListingField(serializers.RelatedField): - def to_native(self, value): + def to_representation(self, value): duration = time.strftime('%M:%S', time.gmtime(value.duration)) return 'Track %d: %s (%s)' % (value.order, value.name, duration) @@ -350,7 +371,7 @@ We could define a custom field that could be used to serialize tagged instances, A custom field to use for the `tagged_object` generic relationship. """ - def to_native(self, value): + def to_representation(self, value): """ Serialize tagged objects to a simple textual representation. """ @@ -360,9 +381,9 @@ We could define a custom field that could be used to serialize tagged instances, return 'Note: ' + value.text raise Exception('Unexpected type of tagged object') -If you need the target of the relationship to have a nested representation, you can use the required serializers inside the `.to_native()` method: +If you need the target of the relationship to have a nested representation, you can use the required serializers inside the `.to_native()` method: - def to_native(self, value): + def to_representation(self, value): """ Serialize bookmark instances using a bookmark serializer, and note instances using a note serializer. @@ -404,7 +425,6 @@ attributes are not configured to correctly match the URL conf. #### get_object(self, queryset, view_name, view_args, view_kwargs) - This method should the object that corresponds to the matched URL conf arguments. May raise an `ObjectDoesNotExist` exception. @@ -425,25 +445,6 @@ For example, if all your object URLs used both a account and a slug in the the U --- -## Deprecated APIs - -The following classes have been deprecated, in favor of the `many=` syntax. -They continue to function, but their usage will raise a `PendingDeprecationWarning`, which is silent by default. - -* `ManyRelatedField` -* `ManyPrimaryKeyRelatedField` -* `ManyHyperlinkedRelatedField` -* `ManySlugRelatedField` - -The `null=` flag has been deprecated in favor of the `required=` flag. It will continue to function, but will raise a `PendingDeprecationWarning`. - -In the 2.3 release, these warnings will be escalated to a `DeprecationWarning`, which is loud by default. -In the 2.4 release, these parts of the API will be removed entirely. - -For more details see the [2.2 release announcement][2.2-announcement]. - ---- - # Third Party Packages The following third party packages are also available. -- cgit v1.2.3 From 786cab705a37f6b2196560d0e476e5c849420a61 Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Wed, 26 Nov 2014 11:38:48 +0000 Subject: Tweak to 3.0 relationship docs --- docs/api-guide/relations.md | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/api-guide/relations.md b/docs/api-guide/relations.md index 7d19eba2..17009bbc 100644 --- a/docs/api-guide/relations.md +++ b/docs/api-guide/relations.md @@ -245,7 +245,7 @@ For example, the following serializer: fields = ('order', 'title') class AlbumSerializer(serializers.ModelSerializer): - tracks = TrackSerializer(many=True) + tracks = TrackSerializer(many=True, read_only=True) class Meta: model = Album @@ -305,6 +305,16 @@ This custom field would then serialize to the following representation. # Further notes +## The `queryset` argument + +The `queryset` argument is only ever required for *writable* relationship field, in which case it is used for performing the model instance lookup, that maps from the primitive user input, into a model instance. + +In version 2.x a serializer class could *sometimes* automatically determine the `queryset` argument *if* a `ModelSerializer` class was being used. + +This behavior is now replaced with *always* using an explicit `queryset` argument for writable relational fields. + +Doing so reduces the amount of hidden 'magic' that `ModelSerializer` provides, makes the behavior of the field more clear, and ensures that it is trivial to move between using the `ModelSerializer` shortcut, or using fully explicit `Serializer` classes. + ## Reverse relations Note that reverse relationships are not automatically included by the `ModelSerializer` and `HyperlinkedModelSerializer` classes. To include a reverse relationship, you must explicitly add it to the fields list. For example: -- cgit v1.2.3 From 34bd2b782875f93471c346230579cc75e52fb2c9 Mon Sep 17 00:00:00 2001 From: Will Stott Date: Wed, 26 Nov 2014 15:48:08 +0000 Subject: a few typos --- docs/tutorial/1-serialization.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/tutorial/1-serialization.md b/docs/tutorial/1-serialization.md index f9027b68..84ed247a 100644 --- a/docs/tutorial/1-serialization.md +++ b/docs/tutorial/1-serialization.md @@ -206,7 +206,7 @@ Open the file `snippets/serializers.py` again, and edit the `SnippetSerializer` model = Snippet fields = ('id', 'title', 'code', 'linenos', 'language', 'style') -Once nice property that serializers have is that you can inspect all the fields an serializer instance, by printing it's representation. Open the Django shell with `python manange.py shell`, then try the following: +One nice property that serializers have is that you can inspect all the fields in a serializer instance, by printing it's representation. Open the Django shell with `python manange.py shell`, then try the following: >>> from snippets.serializers import SnippetSerializer >>> serializer = SnippetSerializer() -- cgit v1.2.3 From d0e245baba63dd8e2c0a497fc4f65b34b3d25a4a Mon Sep 17 00:00:00 2001 From: Will Stott Date: Wed, 26 Nov 2014 15:51:28 +0000 Subject: grammar --- docs/tutorial/1-serialization.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/tutorial/1-serialization.md b/docs/tutorial/1-serialization.md index 84ed247a..a3c19858 100644 --- a/docs/tutorial/1-serialization.md +++ b/docs/tutorial/1-serialization.md @@ -219,7 +219,7 @@ One nice property that serializers have is that you can inspect all the fields i language = ChoiceField(choices=[('Clipper', 'FoxPro'), ('Cucumber', 'Gherkin'), ('RobotFramework', 'RobotFramework'), ('abap', 'ABAP'), ('ada', 'Ada')... style = ChoiceField(choices=[('autumn', 'autumn'), ('borland', 'borland'), ('bw', 'bw'), ('colorful', 'colorful')... -It's important to remember that `ModelSerializer` classes don't do anything particularly magically, they are simply a shortcut to creating a serializer class with: +It's important to remember that `ModelSerializer` classes don't do anything particularly magical, they are simply a shortcut for creating serializer classes: * An automatically determined set of fields. * Simple default implementations for the `create()` and `update()` methods. -- cgit v1.2.3 From 9b88c096e0627f1f054a50097d653543909662ab Mon Sep 17 00:00:00 2001 From: José Padilla Date: Wed, 26 Nov 2014 18:12:12 -0400 Subject: Remove Third party packages section Information about Third party packages is already covered under the Third Party Resources topic--- docs/topics/contributing.md | 20 -------------------- 1 file changed, 20 deletions(-) (limited to 'docs') diff --git a/docs/topics/contributing.md b/docs/topics/contributing.md index 7654136c..30a9678f 100644 --- a/docs/topics/contributing.md +++ b/docs/topics/contributing.md @@ -198,21 +198,6 @@ If you want to draw attention to a note or warning, use a pair of enclosing line --- -# Third party packages - -New features to REST framework are generally recommended to be implemented as third party libraries that are developed outside of the core framework. Ideally third party libraries should be properly documented and packaged, and made available on PyPI. - -## Getting started - -If you have some functionality that you would like to implement as a third party package it's worth contacting the [discussion group][google-group] as others may be willing to get involved. We strongly encourage third party package development and will always try to prioritize time spent helping their development, documentation and packaging. - -We recommend the [`django-reusable-app`][django-reusable-app] template as a good resource for getting up and running with implementing a third party Django package. - -## Linking to your package - -Once your package is decently documented and available on PyPI open a pull request or issue, and we'll add a link to it from the main REST framework documentation. You can add your package under **Third party packages** of the API Guide section that best applies, like [Authentication][authentication] or [Permissions][permissions]. You can also link your package under the [Third Party Resources][third-party-resources] section. - -We also suggest adding it to the [REST Framework][rest-framework-grid] grid on Django Packages. [cite]: http://www.w3.org/People/Berners-Lee/FAQ.html [code-of-conduct]: https://www.djangoproject.com/conduct/ @@ -226,8 +211,3 @@ We also suggest adding it to the [REST Framework][rest-framework-grid] grid on D [markdown]: http://daringfireball.net/projects/markdown/basics [docs]: https://github.com/tomchristie/django-rest-framework/tree/master/docs [mou]: http://mouapp.com/ -[django-reusable-app]: https://github.com/dabapps/django-reusable-app -[authentication]: ../api-guide/authentication.md -[permissions]: ../api-guide/permissions.md -[third-party-resources]: third-party-resources.md -[rest-framework-grid]: https://www.djangopackages.com/grids/g/django-rest-framework/ -- cgit v1.2.3 From 0262262feefc1a8130cb852a6b710a16ebc24cb9 Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Thu, 27 Nov 2014 08:09:58 +0000 Subject: 3.0 serializer docs --- docs/api-guide/serializers.md | 335 ++++++++++++++++++++++++++---------------- 1 file changed, 206 insertions(+), 129 deletions(-) (limited to 'docs') diff --git a/docs/api-guide/serializers.md b/docs/api-guide/serializers.md index 2d0ff79a..e476d957 100644 --- a/docs/api-guide/serializers.md +++ b/docs/api-guide/serializers.md @@ -10,7 +10,7 @@ will take some serious design work. Serializers allow complex data such as querysets and model instances to be converted to native Python datatypes that can then be easily rendered into `JSON`, `XML` or other content types. Serializers also provide deserialization, allowing parsed data to be converted back into complex types, after first validating the incoming data. -REST framework's serializers work very similarly to Django's `Form` and `ModelForm` classes. It provides a `Serializer` class which gives you a powerful, generic way to control the output of your responses, as well as a `ModelSerializer` class which provides a useful shortcut for creating serializers that deal with model instances and querysets. +The serializers in REST framework work very similarly to Django's `Form` and `ModelForm` classes. We provide a `Serializer` class which gives you a powerful, generic way to control the output of your responses, as well as a `ModelSerializer` class which provides a useful shortcut for creating serializers that deal with model instances and querysets. ## Declaring Serializers @@ -24,7 +24,7 @@ Let's start by creating a simple object we can use for example purposes: comment = Comment(email='leila@example.com', content='foo bar') -We'll declare a serializer that we can use to serialize and deserialize `Comment` objects. +We'll declare a serializer that we can use to serialize and deserialize data that corresponds to `Comment` objects. Declaring a serializer looks very similar to declaring a form: @@ -35,25 +35,9 @@ Declaring a serializer looks very similar to declaring a form: content = serializers.CharField(max_length=200) created = serializers.DateTimeField() - def restore_object(self, attrs, instance=None): - """ - Given a dictionary of deserialized field values, either update - an existing model