Update fields.rst to include a warning about saving related objects. #1344
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Could you show us the code that's giving you this problem? Or better yet, a test case? I would think that if the ID and resource_uri are included on the data you POST back, Tastypie ought to look up the existing model and merge the data. |
|
I will try to do a specific test case this week. I am not disputing that Tastypie looks up the existing model, it does. The issue is that if a field is in Meta.excluded then it is assumed to be the default value. Therefore password gets set to an empty string. |
|
Yeah, that's something we'll want to get fixed. Thanks for the test case! |
…ted in django 1.55+ see http://stackoverflow.com/questions/19966921/lettuce-and-django-1-55-getting-importerror-cannot-import-name-wsgiserverexcep replace with socket.error
… the related resource is a full resource
|
See pull request for a failing test case which demonstrates when this bug happens. Also added a fix for the socket exceptions. |
|
Thanks! I'll pull these changes into another PR with a fix for the test failure. |
|
Thanks Sean, glad to help out. |
|
I found the problem. fields.py:612 can_update() returns False if PUT isn't an allowed method. The real bug is that the related resource got saved when updating isn't allowed. I'm working on a fix. |
SeanHayes
added a commit
to SeanHayes/django-tastypie
that referenced
this pull request
Oct 9, 2015
…ll the necessary object permissions checks (authorized_update_detail or authorized_create_detail). can_update() only checks the HTTP methods allowed, which doesn't really make sense for related resources. This fixes a bug (PR django-tastypie#1344) in otherwise updatable related resources which had PUT disabled. The bug caused the related resource to overwrite existing columns in the DB, since missing values were set to default since full hydration hadn't taken place.
SeanHayes
added a commit
to SeanHayes/django-tastypie
that referenced
this pull request
Oct 9, 2015
…ll the necessary object permissions checks (authorized_update_detail or authorized_create_detail). can_update() only checks the HTTP methods allowed, which doesn't really make sense for related resources. This fixes a bug (PR django-tastypie#1344) in otherwise updatable related resources which had PUT disabled. The bug caused the related resource to overwrite existing columns in the DB, since missing values were set to default since full hydration hadn't taken place. Also includes changes to prevent saving bundles loaded via URI, and to make sure data is only saved inside Resource classes (replaced calls to obj_update() in RelatedField().resource_from_data()).
sanketsaurav
pushed a commit
to doselect/django-tastypie
that referenced
this pull request
Jan 18, 2016
…ll the necessary object permissions checks (authorized_update_detail or authorized_create_detail). can_update() only checks the HTTP methods allowed, which doesn't really make sense for related resources. This fixes a bug (PR django-tastypie#1344) in otherwise updatable related resources which had PUT disabled. The bug caused the related resource to overwrite existing columns in the DB, since missing values were set to default since full hydration hadn't taken place. Also includes changes to prevent saving bundles loaded via URI, and to make sure data is only saved inside Resource classes (replaced calls to obj_update() in RelatedField().resource_from_data()).
georgedorn
pushed a commit
that referenced
this pull request
Jul 19, 2024
…ll the necessary object permissions checks (authorized_update_detail or authorized_create_detail). can_update() only checks the HTTP methods allowed, which doesn't really make sense for related resources. This fixes a bug (PR #1344) in otherwise updatable related resources which had PUT disabled. The bug caused the related resource to overwrite existing columns in the DB, since missing values were set to default since full hydration hadn't taken place. Also includes changes to prevent saving bundles loaded via URI, and to make sure data is only saved inside Resource classes (replaced calls to obj_update() in RelatedField().resource_from_data()).
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.