Request parsing when .POST accessed

docs/index.md

@@ -204,7 +204,6 @@ General guides to using REST framework.
 * [3.2 Announcement][3.2-announcement]
 * [3.3 Announcement][3.3-announcement]
 * [Kickstarter Announcement][kickstarter-announcement]
-* [Funding][funding]
 * [Release Notes][release-notes]
 
 ## Development

docs/topics/3.3-announcement.md

@@ -4,7 +4,7 @@ The 3.3 release marks the final work in the Kickstarter funded series. We'd like
 
 The amount of work that has been achieved as a direct result of the funding is immense. We've added a huge amounts of new functionality, resolved nearly 2,000 tickets, and redesigned & refined large parts of the project.
 
-In order to continue driving REST framework forward, we're introducing [monthly paid plans](https://fund.django-rest-framework.org/topics/funding). These plans include various sponsorship rewards, and will ensure that the project remains sustainable and well supported.
+In order to continue driving REST framework forward, we'll shortly be announcing a new set of funding plans. Follow [@_tomchristie](https://twitter.com/_tomchristie) to keep up to date with these announcements, and be among the first set of sign ups.
 
 We strongly believe that collaboratively funded software development yields outstanding results for a relatively low investment-per-head. If you or your company use REST framework commercially, then we would strongly urge you to participate in this latest funding drive, and help us continue to build an increasingly polished & professional product.
 

docs/topics/release-notes.md

@@ -42,7 +42,7 @@ You can determine your currently installed version using `pip freeze`:
 
 ### 3.3.0
 
-**Date**: [27th October 2015][3.3.0-milestone]
+**Date**: [28th October 2015][3.3.0-milestone].
 
 * HTML controls for filters. ([#3315][gh3315])
 * Forms API. ([#3475][gh3475])
@@ -58,11 +58,17 @@ You can determine your currently installed version using `pip freeze`:
 
 ## 3.2.x series
 
+### 3.2.5
+
+**Date**: [27th October 2015][3.2.5-milestone].
+
+* Escape `username` in optional logout tag. ([#3550][gh3550])
+
 ### 3.2.4
 
 **Date**: [21th September 2015][3.2.4-milestone].
 
-* Don't error on missing `ViewSet.search_fields` attribute.([#3324][gh3324], [#3323][gh3323])
+* Don't error on missing `ViewSet.search_fields` attribute. ([#3324][gh3324], [#3323][gh3323])
 * Fix `allow_empty` not working on serializers with `many=True`. ([#3361][gh3361], [#3364][gh3364])
 * Let `DurationField` accepts integers. ([#3359][gh3359])
 * Multi-level dictionaries not supported in multipart requests. ([#3314][gh3314])
@@ -328,6 +334,8 @@ For older release notes, [please see the version 2.x documentation][old-release-
 [3.2.2-milestone]: https://github.com/tomchristie/django-rest-framework/issues?q=milestone%3A%223.2.2+Release%22
 [3.2.3-milestone]: https://github.com/tomchristie/django-rest-framework/issues?q=milestone%3A%223.2.3+Release%22
 [3.2.4-milestone]: https://github.com/tomchristie/django-rest-framework/issues?q=milestone%3A%223.2.4+Release%22
+[3.2.5-milestone]: https://github.com/tomchristie/django-rest-framework/issues?q=milestone%3A%223.2.5+Release%22
+[3.3.0-milestone]: https://github.com/tomchristie/django-rest-framework/issues?q=milestone%3A%223.3.0+Release%22
 
 <!-- 3.0.1 -->
 [gh2013]: https://github.com/tomchristie/django-rest-framework/issues/2013
@@ -552,6 +560,9 @@ For older release notes, [please see the version 2.x documentation][old-release-
 [gh3364]: https://github.com/tomchristie/django-rest-framework/issues/3364
 [gh3415]: https://github.com/tomchristie/django-rest-framework/issues/3415
 
+<!-- 3.2.5 -->
+[gh3550]:https://github.com/tomchristie/django-rest-framework/issues/3550
+
 <!-- 3.3.0 -->
 [gh3315]: https://github.com/tomchristie/django-rest-framework/issues/3315
 [gh3410]: https://github.com/tomchristie/django-rest-framework/issues/3410

mkdocs.yml

@@ -59,5 +59,4 @@ pages:
      - '3.2 Announcement': 'topics/3.2-announcement.md'
      - '3.3 Announcement': 'topics/3.3-announcement.md'
      - 'Kickstarter Announcement': 'topics/kickstarter-announcement.md'
-     - 'Funding': 'topics/funding.md'
      - 'Release Notes': 'topics/release-notes.md'

rest_framework/__init__.py

@@ -8,7 +8,7 @@
 """
 
 __title__ = 'Django REST framework'
-__version__ = '3.2.4'
+__version__ = '3.3.0'
 __author__ = 'Tom Christie'
 __license__ = 'BSD 2-Clause'
 __copyright__ = 'Copyright 2011-2015 Tom Christie'

rest_framework/authentication.py

@@ -117,9 +117,8 @@ def authenticate(self, request):
         Otherwise returns `None`.
         """
 
-        # Get the underlying HttpRequest object
-        request = request._request
-        user = getattr(request, 'user', None)
+        # Get the session-based user from the underlying HttpRequest object
+        user = getattr(request._request, 'user', None)
 
         # Unauthenticated, CSRF validation not required
         if not user or not user.is_active:

rest_framework/request.py

@@ -365,6 +365,15 @@ def DATA(self):
             'since version 3.0, and has been fully removed as of version 3.2.'
         )
 
+    @property
+    def POST(self):
+        # Ensure that request.POST uses our request parsing.
+        if not _hasattr(self, '_data'):
+            self._load_data_and_files()
+        if is_form_media_type(self.content_type):
+            return self.data
+        return QueryDict('', encoding=self._request._encoding)
+
     @property
     def FILES(self):
         # Leave this one alone for backwards compat with Django's request.FILES