instance, or create a new model instance. - """ - if instance is not None: - instance.email = attrs.get('email', instance.email) - instance.content = attrs.get('content', instance.content) - instance.created = attrs.get('created', instance.created) - return instance - return Comment(**attrs) - -The first part of serializer class defines the fields that get serialized/deserialized. The `restore_object` method defines how fully fledged instances get created when deserializing data. - -The `restore_object` method is optional, and is only required if we want our serializer to support deserialization into fully fledged object instances. If we don't define this method, then deserializing data will simply return a dictionary of items. - ## Serializing objects -We can now use `CommentSerializer` to serialize a comment, or list of comments. Again, using the `Serializer` class looks a lot like using a `Form` class. +We can now use `CommentSerializer` to serialize a comment, or list of comments. Again, using the `Serializer` class looks a lot like using a `Form` class. serializer = CommentSerializer(comment) serializer.data @@ -67,24 +51,9 @@ At this point we've translated the model instance into Python native datatypes. json # '{"email": "leila@example.com", "content": "foo bar", "created": "2012-08-22T16:20:09.822"}' -### Customizing field representation - -Sometimes when serializing objects, you may not want to represent everything exactly the way it is in your model. - -If you need to customize the serialized value of a particular field, you can do this by creating a `transform_` method. For example if you needed to render some markdown from a text field: - - description = serializers.CharField() - description_html = serializers.CharField(source='description', read_only=True) - - def transform_description_html(self, obj, value): - from django.contrib.markup.templatetags.markup import markdown - return markdown(value) - -These methods are essentially the reverse of `validate_` (see *Validation* below.) - ## Deserializing objects -Deserialization is similar. First we parse a stream into Python native datatypes... +Deserialization is similar. First we parse a stream into Python native datatypes... from StringIO import StringIO from rest_framework.parsers import JSONParser @@ -92,26 +61,90 @@ Deserialization is similar. First we parse a stream into Python native datatype stream = StringIO(json) data = JSONParser().parse(stream) -...then we restore those native datatypes into a fully populated object instance. +...then we restore those native datatypes into a dictionary of validated data. serializer = CommentSerializer(data=data) serializer.is_valid() # True - serializer.object - # + serializer.validated_data + # {'content': 'foo bar', 'email': 'leila@example.com', 'created': datetime.datetime(2012, 08, 22, 16, 20, 09, 822243)} + +## Saving instances + +If we want to be able to return complete object instances based on the validated data we need to implement one or both of the `.create()` and `update()` methods. For example: + + class CommentSerializer(serializers.Serializer): + email = serializers.EmailField() + content = serializers.CharField(max_length=200) + created = serializers.DateTimeField() + + def create(self, validated_data): + return Comment(**validated_data) + + def update(self, instance, validated_data): + instance.email = validated_data.get('email', instance.email) + instance.content = validated_data.get('content', instance.content) + instance.created = validated_data.get('created', instance.created) + return instance + +If your object instances correspond to Django models you'll also want to ensure that these methods save the object to the database. For example, if `Comment` was a Django model, the methods might look like this: + + def create(self, validated_data): + return Comment.objcts.create(**validated_data) + + def update(self, instance, validated_data): + instance.email = validated_data.get('email', instance.email) + instance.content = validated_data.get('content', instance.content) + instance.created = validated_data.get('created', instance.created) + instance.save() + return instance + +Now when deserializing data, we can call `.save()` to return an object instance, based on the validated data. + + comment = serializer.save() + +Calling `.save()` will either create a new instance, or update an existing instance, depending on if an existing instance was passed when instantiating the serializer class: + + # .save() will create a new instance. + serializer = CommentSerializer(data=data) + + # .save() will update the existing `comment` instance. + serializer = CommentSerializer(comment, data=data) -When deserializing data, we can either create a new instance, or update an existing instance. +Both the `.create()` and `.update()` methods are optional. You can implement either neither, one, or both of them, depending on the use-case for your serializer class. - serializer = CommentSerializer(data=data) # Create new instance - serializer = CommentSerializer(comment, data=data) # Update `comment` +#### Passing additional attributes to `.save()` -By default, serializers must be passed values for all required fields or they will throw validation errors. You can use the `partial` argument in order to allow partial updates. +Sometimes you'll want your view code to be able to inject additional data at the point of saving the instance. This additional data might include information like the current user, the current time, or anything else that is not part of the request data. - serializer = CommentSerializer(comment, data={'content': u'foo bar'}, partial=True) # Update `comment` with partial data +You can do so by including additional keyword arguments when calling `.save()`. For example: + + serializer.save(owner=request.user) + +Any additional keyword arguments will be included in the `validated_data` argument when `.create()` or `.update()` are called. + +#### Overriding `.save()` directly. + +In some cases the `.create()` and `.update()` method names may not be meaningful. For example, in a contact form we may not be creating new instances, but instead sending an email or other message. + +In these cases you might instead choose to override `.save()` directly, as being more readable and meaningful. + +For example: + + class ContactForm(serializers.Serializer): + email = serializers.EmailField() + message = serializers.CharField() + + def save(self): + email = self.validated_data['email'] + message = self.validated_data['message'] + send_email(from=email, message=message) + +Note that in the case above we're now having to access the serializer `.validated_data` property directly. ## Validation -When deserializing data, you always need to call `is_valid()` before attempting to access the deserialized object. If any validation errors occur, the `.errors` property will contain a dictionary representing the resulting error messages. For example: +When deserializing data, you always need to call `is_valid()` before attempting to access the validated data, or save an object instance. If any validation errors occur, the `.errors` property will contain a dictionary representing the resulting error messages. For example: serializer = CommentSerializer(data={'email': 'foobar', 'content': 'baz'}) serializer.is_valid() @@ -119,17 +152,26 @@ When deserializing data, you always need to call `is_valid()` before attempting serializer.errors # {'email': [u'Enter a valid e-mail address.'], 'created': [u'This field is required.']} -Each key in the dictionary will be the field name, and the values will be lists of strings of any error messages corresponding to that field. The `non_field_errors` key may also be present, and will list any general validation errors. +Each key in the dictionary will be the field name, and the values will be lists of strings of any error messages corresponding to that field. The `non_field_errors` key may also be present, and will list any general validation errors. The name of the `non_field_errors` key may be customized using the `NON_FIELD_ERRORS_KEY` REST framework setting. When deserializing a list of items, errors will be returned as a list of dictionaries representing each of the deserialized items. +#### Raising an exception on invalid data + +The `.is_valid()` method takes an optional `raise_exception` flag that will cause it to raise a `serializers.ValidationError` exception if there are validation errors. + +These exceptions are automatically dealt with by the default exception handler that REST framework provides, and will return `HTTP 400 Bad Request` responses by default. + + # Return a 400 response if the data was invalid. + serializer.is_valid(raise_exception=True) + #### Field-level validation -You can specify custom field-level validation by adding `.validate_` methods to your `Serializer` subclass. These are analogous to `.clean_` methods on Django forms, but accept slightly different arguments. +You can specify custom field-level validation by adding `.validate_` methods to your `Serializer` subclass. These are similar to the `.clean_` methods on Django forms. -They take a dictionary of deserialized attributes as a first argument, and the field name in that dictionary as a second argument (which will be either the name of the field or the value of the `source` argument to the field, if one was provided). +These methods take a single argument, which is the field value that requires validation. -Your `validate_` methods should either just return the `attrs` dictionary or raise a `ValidationError`. For example: +Your `validate_` methods should return the validated value or raise a `ValidationError`. For example: from rest_framework import serializers @@ -137,18 +179,17 @@ Your `validate_` methods should either just return the `attrs` dictio title = serializers.CharField(max_length=100) content = serializers.CharField() - def validate_title(self, attrs, source): + def validate_title(self, value): """ Check that the blog post is about Django. """ - value = attrs[source] - if "django" not in value.lower(): + if 'django' not in value.lower(): raise serializers.ValidationError("Blog post is not about Django") - return attrs + return value #### Object-level validation -To do any other validation that requires access to multiple fields, add a method called `.validate()` to your `Serializer` subclass. This method takes a single argument, which is the `attrs` dictionary. It should raise a `ValidationError` if necessary, or just return `attrs`. For example: +To do any other validation that requires access to multiple fields, add a method called `.validate()` to your `Serializer` subclass. This method takes a single argument, which is a dictionary of field values. It should raise a `ValidationError` if necessary, or just return the validated values. For example: from rest_framework import serializers @@ -157,24 +198,48 @@ To do any other validation that requires access to multiple fields, add a method start = serializers.DateTimeField() finish = serializers.DateTimeField() - def validate(self, attrs): + def validate(self, data): """ Check that the start is before the stop. """ - if attrs['start'] > attrs['finish']: + if data['start'] > data['finish']: raise serializers.ValidationError("finish must occur after start") - return attrs + return data + +#### Validators + +Individual fields on a serializer can include validators, by declaring them on the field instance, for example: + + def multiple_of_ten(value): + if value % 10 != 0: + raise serializers.ValidationError('Not a multiple of ten') -## Saving object state + class GameRecord(serializers.Serializer): + score = IntegerField(validators=[multiple_of_ten]) + ... -To save the deserialized objects created by a serializer, call the `.save()` method: +Serializer classes can also include reusable validators that are applied to the complete set of field data. These validators are included by declaring them on an inner `Meta` class, like so: + + class EventSerializer(serializers.Serializer): + name = serializers.CharField() + room_number = serializers.IntegerField(choices=[101, 102, 103, 201]) + date = serializers.DateField() + + class Meta: + # Each room only has one event per day. + validators = UniqueTogetherValidator( + queryset=Event.objects.all(), + fields=['room_number', 'date'] + ) - if serializer.is_valid(): - serializer.save() +For more information see the [validators documentation](validators.md). -The default behavior of the method is to simply call `.save()` on the deserialized object instance. You can override the default save behaviour by overriding the `.save_object(obj)` method on the serializer class. +## Partial updates -The generic views provided by REST framework call the `.save()` method when updating or creating entities. +By default, serializers must be passed values for all required fields or they will raise validation errors. You can use the `partial` argument in order to allow partial updates. + + # Update `comment` with partial data + serializer = CommentSerializer(comment, data={'content': u'foo bar'}, partial=True) ## Dealing with nested objects @@ -214,6 +279,8 @@ Validation of nested objects will work the same as before. Errors with nested o serializer.errors # {'user': {'email': [u'Enter a valid e-mail address.']