Merge pull request #522 from Cornices/521-fix-reponse-content-204

Do not return content if response is ``204 No Content`` (fixes #521)

CHANGES.txt

@@ -5,8 +5,7 @@ CHANGELOG
 3.7.0 (unreleased)
 ==================
 
-- Nothing changed yet.
-
+- Do not return content if response is ``204 No Content`` (fixes #521)
 
 3.6.0 (2019-07-24)
 ==================

cornice/util.py

@@ -44,6 +44,11 @@ def __call__(self, data, context):
         response = request.response
         registry = request.registry
 
+        # Do not return content with ``204 No Content``
+        if response.status_code == 204:
+            response.content_type = None
+            return ""
+
         # Serialise the ``data`` object to a JSON string using the
         # JSON renderer registered with Pyramid.
         renderer_factory = registry.queryUtility(IRendererFactory, name='json')

tests/test_pyramidhook.py

@@ -55,10 +55,14 @@ def update_view(request):
     return "updated_view"
 
 
-@service.delete(permission='write')
+@service.patch(permission='write')
 def return_yay(request):
     return "yay"
 
+@service.delete()
+def delete_view(request):
+    request.response.status = 204
+
 
 class TemperatureCooler(object):
     def __init__(self, request, context=None):
@@ -119,32 +123,36 @@ def test_405(self):
         # calling a unknown verb on an existing resource should return a 405
         self.app.post("/service", status=HTTPMethodNotAllowed.code)
 
-    def test_acl_support_unauthenticated_service_delete(self):
+    def test_204(self):
+        resp = self.app.delete("/service", status=204)
+        self.assertNotIn("Content-Type", resp.headers)
+
+    def test_acl_support_unauthenticated_service_patch(self):
         # calling a view with permissions without an auth'd user => 403
-        self.app.delete('/service', status=HTTPForbidden.code)
+        self.app.patch('/service', status=HTTPForbidden.code)
 
-    def test_acl_support_authenticated_allowed_service_delete(self):
+    def test_acl_support_authenticated_allowed_service_patch(self):
         with mock.patch.object(self.authn_policy, 'unauthenticated_userid',
                                return_value='bob'):
-            result = self.app.delete('/service', status=HTTPOk.code)
+            result = self.app.patch('/service', status=HTTPOk.code)
             self.assertEqual("yay", result.json)
         # The other user with 'write' permission
         with mock.patch.object(self.authn_policy, 'unauthenticated_userid',
                                return_value='dan'):
-            result = self.app.delete('/service', status=HTTPOk.code)
+            result = self.app.patch('/service', status=HTTPOk.code)
             self.assertEqual("yay", result.json)
 
-    def test_acl_support_authenticated_valid_user_wrong_permission_service_delete(self):
+    def test_acl_support_authenticated_valid_user_wrong_permission_service_patch(self):
         with mock.patch.object(self.authn_policy, 'unauthenticated_userid', return_value='alice'):
-            self.app.delete('/service', status=HTTPForbidden.code)
+            self.app.patch('/service', status=HTTPForbidden.code)
 
-    def test_acl_support_authenticated_valid_user_permission_denied_service_delete(self):
+    def test_acl_support_authenticated_valid_user_permission_denied_service_patch(self):
         with mock.patch.object(self.authn_policy, 'unauthenticated_userid', return_value='carol'):
-            self.app.delete('/service', status=HTTPForbidden.code)
+            self.app.patch('/service', status=HTTPForbidden.code)
 
-    def test_acl_support_authenticated_invalid_user_service_delete(self):
+    def test_acl_support_authenticated_invalid_user_service_patch(self):
         with mock.patch.object(self.authn_policy, 'unauthenticated_userid', return_value='mallory'):
-            self.app.delete('/service', status=HTTPForbidden.code)
+            self.app.patch('/service', status=HTTPForbidden.code)
 
     def test_acl_support_authenticated_allowed_service_put(self):
         with mock.patch.object(self.authn_policy, 'unauthenticated_userid', return_value='dan'):