The Serializer data accessor returns cached and stale _data after .update()

[dennisschaaf]

Hey,

I am having a problem with the way _data is cached. We are using the RetrieveUpdateView to update a model with a nested list. The result of the operation is that the database is updated, but the old object is being returned.

The UpdateModelMixin performs an update on the following Serializer:

class MixDesignCreateSerializer(ModelSerializer):
  expiration_date = DateField(format=DATE_FORMAT, input_formats=(DATE_FORMAT,), required=False, )
components = MixComponentSerializer(many=True, required=False)

  def update(self, instance, validated_data):
    # Update nested list
    extracted_components = validated_data.pop('components')
    instance.components = self['components'].update(instance.components, extracted_components)

    instance = super(MixDesignCreateSerializer, self).update(instance, validated_data)

    # The instance is now properly updated in the DB
    # but self._data still contains a cache of the
    # initial _data created during is_valid()

    # The only 'hack' is to delete _data, whilch will
    # force a fetch from the database
    delattr(self, '_data')
    self.is_valid()

    return instance

and then renders the result of serializer.data

[tomchristie]

_data is private API, so it's unclear why you're needing to access it.
Use initial_data to see the passed data, and .validated_data after calling .is_valid().

Additionally calling is_valid() inside update() as you're doing doesn't make sense - the validation
should always happen before calling .save() and triggering an update or create.

It's possible that we could add some extra assertions to prevent this type of usage, but I'd need to see a simpler example before I'd be convinced exactly what we'd want to guard against.

I'd suggest describing what you're trying to do on the mailing list and finding a more correct way to do so.