}, 'created': [u'This field is required.']} +**TODO** Document create and update for nested serializers + ## Dealing with multiple objects The `Serializer` class can also handle serializing or deserializing lists of objects. @@ -233,6 +300,8 @@ To serialize a queryset or list of objects instead of a single object instance, #### Deserializing multiple objects for creation +**TODO** + To deserialize a list of object data, and create multiple object instances in a single pass, you should also set the `many=True` flag, and pass a list of data to be deserialized. This allows you to write views that create multiple items when a `POST` request is made. @@ -250,6 +319,8 @@ For example: #### Deserializing multiple objects for update +**TODO** + You can also deserialize a list of objects as part of a bulk update of multiple existing items. In this case you need to supply both an existing list or queryset of items, as well as a list of data to update those items with. @@ -278,32 +349,6 @@ When performing a bulk update you may want to allow new items to be created, and Passing `allow_add_remove=True` ensures that any update operations will completely overwrite the existing queryset, rather than simply updating existing objects. -#### How identity is determined when performing bulk updates - -Performing a bulk update is slightly more complicated than performing a bulk creation, because the serializer needs a way to determine how the items in the incoming data should be matched against the existing object instances. - -By default the serializer class will use the `id` key on the incoming data to determine the canonical identity of an object. If you need to change this behavior you should override the `get_identity` method on the `Serializer` class. For example: - - class AccountSerializer(serializers.Serializer): - slug = serializers.CharField(max_length=100) - created = serializers.DateTimeField() - ... # Various other fields - - def get_identity(self, data): - """ - This hook is required for bulk update. - We need to override the default, to use the slug as the identity. - - Note that the data has not yet been validated at this point, - so we need to deal gracefully with incorrect datatypes. - """ - try: - return data.get('slug', None) - except AttributeError: - return None - -To map the incoming data items to their corresponding object instances, the `.get_identity()` method will be called both against the incoming data, and against the serialized representation of the existing objects. - ## Including extra context There are some cases where you need to provide extra context to the serializer in addition to the object being serialized. One common case is if you're using a serializer that includes hyperlinked relations, which requires the serializer to have access to the current request so that it can properly generate fully qualified URLs. @@ -314,28 +359,46 @@ You can provide arbitrary additional context by passing a `context` argument whe serializer.data # {'id': 6, 'owner': u'denvercoder9', 'created': datetime.datetime(2013, 2, 12, 09, 44, 56, 678870), 'details': 'http://example.com/accounts/6/details'} -The context dictionary can be used within any serializer field logic, such as a custom `.to_native()` method, by accessing the `self.context` attribute. +The context dictionary can be used within any serializer field logic, such as a custom `.to_representation()` method, by accessing the `self.context` attribute. + +--- -- # ModelSerializer -Often you'll want serializer classes that map closely to model definitions. -The `ModelSerializer` class lets you automatically create a Serializer class with fields that correspond to the Model fields. +Often you'll want serializer classes that map closely to Django model definitions. + +The `ModelSerializer` class provides a shortcut that lets you automatically create a `Serializer` class with fields that correspond to the Model fields. + +**The `ModelSerializer` class is the same as a regular `Serializer` class, except that**: + +* It will automatically generate a set of fields for you, based on the model. +* It will automatically generate validators for the serializer, such as unique_together validators. +* It includes simple default implementations of `.create()` and `.update()`. + +Declaring a `ModelSerializer` looks like this: class AccountSerializer(serializers.ModelSerializer): class Meta: model = Account -By default, all the model fields on the class will be mapped to corresponding serializer fields. +By default, all the model fields on the class will be mapped to a corresponding serializer fields. -Any relationships such as foreign keys on the model will be mapped to `PrimaryKeyRelatedField`. Other models fields will be mapped to a corresponding serializer field. +Any relationships such as foreign keys on the model will be mapped to `PrimaryKeyRelatedField`. Reverse relationships are not included by default unless explicitly included as described below. ---- +#### Inspecting the generated `ModelSerializer` class. -**Note**: When validation is applied to a `ModelSerializer`, both the serializer fields, and their corresponding model fields must correctly validate. If you have optional fields on your model, make sure to correctly set `blank=True` on the model field, as well as setting `required=False` on the serializer field. +Serializer classes generate helpful verbose representation strings, that allow you to fully inspect the state of their fields. This is particularly useful when working with `ModelSerializers` where you want to determine what set of fields and validators are being automatically created for you. ---- +To do so, open the Django shell, using `python manage.py shell`, then import the serializer class, instantiate it, and print the object representation… + >>> from myapp.serializers import AccountSerializer + >>> serializer = AccountSerializer() + >>> print repr(serializer) # Or `print(repr(serializer))` in Python 3.x. + AccountSerializer(): + id = IntegerField(label='ID', read_only=True) + name = CharField(allow_blank=True, max_length=100, required=False) + owner = PrimaryKeyRelatedField(queryset=User.objects.all()) + ## Specifying which fields should be included If you only want a subset of the default fields to be used in a model serializer, you can do so using `fields` or `exclude` options, just as you would with a `ModelForm`. @@ -347,6 +410,10 @@ For example: model = Account fields = ('id', 'account_name', 'users', 'created') +The names in the `fields` option will normally map to model fields on the model class. + +Alternatively names in the `fields` options can map to properties or methods which take no arguments that exist on the model class. + ## Specifying nested serialization The default `ModelSerializer` uses primary keys for relationships, but you can also easily generate nested representations using the `depth` option: @@ -361,9 +428,24 @@ The `depth` option should be set to an integer value that indicates the depth of If you want to customize the way the serialization is done (e.g. using `allow_add_remove`) you'll need to define the field yourself. +## Specifying fields explicitly + +You can add extra fields to a `ModelSerializer` or override the default fields by declaring fields on the class, just as you would for a `Serializer` class. + + class AccountSerializer(serializers.ModelSerializer): + url = serializers.CharField(source='get_absolute_url', read_only=True) + groups = serializers.PrimaryKeyRelatedField(many=True) + + class Meta: + model = Account + +Extra fields can correspond to any property or callable on the model. + ## Specifying which fields should be read-only -You may wish to specify multiple fields as read-only. Instead of adding each field explicitly with the `read_only=True` attribute, you may use the `read_only_fields` Meta option, like so: +You may wish to specify multiple fields as read-only. Instead of adding each field explicitly with the `read_only=True` attribute, you may use the shortcut Meta option, `read_only_fields`. + +This option should be a list or tuple of field names, and is declared as follows: class AccountSerializer(serializers.ModelSerializer): class Meta: @@ -373,38 +455,27 @@ You may wish to specify multiple fields as read-only. Instead of adding each fi Model fields which have `editable=False` set, and `AutoField` fields will be set to read-only by default, and do not need to be added to the `read_only_fields` option. -## Specifying which fields should be write-only +## Specifying additional keyword arguments for fields. + +There is also a shortcut allowing you to specify arbitrary additional keyword arguments on fields, using the `extra_kwargs` option. Similarly to `read_only_fields` this means you do not need to explicitly declare the field on the serializer. -You may wish to specify multiple fields as write-only. Instead of adding each field explicitly with the `write_only=True` attribute, you may use the `write_only_fields` Meta option, like so: +This option is a dictionary, mapping field names to a dictionary of keyword arguments. For example: class CreateUserSerializer(serializers.ModelSerializer): class Meta: model = User fields = ('email', 'username', 'password') - write_only_fields = ('password',) # Note: Password field is write-only - - def restore_object(self, attrs, instance=None): - """ - Instantiate a new User instance. - """ - assert instance is None, 'Cannot update users with CreateUserSerializer' - user = User(email=attrs['email'], username=attrs['username']) - user.set_password(attrs['password']) + extra_kwargs = {'password': {'write_only': True}} + + def create(self, validated_data): + user = User( + email=validated_data['email'], + username=validated_data['username'] + ) + user.set_password(validated_data['password']) + user.save() return user -## Specifying fields explicitly - -You can add extra fields to a `ModelSerializer` or override the