Merge branch 'master' of github.com:tomchristie/django-rest-framework

762a30db · Tom Christie · f9c61e80 · cab98183 · 762a30db · 762a30db
Commit 762a30db authored Jul 22, 2015 by Tom Christie
Hide whitespace changes
Inline Side-by-side

Showing with 25 additions and 4 deletions

docs/tutorial/quickstart.md
+0 -2

requirements/requirements-optionals.txt
+1 -1

rest_framework/filters.py
+4 -1

rest_framework/serializers.py
+20 -0

No files found.
--- a/docs/tutorial/quickstart.md
+++ b/docs/tutorial/quickstart.md
@@ -83,8 +83,6 @@ Rather than write multiple views we're grouping together all the common behavior
 We can easily break these down into individual views if we need to, but using viewsets keeps the view logic nicely organized as well as being very concise.
-For trivial cases you can simply set a `model` attribute on the `ViewSet` class and the serializer and queryset will be automatically generated for you.  Setting the `queryset` and/or `serializer_class` attributes gives you more explicit control of the API behaviour, and is the recommended style for most applications.
 ## URLs
 Okay, now let's wire up the API URLs.  On to `tutorial/urls.py`...

--- a/requirements/requirements-optionals.txt
+++ b/requirements/requirements-optionals.txt
 # Optional packages which may be used with REST framework.
 markdown==2.5.2
-django-guardian==1.2.5
+django-guardian==1.3.0
 django-filter==0.10.0
--- a/rest_framework/filters.py
+++ b/rest_framework/filters.py
@@ -198,4 +198,7 @@ class DjangoObjectPermissionsFilter(BaseFilterBackend):
            'model_name': get_model_name(model_cls)
        }
        permission = self.perm_format % kwargs
-        return guardian.shortcuts.get_objects_for_user(user, permission, queryset)
+        if guardian.VERSION >= (1, 3):
+            # Maintain behavior compatibility with versions prior to 1.3
+            extra = {'accept_global_perms': False}
+        return guardian.shortcuts.get_objects_for_user(user, permission, queryset, **extra)
--- a/rest_framework/serializers.py
+++ b/rest_framework/serializers.py
@@ -153,6 +153,16 @@ class BaseSerializer(Field):
            'You cannot call `.save()` on a serializer with invalid data.'
        )
+        # Guard against incorrect use of `serializer.save(commit=False)`
+        assert 'commit' not in kwargs, (
+            "'commit' is not a valid keyword argument to the 'save()' method. "
+            "If you need to access data before committing to the database then "
+            "inspect 'serializer.validated_data' instead. "
+            "You can also pass additional keyword arguments to 'save()' if you "
+            "need to set extra attributes on the saved model instance. "
+            "For example: 'serializer.save(owner=request.user)'.'"
+        )
        validated_data = dict(
            list(self.validated_data.items()) +
            list(kwargs.items())
@@ -611,6 +621,16 @@ class ListSerializer(BaseSerializer):
        """
        Save and return a list of object instances.
        """
+        # Guard against incorrect use of `serializer.save(commit=False)`
+        assert 'commit' not in kwargs, (
+            "'commit' is not a valid keyword argument to the 'save()' method. "
+            "If you need to access data before committing to the database then "
+            "inspect 'serializer.validated_data' instead. "
+            "You can also pass additional keyword arguments to 'save()' if you "
+            "need to set extra attributes on the saved model instance. "
+            "For example: 'serializer.save(owner=request.user)'.'"
+        )
        validated_data = [
            dict(list(attrs.items()) + list(kwargs.items()))
            for attrs in self.validated_data