commit 4bc083383a6c7525616f0385218e276dfd2e5aa8
author Scott Baker <smbaker@gmail.com> Thu Apr 28 16:57:47 2016 -0700
committer Scott Baker <smbaker@gmail.com> Thu Apr 28 16:57:47 2016 -0700
tree 11cb966bf9078804c338cc4f7126bffd6cd38b38
parent db242ef6b804a4ff24b27d3b42788e65a1651dd5

fix numerous compatibility issues with Rest Framework 3.x

xos/xos/apibase.py

diff --git a/xos/xos/apibase.py b/xos/xos/apibase.py
index 03493ee..addbbe9 100644
--- a/xos/xos/apibase.py
+++ b/xos/xos/apibase.py
@@ -15,32 +15,27 @@
 
     def update(self, request, *args, **kwargs):
         partial = kwargs.pop('partial', False)
-        self.object = self.get_object_or_none()
+        self.object = self.get_object()
 
         if self.object is None:
             raise XOSProgrammingError("Use the List API for creating objects")
 
-        serializer = self.get_serializer(self.object, data=request.DATA,
-                                         files=request.FILES, partial=partial)
-
-        assert(serializer.object is not None)
-
-        serializer.object.caller = request.user
+        serializer = self.get_serializer(self.object, data=request.data, partial=partial)
 
         if not serializer.is_valid():
             raise XOSValidationError(fields=serializer._errors)
 
-        if not serializer.object.can_update(request.user):
+        # Do the XOS perm check
+
+        assert(serializer.instance is not None)
+        obj = serializer.instance
+        for attr, value in serializer.validated_data.items():
+            setattr(obj, attr, value)
+        obj.caller = request.user
+        if not obj.can_update(request.user):
             raise XOSPermissionDenied()
 
-        if (hasattr(self, "pre_save")):
-            # rest_framework 2.x
-            self.pre_save(serializer.object)
-            self.object = serializer.save(force_update=True)
-            self.post_save(self.object, created=False)
-        else:
-            # rest_framework 3.x
-            self.perform_update(serializer)
+        self.perform_update(serializer)
 
         return Response(serializer.data, status=status.HTTP_200_OK)
 
@@ -48,11 +43,7 @@
         obj = self.get_object()
         obj.caller = request.user
         if obj.can_update(request.user):
-            # this is the guts of DestroyModelMixin, copied here so that we
-            # can use the obj with caller set in it,
-            self.pre_delete(obj)
-            obj.delete()
-            self.post_delete(obj)
+            self.perform_destroy(obj)
             return Response(status=status.HTTP_204_NO_CONTENT)
         else:
             return Response(status=status.HTTP_400_BAD_REQUEST)
@@ -69,7 +60,7 @@
 
 class XOSListCreateAPIView(generics.ListCreateAPIView):
     def create(self, request, *args, **kwargs):
-        serializer = self.get_serializer(data=request.DATA, files=request.FILES)
+        serializer = self.get_serializer(data=request.data)
 
         # In rest_framework 3.x: we can pass raise_exception=True instead of
         # raising the exception ourselves
@@ -77,22 +68,12 @@
             raise XOSValidationError(fields=serializer._errors)
 
         # now do XOS can_update permission checking
-
-        obj = serializer.object
+        obj = serializer.Meta.model(**serializer.validated_data)
         obj.caller = request.user
         if not obj.can_update(request.user):
             raise XOSPermissionDenied()
 
-        # stuff below is from generics.ListCreateAPIView
-
-        if (hasattr(self, "pre_save")):
-            # rest_framework 2.x
-            self.pre_save(serializer.object)
-            self.object = serializer.save(force_insert=True)
-            self.post_save(self.object, created=True)
-        else:
-            # rest_framework 3.x
-            self.perform_create(serializer)
+        self.perform_create(serializer)
 
         headers = self.get_success_headers(serializer.data)
         return Response(serializer.data, status=status.HTTP_201_CREATED,