default fields by declaring fields on the class, just as you would for a `Serializer` class. - - class AccountSerializer(serializers.ModelSerializer): - url = serializers.CharField(source='get_absolute_url', read_only=True) - groups = serializers.PrimaryKeyRelatedField(many=True) - - class Meta: - model = Account - -Extra fields can correspond to any property or callable on the model. - ## Relational fields When serializing model instances, there are a number of different ways you might choose to represent relationships. The default representation for `ModelSerializer` is to use the primary keys of the related instances. @@ -415,7 +486,7 @@ For full details see the [serializer relations][relations] documentation. ## Inheritance of the 'Meta' class -The inner `Meta` class on serializers is not inherited from parent classes by default. This is the same behaviour as with Django's `Model` and `ModelForm` classes. If you want the `Meta` class to inherit from a parent class you must do so explicitly. For example: +The inner `Meta` class on serializers is not inherited from parent classes by default. This is the same behavior as with Django's `Model` and `ModelForm` classes. If you want the `Meta` class to inherit from a parent class you must do so explicitly. For example: class AccountSerializer(MyBaseSerializer): class Meta(MyBaseSerializer.Meta): @@ -446,7 +517,7 @@ There needs to be a way of determining which views should be used for hyperlinki By default hyperlinks are expected to correspond to a view name that matches the style `'{model_name}-detail'`, and looks up the instance by a `pk` keyword argument. -You can change the field that is used for object lookups by setting the `lookup_field` option. The value of this option should correspond both with a kwarg in the URL conf, and with a field on the model. For example: +You can change the field that is used for object lookups by setting the `lookup_field` option. The value of this option should correspond both with a kwarg in the URL conf, and with a field on the model. For example: class AccountSerializer(serializers.HyperlinkedModelSerializer): class Meta: @@ -460,8 +531,8 @@ For more specific requirements such as specifying a different lookup for each fi class AccountSerializer(serializers.HyperlinkedModelSerializer): url = serializers.HyperlinkedIdentityField( - view_name='account_detail', - lookup_field='account_name' + view_name='account-detail', + lookup_field='slug' ) users = serializers.HyperlinkedRelatedField( view_name='user-detail', @@ -486,7 +557,7 @@ You can also override this on a per-serializer basis by using the `url_field_nam fields = ('account_url', 'account_name', 'users', 'created') url_field_name = 'account_url' -**Note**: The generic view implementations normally generate a `Location` header in response to successful `POST` requests. Serializers using `url_field_name` option will not have this header automatically included by the view. If you need to do so you will ned to also override the view's `get_success_headers()` method. +**Note**: The generic view implementations normally generate a `Location` header in response to successful `POST` requests. Serializers using `url_field_name` option will not have this header automatically included by the view. If you need to do so you will ned to also override the view's `get_success_headers()` method. You can also override the URL field's view name and lookup field without overriding the field explicitly, by using the `view_name` and `lookup_field` options, like so: @@ -499,8 +570,12 @@ You can also override the URL field's view name and lookup field without overrid --- +**TODO**: ListSerializer, BaseSerializer, overriding `to_representation` on serializers. + # Advanced serializer usage +**TODO**: Tweak section below + You can create customized subclasses of `ModelSerializer` or `HyperlinkedModelSerializer` that use a different set of default fields. Doing so should be considered advanced usage, and will only be needed if you have some particular serializer requirements that you often need to repeat. @@ -528,7 +603,7 @@ For example, if you wanted to be able to set which fields should be used by a se # Instantiate the superclass normally super(DynamicFieldsModelSerializer, self).__init__(*args, **kwargs) - if fields: + if fields is not None: # Drop any fields that are not specified in the `fields` argument. allowed = set(fields) existing = set(self.fields.keys()) @@ -548,7 +623,9 @@ This would then allow you to do the following: >>> print UserSerializer(user, fields=('id', 'email')) {'id': 2, 'email': 'jon@example.com'} -## Customising the default fields +## Customizing the default fields + +**TODO**: Remove and note incoming API. The `field_mapping` attribute is a dictionary that maps model classes to serializer classes. Overriding the attribute will let you set a different set of default serializer classes. -- cgit v1.2.3 From 2fe6709769048944127c8c48af4364101914e690 Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Thu, 27 Nov 2014 11:00:57 +0000 Subject: Fix sponsor images for mkdocs --- docs/topics/kickstarter-announcement.md | 142 ++++++++++++++++---------------- 1 file changed, 71 insertions(+), 71 deletions(-) (limited to 'docs') diff --git a/docs/topics/kickstarter-announcement.md b/docs/topics/kickstarter-announcement.md index e8bad95b..91ead751 100644 --- a/docs/topics/kickstarter-announcement.md +++ b/docs/topics/kickstarter-announcement.md @@ -43,20 +43,20 @@ We've now blazed way past all our goals, with a staggering £30,000 (~$50,000), Our platinum sponsors have each made a hugely substantial contribution to the future development of Django REST framework, and I simply can't thank them enough.
    @@ -68,31 +68,31 @@ Our platinum sponsors have each made a hugely substantial contribution to the fu Our gold sponsors include companies large and small. Many thanks for their significant funding of the project and their commitment to sustainable open-source development. @@ -105,41 +105,41 @@ Our gold sponsors include companies large and small. Many thanks for their signi The serious financial contribution that our silver sponsors have made is very much appreciated. I'd like to say a particular thank you to individuals who have choosen to privately support the project at this level.
    -- cgit v1.2.3 From c61c59f8b7260f0d6beb95c34f531e8c6c5929c9 Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Thu, 27 Nov 2014 17:01:46 +0000 Subject: Notes on removal of Field.validate() and Serializer.transform_ --- docs/topics/3.0-announcement.md | 40 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 40 insertions(+) (limited to 'docs') diff --git a/docs/topics/3.0-announcement.md b/docs/topics/3.0-announcement.md index f20a4296..c925b5f0 100644 --- a/docs/topics/3.0-announcement.md +++ b/docs/topics/3.0-announcement.md @@ -199,6 +199,33 @@ Alternatively if you want the errors to be against a specific field, use a dicti This ensures you can still write validation that compares all the input fields, but that marks the error against a particular field. +#### Removal of `transform_`. + +The under-used `transform_` on serializer classes is no longer provided. Instead you should just override `to_representation()` if you need to apply any modifications to the representation style. + +For example: + + def to_representation(self, instance): + ret = super(UserSerializer, self).to_representation(instance) + ret['username'] = ret['username'].lower() + return ret + +Dropping the extra point of API means there's now only one right way to do things. This helps with repetition and reinforcement of the core API, rather than having multiple differing approaches. + +If you absolutely need to preserve `transform_` behavior, for example, in order to provide a simpler 2.x to 3.0 upgrade, you can use a mixin, or serializer base class that add the behavior back in. For example: + + class BaseModelSerializer(ModelSerializer): + """ + A custom ModelSerializer class that preserves 2.x style `transform_` behavior. + """ + def to_representation(self, instance): + ret = super(BaseModelSerializer, self).to_representation(instance) + for key, value in ret.items(): + method = getattr(self, 'transform_' + key, None) + if method is not None: + ret[key] = method(value) + return ret + #### Differences between ModelSerializer validation and ModelForm. This change also means that we no longer use the `.full_clean()` method on model instances, but instead perform all validation explicitly on the serializer. This gives a cleaner separation, and ensures that there's no automatic validation behavior on `ModelSerializer` classes that can't also be easily replicated on regular `Serializer` classes. @@ -544,6 +571,19 @@ The `default` argument is also available and always implies that the field is no The previous field implementations did not forcibly coerce returned values into the correct type in many cases. For example, an `IntegerField` would return a string output if the attribute value was a string. We now more strictly coerce to the correct return type, leading to more constrained and expected behavior. +#### Removal of `.validate()`. + +The `.validate()` method is now removed from field classes. This method was in any case undocumented and not public API. You should instead simply override `to_internal_value()`. + + class UppercaseCharField(serializers.CharField): + def to_internal_value(self, data): + value = super(UppercaseCharField, self).to_internal_value(data) + if value != value.upper(): + raise serializers.ValidationError('The input should be uppercase only.') + return value + +Previously validation errors could be raised in either `.to_native()` or `.validate()`, making it non-obvious which should be used. Providing only a single point of API ensures more repetition and reinforcement of the core API. + #### The `ListField` class. The `ListField` class has now been added. This field validates list input. It takes a `child` keyword argument which is used to specify the field used to validate each item in the list. For example: -- cgit v1.2.3 From 34ca8cd2a5c030d9acc89720876ba9583c1dc988 Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Fri, 28 Nov 2014 09:56:44 +0000 Subject: Moar docs. Amazing. --- docs/api-guide/serializers.md | 306 ++++++++++++++++++++++++++++++++++------ docs/topics/3.0-announcement.md | 12 +- 2 files changed, 270 insertions(+), 48 deletions(-) (limited to 'docs') diff --git a/docs/api-guide/serializers.md b/docs/api-guide/serializers.md index e476d957..6c370f75 100644 --- a/docs/api-guide/serializers.md +++ b/docs/api-guide/serializers.md @@ -167,11 +167,11 @@ These exceptions are automatically dealt with by the default exception handler t #### Field-level validation -You can specify custom field-level validation by adding `.validate_` methods to your `Serializer` subclass. These are similar to the `.clean_` methods on Django forms. +You can specify custom field-level validation by adding `.validate_` methods to your `Serializer` subclass. These are similar to the `.clean_` methods on Django forms. These methods take a single argument, which is the field value that requires validation. -Your `validate_` methods should return the validated value or raise a `ValidationError`. For example: +Your `validate_` methods should return the validated value or raise a `serializers.ValidationError`. For example: from rest_framework import serializers @@ -317,6 +317,20 @@ For example: # True serializer.save() # `.save()` will be called on each deserialized instance +The default implementation for multiple object creation is to simply call `.create()` for each item in the list. If you want to customize this behavior, you'll need to customize the `.create()` method on `ListSerializer` class that is used when `many=True` is passed. + +For example: + + class BookListSerializer(serializers.ListSerializer): + def create(self, validated_data): + books = [Book(**item) for item in validated_data] + return Book.objects.bulk_create(books) + + class BookSerializer(serializers.Serializer): + … + class Meta: + list_serializer_class = BookListSerializer + #### Deserializing multiple objects for update **TODO** @@ -570,15 +584,253 @@ You can also override the URL field's view name and lookup field without overrid --- -**TODO**: ListSerializer, BaseSerializer, overriding `to_representation` on serializers. +# ListSerializer + +The `ListSerializer` class provides the behavior for serializing and validating multiple objects at once. You won't *typically* need to use `ListSerializer` directly, but should instead simply pass `many=True` when instantiating a serializer. + +When a serializer is instantiated and `many=True` is passed, a `ListSerializer` instance will be created. The serializer class then becomes a child of the parent `ListSerializer` + +There *are* a few use cases when you might want to customize the `ListSerializer` behavior. For example: + +* You want to provide particular validation of the lists, such as always ensuring that there is at least one element in a list. +* You want to customize the create or update behavior of multiple objects. + +For these cases you can modify the class that is used when `many=True` is passed, by using the `list_serializer_class` option on the serializer `Meta` class. + +For example: + + class CustomListSerializer(serializers.ListSerializer): + ... + + class CustomSerializer(serializers.Serializer): + ... + class Meta: + list_serializer_class = CustomListSerializer + +#### Customizing `.create()` for multiple objects. + +The default implementation for multiple object creation is to simply call `.create()` for each item in the list. If you want to customize this behavior, you'll need to customize the `.create()` method on `ListSerializer` class that is used when `many=True` is passed. + +For example: + + class BookListSerializer(serializers.ListSerializer): + def create(self, validated_data): + books = [Book(**item) for item in validated_data] + return Book.objects.bulk_create(books) + + class BookSerializer(serializers.Serializer): + ... + class Meta: + list_serializer_class = BookListSerializer + +#### Customizing `.update()` for multiple objects. + +By default the `ListSerializer` class does not support multiple updates. This is because the behavior that should be expected for insertions and deletions is ambiguous. + +To support multiple updates you'll need to do so explicitly. When writing your multiple update code make sure to keep the following in mind: + +* How do you determine which instance should be updated for each item in the list of data? +* How should insertions be handled? Are they invalid, or do they create new objects? +* How should removals be handled? Do they imply object deletion, or removing a relationship? Should they be silently ignored, or are they invalid? +* How should ordering be handled? Does changing the position of two items imply any state change or is it ignored? + +Here's an example of how you might choose to implement multiple updates: + + class BookListSerializer(serializers.ListSerializer): + def update(self, instance, validated_data): + # Maps for id->instance and id->data item. + book_mapping = {book.id: book for book in instance} + data_mapping = {item['id']: item for item in validated_data} + + # Perform creations and updates. + ret = [] + for book_id, data in data_mapping.items(): + book = book_mapping.get(book_id, None): + if book is None: + ret.append(self.child.create(data)) + else: + ret.append(self.child.update(book, data)) + + # Perform deletions. + for book_id, book in book_mapping.items(): + if book_id not in data_mapping: + book.delete() + + return ret + + class BookSerializer(serializers.Serializer): + ... + class Meta: + list_serializer_class = BookListSerializer + +--- + +# BaseSerializer + +`BaseSerializer` class that can be used to easily support alternative serialization and deserialization styles. + +This class implements the same basic API as the `Serializer` class: + +* `.data` - Returns the outgoing primitive representation. +* `.is_valid()` - Deserializes and validates incoming data. +* `.validated_data` - Returns the validated incoming data. +* `.errors` - Returns an errors during validation. +* `.save()` - Persists the validated data into an object instance. + +There are four methods that can be overridden, depending on what functionality you want the serializer class to support: + +* `.to_representation()` - Override this to support serialization, for read operations. +* `.to_internal_value()` - Override this to support deserialization, for write operations. +* `.create()` and `.update()` - Overide either or both of these to support saving instances. + +Because this class provides the same interface as the `Serializer` class, you can use it with the existing generic class based views exactly as you would for a regular `Serializer` or `ModelSerializer`. + +The only difference you'll notice when doing so is the `BaseSerializer` classes will not generate HTML forms in the browsable API. This is because the data they return does not include all the field information that would allow each field to be rendered into a suitable HTML input. + +##### Read-only `BaseSerializer` classes. + +To implement a read-only serializer using the `BaseSerializer` class, we just need to override the `.to_representation()` method. Let's take a look at an example using a simple Django model: + + class HighScore(models.Model): + created = models.DateTimeField(auto_now_add=True) + player_name = models.CharField(max_length=10) + score = models.IntegerField() + +It's simple to create a read-only serializer for converting `HighScore` instances into primitive data types. + + class HighScoreSerializer(serializers.BaseSerializer): + def to_representation(self, obj): + return { + 'score': obj.score, + 'player_name': obj.player_name + } + +We can now use this class to serialize single `HighScore` instances: + + @api_view(['GET']) + def high_score(request, pk): + instance = HighScore.objects.get(pk=pk) + serializer = HighScoreSerializer(instance) + return Response(serializer.data) + +Or use it to serialize multiple instances: + + @api_view(['GET']) + def all_high_scores(request): + queryset = HighScore.objects.order_by('-score') + serializer = HighScoreSerializer(queryset, many=True) + return Response(serializer.data) + +##### Read-write `BaseSerializer` classes. + +To create a read-write serializer we first need to implement a `.to_internal_value()` method. This method returns the validated values that will be used to construct the object instance, and may raise a `ValidationError` if the supplied data is in an incorrect format. + +Once you've implemented `.to_internal_value()`, the basic validation API will be available on the serializer, and you will be able to use `.is_valid()`, `.validated_data` and `.errors`. + +If you want to also support `.save()` you'll need to also implement either or both of the `.create()` and `.update()` methods. + +Here's a complete example of our previous `HighScoreSerializer`, that's been updated to support both read and write operations. + + class HighScoreSerializer(serializers.BaseSerializer): + def to_internal_value(self, data): + score = data.get('score') + player_name = data.get('player_name') + + # Perform the data validation. + if not score: + raise ValidationError({ + 'score': 'This field is required.' + }) + if not player_name: + raise ValidationError({ + 'player_name': 'This field is required.' + }) + if len(player_name) > 10: + raise ValidationError({ + 'player_name': 'May not be more than 10 characters.' + }) + + # Return the validated values. This will be available as + # the `.validated_data` property. + return { + 'score': int(score), + 'player_name': player_name + } + + def to_representation(self, obj): + return { + 'score': obj.score, + 'player_name': obj.player_name + } + + def create(self, validated_data): + return HighScore.objects.create(**validated_data) + +#### Creating new generic serializers with `BaseSerializer`. + +The `BaseSerializer` class is also useful if you want to implement new generic serializer classes for dealing with particular serialization styles, or for integrating with alternative storage backends. + +The following class is an example of a generic serializer that can handle coercing arbitrary objects into primitive representations. + + class ObjectSerializer(serializers.BaseSerializer): + """ + A read-only serializer that coerces arbitrary complex objects + into primitive representations. + """ + def to_representation(self, obj): + for attribute_name in dir(obj): + attribute = getattr(obj, attribute_name) + if attribute_name('_'): + # Ignore private attributes. + pass + elif hasattr(attribute, '__call__'): + # Ignore methods and other callables. + pass + elif isinstance(attribute, (str, int, bool, float, type(None))): + # Primitive types can be passed through unmodified. + output[attribute_name] = attribute + elif isinstance(attribute, list): + # Recursively deal with items in lists. + output[attribute_name] = [ + self.to_representation(item) for item in attribute + ] + elif isinstance(attribute, dict): + # Recursively deal with items in dictionaries. + output[attribute_name] = { + str(key): self.to_representation(value) + for key, value in attribute.items() + } + else: + # Force anything else to its string representation. + output[attribute_name] = str(attribute) + +--- # Advanced serializer usage -**TODO**: Tweak section below +## Overriding serialization and deserialization behavior -You can create customized subclasses of `ModelSerializer` or `HyperlinkedModelSerializer` that use a different set of default fields. +If you need to alter the serialization, deserialization or validation of a serializer class you can do so by overriding the `.to_representation()` or `.to_internal_value()` methods. -Doing so should be considered advanced usage, and will only be needed if you have some particular serializer requirements that you often need to repeat. +Some reasons this might be useful include... + +* Adding new behavior for new serializer base classes. +* Modifying the behavior slightly for an existing class. +* Improving serialization performance for a frequently accessed API endpoint that returns lots of data. + +The signatures for these methods are as follows: + +#### `.to_representation(self, obj)` + +Takes the object instance that requires serialization, and should return a primitive representation. Typically this means returning a structure of built-in Python datatypes. The exact types that can be handled will depend on the render classes you have configured for your API. + +#### ``.to_internal_value(self, data)`` + +Takes the unvalidated incoming data as input and should return the validated data that will be made available as `serializer.validated_data`. The return value will also be passed to the `.create()` or `.update()` methods if `.save()` is called on the serializer class. + +If any of the validation fails, then the method should raise a `serializers.ValidationError(errors)`. Typically the `errors` argument here will be a dictionary mapping field names to error messages. + +The `data` argument passed to this method will normally be the value of `request.data`, so the datatype it provides will depend on the parser classes you have configured for your API. ## Dynamically modifying fields @@ -625,47 +877,13 @@ This would then allow you to do the following: ## Customizing the default fields -**TODO**: Remove and note incoming API. - -The `field_mapping` attribute is a dictionary that maps model classes to serializer classes. Overriding the attribute will let you set a different set of default serializer classes. - -For more advanced customization than simply changing the default serializer class you can override various `get__field` methods. Doing so will allow you to customize the arguments that each serializer field is initialized with. Each of these methods may either return a field or serializer instance, or `None`. - -### get_pk_field - -**Signature**: `.get_pk_field(self, model_field)` - -Returns the field instance that should be used to represent the pk field. +REST framework 2 provided an API to allow developers to override how a `ModelSerializer` class would automatically generate the default set of fields. -### get_nested_field - -**Signature**: `.get_nested_field(self, model_field, related_model, to_many)` - -Returns the field instance that should be used to represent a related field when `depth` is specified as being non-zero. - -Note that the `model_field` argument will be `None` for reverse relationships. The `related_model` argument will be the model class for the target of the field. The `to_many` argument will be a boolean indicating if this is a to-one or to-many relationship. - -### get_related_field - -**Signature**: `.get_related_field(self, model_field, related_model, to_many)` - -Returns the field instance that should be used to represent a related field when `depth` is not specified, or when nested representations are being used and the depth reaches zero. - -Note that the `model_field` argument will be `None` for reverse relationships. The `related_model` argument will be the model class for the target of the field. The `to_many` argument will be a boolean indicating if this is a to-one or to-many relationship. - -### get_field - -**Signature**: `.get_field(self, model_field)` - -Returns the field instance that should be used for non-relational, non-pk fields. - -### Example +This API included the `.get_field()`, `.get_pk_field()` and other methods. -The following custom model serializer could be used as a base class for model serializers that should always exclude the pk by default. +Because the serializers have been fundamentally redesigned with 3.0 this API no longer exists. You can still modify the fields that get created but you'll need to refer to the source code, and be aware that if the changes you make are against private bits of API then they may be subject to change. - class NoPKModelSerializer(serializers.ModelSerializer): - def get_pk_field(self, model_field): - return None +A new interface for controlling this behavior is currently planned for REST framework 3.1. --- diff --git a/docs/topics/3.0-announcement.md b/docs/topics/3.0-announcement.md index c925b5f0..9087e2ae 100644 --- a/docs/topics/3.0-announcement.md +++ b/docs/topics/3.0-announcement.md @@ -413,7 +413,11 @@ There are four methods that can be overridden, depending on what functionality y * `.to_representation()` - Override this to support serialization, for read operations. * `.to_internal_value()` - Override this to support deserialization, for write operations. -* `.create()` and `.update()` - Overide either or both of these to support saving instances. +* `.create()` and `.update()` - Override either or both of these to support saving instances. + +Because this class provides the same interface as the `Serializer` class, you can use it with the existing generic class based views exactly as you would for a regular `Serializer` or `ModelSerializer`. + +The only difference you'll notice when doing so is the `BaseSerializer` classes will not generate HTML forms in the browsable API. This is because the data they return does not include all the field information that would allow each field to be rendered into a suitable HTML input. ##### Read-only `BaseSerializer` classes. @@ -498,7 +502,7 @@ Here's a complete example of our previous `HighScoreSerializer`, that's been upd The `BaseSerializer` class is also useful if you want to implement new generic serializer classes for dealing with particular serialization styles, or for integrating with alternative storage backends. -The following class is an example of a generic serializer that can handle coercing aribitrary objects into primitive representations. +The following class is an example of a generic serializer that can handle coercing arbitrary objects into primitive representations. class ObjectSerializer(serializers.BaseSerializer): """ @@ -518,12 +522,12 @@ The following class is an example of a generic serializer that can handle coerci # Primitive types can be passed through unmodified. output[attribute_name] = attribute elif isinstance(attribute, list): - # Recursivly deal with items in lists. + # Recursively deal with items in lists. output[attribute_name] = [ self.to_representation(item) for item in attribute ] elif isinstance(attribute, dict): - # Recursivly deal with items in dictionarys. + # Recursively deal with items in dictionaries. output[attribute_name] = { str(key): self.to_representation(value) for key, value in attribute.items() -- cgit v1.2.3 From 276a2a52eedb97a15d85e059424870bf2d21854d Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Fri, 28 Nov 2014 11:26:35 +0000 Subject: Docs on nested creates/updates and suchlike --- docs/api-guide/serializers.md | 166 +++++++++++++++++++++++++----------------- 1 file changed, 100 insertions(+), 66 deletions(-) (limited to 'docs') diff --git a/docs/api-guide/serializers.md b/docs/api-guide/serializers.md index 6c370f75..cd076b4f 100644 --- a/docs/api-guide/serializers.md +++ b/docs/api-guide/serializers.md @@ -271,7 +271,9 @@ Similarly if a nested representation should be a list of items, you should pass content = serializers.CharField(max_length=200) created = serializers.DateTimeField() -Validation of nested objects will work the same as before. Errors with nested objects will be nested under the field name of the nested object. +## Writable nested representations + +When dealing with nested representations that support deserializing the data, an errors with nested objects will be nested under the field name of the nested object. serializer = CommentSerializer(data={'user': {'email': 'foobar', 'username': 'doe'}, 'content': 'baz'}) serializer.is_valid() @@ -279,89 +281,117 @@ Validation of nested objects will work the same as before. Errors with nested o serializer.errors # {'user': {'email': [u'Enter a valid e-mail address.']}, 'created': [u'This field is required.']} -**TODO** Document create and update for nested serializers +Similarly, the `.validated_data` property will include nested data structures. -## Dealing with multiple objects +#### Writing `.create()` methods for nested representations -The `Serializer` class can also handle serializing or deserializing lists of objects. +If you're supporting writable nested representations you'll need to write `.create()` or `.update()` methods that handle saving multiple objects. -#### Serializing multiple objects +The following example demonstrates how you might handle creating a user with a nested profile object. -To serialize a queryset or list of objects instead of a single object instance, you should pass the `many=True` flag when instantiating the serializer. You can then pass a queryset or list of objects to be serialized. + class UserSerializer(serializers.ModelSerializer): + profile = ProfileSerializer() - queryset = Book.objects.all() - serializer = BookSerializer(queryset, many=True) - serializer.data - # [ - # {'id': 0, 'title': 'The electric kool-aid acid test', 'author': 'Tom Wolfe'}, - # {'id': 1, 'title': 'If this is a man', 'author': 'Primo Levi'}, - # {'id': 2, 'title': 'The wind-up bird chronicle', 'author': 'Haruki Murakami'} - # ] + class Meta: + model = User + fields = ('username', 'email', 'profile') -#### Deserializing multiple objects for creation + def create(self, validated_data): + profile_data = validated_data.pop('profile') + user = User.objects.create(**validated_data) + Profile.objects.create(user=user, **profile_data) + return user -**TODO** +#### Writing `.update()` methods for nested representations -To deserialize a list of object data, and create multiple object instances in a single pass, you should also set the `many=True` flag, and pass a list of data to be deserialized. +For updates you'll want to think carefully about how to handle updates to relationships. For example if the data for the relationship is `None`, or not provided, which of the following should occur? -This allows you to write views that create multiple items when a `POST` request is made. +* Set the relationship to `NULL` in the database. +* Delete the associated instance. +* Ignore the data and leave the instance as it is. +* Raise a validation error. -For example: +Here's an example for an `update()` method on our previous `UserSerializer` class. - data = [ - {'title': 'The bell jar', 'author': 'Sylvia Plath'}, - {'title': 'For whom the bell tolls', 'author': 'Ernest Hemingway'} - ] - serializer = BookSerializer(data=data, many=True) - serializer.is_valid() - # True - serializer.save() # `.save()` will be called on each deserialized instance + def update(self, instance, validated_data): + profile_data = validated_data.pop('profile') + # Unless the application properly enforces that this field is + # always set, the follow could raise a `DoesNotExist`, which + # would need to be handled. + profile = instance.profile + + user.username = validated_data.get('username', instance.username) + user.email = validated_data.get('email', instance.email) + user.save() -The default implementation for multiple object creation is to simply call `.create()` for each item in the list. If you want to customize this behavior, you'll need to customize the `.create()` method on `ListSerializer` class that is used when `many=True` is passed. + profile.is_premium_member = profile_data.get( + 'is_premium_member', + profile.is_premium_member + ) + profile.has_support_contract = profile_data.get( + 'has_support_contract', + profile.has_support_contract + ) + profile.save() -For example: + return user - class BookListSerializer(serializers.ListSerializer): - def create(self, validated_data): - books = [Book(**item) for item in validated_data] - return Book.objects.bulk_create(books) +Because the behavior of nested creates and updates can be ambiguous, and may require complex dependancies between related models, REST framework 3 requires you to always write these methods explicitly. The default `ModelSerializer` `.create()` and `.update()` methods do not include support for writable nested representations. - class BookSerializer(serializers.Serializer): - … - class Meta: - list_serializer_class = BookListSerializer +It is possible that a third party package, providing automatic support some kinds of automatic writable nested representations may be released alongside the 3.1 release. -#### Deserializing multiple objects for update +#### Handling saving related instances in model manager classes -**TODO** +An alternative to saving multiple related instances in the serializer is to write custom model manager classes handle creating the correct instances. -You can also deserialize a list of objects as part of a bulk update of multiple existing items. -In this case you need to supply both an existing list or queryset of items, as well as a list of data to update those items with. +For example, suppose we wanted to ensure that `User` instances and `Profile` instances are always created together as a pair. We might write a custom manager class that looks something like this: -This allows you to write views that update or create multiple items when a `PUT` request is made. + class UserManager(models.Manager): + ... - # Capitalizing the titles of the books - queryset = Book.objects.all() - data = [ - {'id': 3, 'title': 'The Bell Jar', 'author': 'Sylvia Plath'}, - {'id': 4, 'title': 'For Whom the Bell Tolls', 'author': 'Ernest Hemingway'} - ] - serializer = BookSerializer(queryset, data=data, many=True) - serializer.is_valid() - # True - serializer.save() # `.save()` will be called on each updated or newly created instance. + def create(self, username, email, is_premium_member=False, has_support_contract=False): + user = User(username=username, email=email) + user.save() + profile = Profile( + user=user, + is_premium_member=is_premium_member, + has_support_contract=has_support_contract + ) + profile.save() + return user -By default bulk updates will be limited to updating instances that already exist in the provided queryset. +This manager class now more nicely encapsulates that user instances and profile instances are always created at the same time. Our `.create()` method on the serializer class can now be re-written to use the new manager method. -When performing a bulk update you may want to allow new items to be created, and missing items to be deleted. To do so, pass `allow_add_remove=True` to the serializer. + def create(self, validated_data): + return User.objects.create( + username=validated_data['username'], + email=validated_data['email'] + is_premium_member=validated_data['profile']['is_premium_member'] + has_support_contract=validated_data['profile']['has_support_contract'] + ) - serializer = BookSerializer(queryset, data=data, many=True, allow_add_remove=True) - serializer.is_valid() - # True - serializer.save() # `.save()` will be called on updated or newly created instances. - # `.delete()` will be called on any other items in the `queryset`. +For more details on this approach see the Django documentation on [model managers](model-managers), and [this blogpost on using model and manger classes](encapsulation-blogpost). -Passing `allow_add_remove=True` ensures that any update operations will completely overwrite the existing queryset, rather than simply updating existing objects. +## Dealing with multiple objects + +The `Serializer` class can also handle serializing or deserializing lists of objects. + +#### Serializing multiple objects + +To serialize a queryset or list of objects instead of a single object instance, you should pass the `many=True` flag when instantiating the serializer. You can then pass a queryset or list of objects to be serialized. + + queryset = Book.objects.all() + serializer = BookSerializer(queryset, many=True) + serializer.data + # [ + # {'id': 0, 'title': 'The electric kool-aid acid test', 'author': 'Tom Wolfe'}, + # {'id': 1, 'title': 'If this is a man', 'author': 'Primo Levi'}, + # {'id': 2, 'title': 'The wind-up bird chronicle', 'author': 'Haruki Murakami'} + # ] + +#### Deserializing multiple objects + +The default behavior for deserializing multiple objects is to support multiple object creation, but not support multiple object updates. For more information on how to support or customize either of these cases, see the [ListSerializer](#ListSerializer) documentation below. ## Including extra context @@ -399,7 +429,7 @@ By default, all the model fields on the class will be mapped to a corresponding Any relationships such as foreign keys on the model will be mapped to `PrimaryKeyRelatedField`. Reverse relationships are not included by default unless explicitly included as described below. -#### Inspecting the generated `ModelSerializer` class. +#### Inspecting a `ModelSerializer` Serializer classes generate helpful verbose representation strings, that allow you to fully inspect the state of their fields. This is particularly useful when working with `ModelSerializers` where you want to determine what set of fields and validators are being automatically created for you. @@ -607,7 +637,7 @@ For example: class Meta: list_serializer_class = CustomListSerializer -#### Customizing `.create()` for multiple objects. +#### Customizing multiple create The default implementation for multiple object creation is to simply call `.create()` for each item in the list. If you want to customize this behavior, you'll need to customize the `.create()` method on `ListSerializer` class that is used when `many=True` is passed. @@ -623,7 +653,7 @@ For example: class Meta: list_serializer_class = BookListSerializer -#### Customizing `.update()` for multiple objects. +#### Customizing multiple update By default the `ListSerializer` class does not support multiple updates. This is because the behavior that should be expected for insertions and deletions is ambiguous. @@ -663,6 +693,8 @@ Here's an example of how you might choose to implement multiple updates: class Meta: list_serializer_class = BookListSerializer +It is possible that a third party package may be included alongside the 3.1 release that provides some automatic support for multiple update operations, similar to the `allow_add_remove` behavior that was present in REST framework 2. + --- # BaseSerializer @@ -687,7 +719,7 @@ Because this class provides the same interface as the `Serializer` class, you ca The only difference you'll notice when doing so is the `BaseSerializer` classes will not generate HTML forms in the browsable API. This is because the data they return does not include all the field information that would allow each field to be rendered into a suitable HTML input. -##### Read-only `BaseSerializer` classes. +##### Read-only `BaseSerializer` classes To implement a read-only serializer using the `BaseSerializer` class, we just need to override the `.to_representation()` method. Let's take a look at an example using a simple Django model: @@ -721,7 +753,7 @@ Or use it to serialize multiple instances: serializer = HighScoreSerializer(queryset, many=True) return Response(serializer.data) -##### Read-write `BaseSerializer` classes. +##### Read-write `BaseSerializer` classes To create a read-write serializer we first need to implement a `.to_internal_value()` method. This method returns the validated values that will be used to construct the object instance, and may raise a `ValidationError` if the supplied data is in an incorrect format. @@ -766,7 +798,7 @@ Here's a complete example of our previous `HighScoreSerializer`, that's been upd def create(self, validated_data): return HighScore.objects.create(**validated_data) -#### Creating new generic serializers with `BaseSerializer`. +#### Creating new base classes The `BaseSerializer` class is also useful if you want to implement new generic serializer classes for dealing with particular serialization styles, or for integrating with alternative storage backends. @@ -905,6 +937,8 @@ The [django-rest-framework-hstore][django-rest-framework-hstore] package provide [cite]: https://groups.google.com/d/topic/django-users/sVFaOfQi4wY/discussion [relations]: relations.md +[model-managers]: https://docs.djangoproject.com/en/dev/topics/db/managers/ +[encapsulation-blogpost]: http://www.dabapps.com/blog/django-models-and-encapsulation/ [mongoengine]: https://github.com/umutbozkurt/django-rest-framework-mongoengine [django-rest-framework-gis]: https://github.com/djangonauts/django-rest-framework-gis [django-rest-framework-hstore]: https://github.com/djangonauts/django-rest-framework-hstore -- cgit v1.2.3 From 05a86e3d6539f4f33d440daf04fa8b0e9b1e371a Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Fri, 28 Nov 2014 12:51:44 +0000 Subject: Docs. Minor tweaks. --- docs/topics/contributing.md | 1 - docs/topics/rest-hypermedia-hateoas.md | 8 ++++---- 2 files changed, 4 insertions(+), 5 deletions(-) (limited to 'docs') diff --git a/docs/topics/contributing.md b/docs/topics/contributing.md index 30a9678f..99f4fc3c 100644 --- a/docs/topics/contributing.md +++ b/docs/topics/contributing.md @@ -152,7 +152,6 @@ Documentation should be in American English. The tone of the documentation is v Some other tips: * Keep paragraphs reasonably short. -* Use double spacing after the end of sentences. * Don't use abbreviations such as 'e.g.' but instead use the long form, such as 'For example'. ## Markdown style diff --git a/docs/topics/rest-hypermedia-hateoas.md b/docs/topics/rest-hypermedia-hateoas.md index 4e3ccf92..7e6d2408 100644 --- a/docs/topics/rest-hypermedia-hateoas.md +++ b/docs/topics/rest-hypermedia-hateoas.md @@ -1,12 +1,12 @@ # REST, Hypermedia & HATEOAS -> You keep using that word "REST". I do not think it means what you think it means. +> You keep using that word "REST". I do not think it means what you think it means. > > — Mike Amundsen, [REST fest 2012 keynote][cite]. -First off, the disclaimer. The name "Django REST framework" was chosen simply to sure the project would be easily found by developers. Throughout the documentation we try to use the more simple and technically correct terminology of "Web APIs". +First off, the disclaimer. The name "Django REST framework" was decided back in early 2011 and was chosen simply to sure the project would be easily found by developers. Throughout the documentation we try to use the more simple and technically correct terminology of "Web APIs". -If you are serious about designing a Hypermedia APIs, you should look to resources outside of this documentation to help inform your design choices. +If you are serious about designing a Hypermedia API, you should look to resources outside of this documentation to help inform your design choices. The following fall into the "required reading" category. @@ -32,7 +32,7 @@ REST framework also includes [serialization] and [parser]/[renderer] components ## What REST framework doesn't provide. -What REST framework doesn't do is give you is machine readable hypermedia formats such as [HAL][hal], [Collection+JSON][collection], [JSON API][json-api] or HTML [microformats] by default, or the ability to auto-magically create fully HATEOAS style APIs that include hypermedia-based form descriptions and semantically labelled hyperlinks. Doing so would involve making opinionated choices about API design that should really remain outside of the framework's scope. +What REST framework doesn't do is give you is machine readable hypermedia formats such as [HAL][hal], [Collection+JSON][collection], [JSON API][json-api] or HTML [microformats] by default, or the ability to auto-magically create fully HATEOAS style APIs that include hypermedia-based form descriptions and semantically labelled hyperlinks. Doing so would involve making opinionated choices about API design that should really remain outside of the framework's scope. [cite]: http://vimeo.com/channels/restfest/page:2 [dissertation]: http://www.ics.uci.edu/~fielding/pubs/dissertation/top.htm -- cgit v1.2.3 From 66b3daebbd0da8aee178585cae9ebe561494533e Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Fri, 28 Nov 2014 13:14:47 +0000 Subject: Docs. Sponsor call-out. --- docs/topics/3.0-announcement.md | 21 +++++---------------- 1 file changed, 5 insertions(+), 16 deletions(-) (limited to 'docs') diff --git a/docs/topics/3.0-announcement.md b/docs/topics/3.0-announcement.md index 9087e2ae..72268247 100644 --- a/docs/topics/3.0-announcement.md +++ b/docs/topics/3.0-announcement.md @@ -1,19 +1,3 @@ -## Pre-release notes: - -The 3.0 release is now in beta and ready for final testing. You can install the development version directly from GitHub like so: - - pip install https://github.com/tomchristie/django-rest-framework/archive/3.0-beta.zip - -Currently the only known remaining blockers are documentation issues and tickets. Any critical bugs raised in the next week or two will be resolved for the 3.0 release, but otherwise consider this as code-complete. - -Please work through this document throughly in order to understand the API differences that exist between 2.4 and 3.0. - -**Your feedback on the upgrade process and 3.0 changes is hugely important!** - -Please do get in touch via twitter, IRC, a GitHub ticket, or the discussion group. - ---- - # REST framework 3.0 The 3.0 release of Django REST framework is the result of almost four years of iteration and refinement. It comprehensively addresses some of the previous remaining design issues in serializers, fields and the generic views. @@ -22,6 +6,10 @@ This release is incremental in nature. There *are* some breaking API changes, an The difference in quality of the REST framework API and implementation should make writing, maintaining and debugging your application far easier. +3.0 is the first of three releases that have been funded by our recent [Kickstarter campaign](kickstarter.com/projects/tomchristie/django-rest-framework-3). + +As ever, a huge thank you to our many [wonderful sponsors](sponsors). If you're looking for a Django gig, and want to work with smart community-minded folks, you should probably check out that list and see who's hiring. + ## New features Notable features of this new release include: @@ -931,4 +919,5 @@ The 3.2 release is planned to introduce an alternative admin-style interface to You can follow development on the GitHub site, where we use [milestones to indicate planning timescales](https://github.com/tomchristie/django-rest-framework/milestones). +[sponsors]: http://www.django-rest-framework.org/topics/kickstarter-announcement/#sponsors [mixins.py]: https://github.com/tomchristie/django-rest-framework/blob/master/rest_framework/mixins.py -- cgit v1.2.3 From 8e549a76ea0ff6b44e1dcf08ba733a5fbfc004ed Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Fri, 28 Nov 2014 14:26:03 +0000 Subject: Add 2.x notes and links --- docs/api-guide/fields.md | 6 ++++++ docs/api-guide/generic-views.md | 6 ++++++ docs/api-guide/metadata.md | 6 ++++++ docs/api-guide/relations.md | 6 ++++++ docs/api-guide/requests.md | 6 ++++++ docs/api-guide/serializers.md | 6 ++++++ docs/api-guide/validators.md | 6 ++++++ docs/index.md | 2 +- 8 files changed, 43 insertions(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/api-guide/fields.md b/docs/api-guide/fields.md index ca551540..391a52e5 100644 --- a/docs/api-guide/fields.md +++ b/docs/api-guide/fields.md @@ -1,5 +1,11 @@ source: fields.py +--- + +**Note**: This is the documentation for the **version 3.0** of REST framework. Documentation for [version 2.4](http://tomchristie.github.io/rest-framework-2-docs/) is also available. + +--- + # Serializer fields > Each field in a Form class is responsible not only for validating data, but also for "cleaning" it — normalizing it to a consistent format. diff --git a/docs/api-guide/generic-views.md b/docs/api-guide/generic-views.md index 8c1b7dc9..f5bbdfdd 100755 --- a/docs/api-guide/generic-views.md +++ b/docs/api-guide/generic-views.md @@ -1,6 +1,12 @@ source: mixins.py generics.py +--- + +**Note**: This is the documentation for the **version 3.0** of REST framework. Documentation for [version 2.4](http://tomchristie.github.io/rest-framework-2-docs/) is also available. + +--- + # Generic views > Django’s generic views... were developed as a shortcut for common usage patterns... They take certain common idioms and patterns found in view development and abstract them so that you can quickly write common views of data without having to repeat yourself. diff --git a/docs/api-guide/metadata.md b/docs/api-guide/metadata.md index c3f036b7..c3e51148 100644 --- a/docs/api-guide/metadata.md +++ b/docs/api-guide/metadata.md @@ -1,5 +1,11 @@ +--- + +**Note**: This is the documentation for the **version 3.0** of REST framework. Documentation for [version 2.4](http://tomchristie.github.io/rest-framework-2-docs/) is also available. + +--- + # Metadata > [The `OPTIONS`] method allows a client to determine the options and/or requirements associated with a resource, or the capabilities of a server, without implying a resource action or initiating a resource retrieval. diff --git a/docs/api-guide/relations.md b/docs/api-guide/relations.md index 17009bbc..a79b6ea5 100644 --- a/docs/api-guide/relations.md +++ b/docs/api-guide/relations.md @@ -1,5 +1,11 @@ source: relations.py +--- + +**Note**: This is the documentation for the **version 3.0** of REST framework. Documentation for [version 2.4](http://tomchristie.github.io/rest-framework-2-docs/) is also available. + +--- + # Serializer relations > Bad programmers worry about the code. diff --git a/docs/api-guide/requests.md b/docs/api-guide/requests.md index 433d666c..77000ffa 100644 --- a/docs/api-guide/requests.md +++ b/docs/api-guide/requests.md @@ -1,5 +1,11 @@ source: request.py +--- + +**Note**: This is the documentation for the **version 3.0** of REST framework. Documentation for [version 2.4](http://tomchristie.github.io/rest-framework-2-docs/) is also available. + +--- + # Requests > If you're doing REST-based web service stuff ... you should ignore request.POST. diff --git a/docs/api-guide/serializers.md b/docs/api-guide/serializers.md index cd076b4f..4d6c491f 100644 --- a/docs/api-guide/serializers.md +++ b/docs/api-guide/serializers.md @@ -1,5 +1,11 @@ source: serializers.py +--- + +**Note**: This is the documentation for the **version 3.0** of REST framework. Documentation for [version 2.4](http://tomchristie.github.io/rest-framework-2-docs/) is also available. + +--- + # Serializers > Expanding the usefulness of the serializers is something that we would diff --git a/docs/api-guide/validators.md b/docs/api-guide/validators.md index ac2f3248..f087e191 100644 --- a/docs/api-guide/validators.md +++ b/docs/api-guide/validators.md @@ -1,5 +1,11 @@ +--- + +**Note**: This is the documentation for the **version 3.0** of REST framework. Documentation for [version 2.4](http://tomchristie.github.io/rest-framework-2-docs/) is also available. + +--- + # Validators > Validators can be useful for re-using validation logic between different types of fields. diff --git a/docs/index.md b/docs/index.md index b18f3d6a..b5257c73 100644 --- a/docs/index.md +++ b/docs/index.md @@ -9,7 +9,7 @@ --- -**Note**: The incoming 3.0 version has now been merged to the `master` branch on GitHub. For the source of the currently available PyPI version, please see the `2.4.4` tag. +**Note**: This is the documentation for the **version 3.0** of REST framework. Documentation for [version 2.4](http://tomchristie.github.io/rest-framework-2-docs/) is also available. --- -- cgit v1.2.3 From 9ba29a88d6674d65bf5e8438eba2a072f0d44bf1 Mon Sep 17 00:00:00 2001 From: Tom Christie Date: Fri, 28 Nov 2014 14:43:33 +0000 Subject: Finalizing 3.0 release notes --- docs/api-guide/serializers.md | 38 +++++++++++++------------------------- docs/topics/3.0-announcement.md | 2 +- 2 files changed, 14 insertions(+), 26 deletions(-) (limited to 'docs') diff --git a/docs/api-guide/serializers.md b/docs/api-guide/serializers.md index 4d6c491f..0ee80d53 100644 --- a/docs/api-guide/serializers.md +++ b/docs/api-guide/serializers.md @@ -567,21 +567,22 @@ There needs to be a way of determining which views should be used for hyperlinki By default hyperlinks are expected to correspond to a view name that matches the style `'{model_name}-detail'`, and looks up the instance by a `pk` keyword argument. -You can change the field that is used for object lookups by setting the `lookup_field` option. The value of this option should correspond both with a kwarg in the URL conf, and with a field on the model. For example: +You can override a URL field view name and lookup field by using either, or both of, the `view_name` and `lookup_field` options in the `extra_field_kwargs` setting, like so: class AccountSerializer(serializers.HyperlinkedModelSerializer): class Meta: model = Account - fields = ('url', 'account_name', 'users', 'created') - lookup_field = 'slug' - -Note that the `lookup_field` will be used as the default on *all* hyperlinked fields, including both the URL identity, and any hyperlinked relationships. + fields = ('account_url', 'account_name', 'users', 'created') + extra_field_kwargs = { + 'url': {'view_name': 'accounts', 'lookup_field': 'account_name'} + 'users': {'lookup_field': 'username'} + } -For more specific requirements such as specifying a different lookup for each field, you'll want to set the fields on the serializer explicitly. For example: +Alternatively you can set the fields on the serializer explicitly. For example: class AccountSerializer(serializers.HyperlinkedModelSerializer): url = serializers.HyperlinkedIdentityField( - view_name='account-detail', + view_name='accounts', lookup_field='slug' ) users = serializers.HyperlinkedRelatedField( @@ -595,28 +596,15 @@ For more specific requirements such as specifying a different lookup for each fi model = Account fields = ('url', 'account_name', 'users', 'created') -## Overriding the URL field behavior - -The name of the URL field defaults to 'url'. You can override this globally, by using the `URL_FIELD_NAME` setting. - -You can also override this on a per-serializer basis by using the `url_field_name` option on the serializer, like so: +--- - class AccountSerializer(serializers.HyperlinkedModelSerializer): - class Meta: - model = Account - fields = ('account_url', 'account_name', 'users', 'created') - url_field_name = 'account_url' +**Tip**: Properly matching together hyperlinked representations and your URL conf can sometimes be a bit fiddly. Printing the `repr` of a `HyperlinkedModelSerializer` instance is a particularly useful way to inspect exactly which view names and lookup fields the relationships are expected to map too. -**Note**: The generic view implementations normally generate a `Location` header in response to successful `POST` requests. Serializers using `url_field_name` option will not have this header automatically included by the view. If you need to do so you will ned to also override the view's `get_success_headers()` method. +--- -You can also override the URL field's view name and lookup field without overriding the field explicitly, by using the `view_name` and `lookup_field` options, like so: +## Changing the URL field name - class AccountSerializer(serializers.HyperlinkedModelSerializer): - class Meta: - model = Account - fields = ('account_url', 'account_name', 'users', 'created') - view_name = 'account_detail' - lookup_field='account_name' +The name of the URL field defaults to 'url'. You can override this globally, by using the `URL_FIELD_NAME` setting. --- diff --git a/docs/topics/3.0-announcement.md b/docs/topics/3.0-announcement.md index 72268247..b32fe510 100644 --- a/docs/topics/3.0-announcement.md +++ b/docs/topics/3.0-announcement.md @@ -329,7 +329,7 @@ The `view_name` and `lookup_field` options have been moved to `PendingDeprecatio model = MyModel fields = ('url', 'email', 'notes', 'is_admin') extra_kwargs = { - 'url': {'lookup_field': 'uuid'} + 'url': {'lookup_field': 'uuid'} } Alternatively, specify the field explicitly on the serializer class: -- cgit v1.2.3