Commit Graph

11939 Commits

Author SHA1 Message Date
Dan Strokirk f5ea9aa2f3 Fixed #32807 -- Fixed JSONField crash when redisplaying None values.
Thanks to Alex Hill for the initial patch.
2021-06-28 11:02:08 +02:00
Nick Pope 66af94d56e Removed unnecessary json.loads() call in test_json_agg_empty(). 2021-06-28 09:22:23 +02:00
Nick Pope e8e8e207e7 Ensured that empty result test for JSONBAgg executes a query.
Use of QuerySet.none() will cause the EmptyQuerySet aggregation
optimisation to be used. Change the test to be implemented like the
other tests for empty results in this file.
2021-06-28 09:21:57 +02:00
Nick Pope 1aca9fc7d2 Corrected test method and variable names for JSONBAgg.
This is probably a hangover from when the aggregate function was
originally called JSONAgg during development.
2021-06-28 09:17:34 +02:00
Chris Jerdonek 5e60c3943b Refs #32800 -- Added CsrfViewMiddleware tests for all combinations of masked/unmasked cookies and tokens. 2021-06-28 08:31:30 +02:00
Chris Jerdonek defa8d3d87 Refs #32800 -- Made CsrfViewMiddlewareTestMixin._csrf_id_cookie and _csrf_id_token different.
This also renames CsrfViewMiddlewareTestMixin._csrf_id to _csrf_id_token.
2021-06-28 08:09:53 +02:00
Chris Jerdonek 2523c32d50 Refs #32800 -- Eliminated the need for separate _get_POST_bare_secret() methods. 2021-06-28 08:08:43 +02:00
Chris Jerdonek c8108591b9 Refs #32800 -- Added to csrf_tests/tests.py the unmasked version of the secret.
This also adds tests that the secret is correct, and updates existing
tests to use the value.
2021-06-28 07:59:22 +02:00
Mateo Radman 8a7ac78b70 Refs #32508 -- Raised ImproperlyConfigured/TypeError instead of using "assert" in various code. 2021-06-25 06:55:47 +02:00
Mariusz Felisiak 27e156fa31
Fixed ResourceWarning in test_client.tests.ClientTest.test_uploading_named_temp_file(). 2021-06-24 11:47:29 +02:00
Ben Wilber fff4870bfa Fixed #32727 -- Allowed spaces before time zone offset in parse_datetime(). 2021-06-24 10:07:55 +02:00
Chris Jerdonek fcb75651f9 Fixed #32817 -- Added the token source to CsrfViewMiddleware's bad token error messages. 2021-06-23 16:07:15 +02:00
Chris Jerdonek 1a284afb07 Refs #32817 -- Added tests for bad CSRF token provided via X-CSRFToken or custom header. 2021-06-23 16:07:07 +02:00
Chris Jerdonek 6837bd68a4 Refs #32817 -- Added post_token/meta_token/token_header arguments to _get_POST_csrf_cookie_request(). 2021-06-23 16:07:07 +02:00
Chris Jerdonek 999402f142 Refs #32817 -- Combined the bad-or-missing CSRF token tests. 2021-06-23 16:07:07 +02:00
tomhamiltonstubber 1e5aa8e1c7 Fixed #32790 -- Ensured test Client handles redirects to domain indexes without a specified trailing slash. 2021-06-23 12:32:29 +02:00
Nicolas Restrepo bbb3965826 Refs #24121 -- Added __repr__() to StreamingHttpResponse and subclasses. 2021-06-22 21:28:48 +02:00
Hasan Ramezani 7a9745fed4 Fixed #32863 -- Skipped system check for specifying type of auto-created primary keys on models with invalid app_label.
Regression in b5e12d490a.

Thanks Iuri de Silvio for the report.
2021-06-22 20:47:15 +02:00
David Smith b9e872b593 Refs #32338 -- Removed 'for ="..."' from RadioSelect's <label>.
This improves accessibility for screen reader users.

Co-authored-by: Thibaud Colas <thibaudcolas@gmail.com>
2021-06-22 10:59:29 +02:00
Igor Fernandes e85d9c02ad Fixed #32870 -- Improved error message when URLconf is empty. 2021-06-22 08:09:53 +02:00
Mariusz Felisiak e07609a0d1 Refs #32858, Refs #32392 -- Restored using :: shortcut syntax in Cast() on PostgreSQL.
This partly reverts commit fdfbc66331
unnecessary since b69b0c3fe8.
2021-06-22 06:28:42 +02:00
Lucidiot b69b0c3fe8 Fixed #32858 -- Fixed ExclusionConstraint crash with index transforms in expressions. 2021-06-22 06:09:16 +02:00
Jacob Walls 501a371411 Fixed typo in makemessages error message. 2021-06-21 21:23:59 +02:00
Carlton Gibson 225d96533a Fixed #30427, Fixed #16176 -- Corrected setting descriptor in Field.contribute_to_class().
Co-authored-by: Jarek Glowacki <jarekwg@gmail.com>
2021-06-15 12:01:28 +02:00
Carlton Gibson 0c0240aba8 Refs #30427, Refs #16176 -- Added test for abstract model inheritance. 2021-06-15 11:42:52 +02:00
Keryn Knight 854e9b0668 Fixed #32824 -- Improved performance of NodeList.render().
This avoids the following:
 - checking that each item in the nodelist is a subclass of Node,
 - calling str() on the render_annotated() output, because it's
   documented that Node.render() must return a string,
 - calling mark_safe() on the output, when the value to be wrapped is
   definitively known to be a string because the result of ''.join()
   is always of that type,
 - using an intermediate list to store each individual string.
2021-06-11 12:22:06 +02:00
Jacob Walls 2dfc1066a0 Fixed #25250 -- Clarified partially recorded state of squashed migrations in showmigrations --list. 2021-06-11 09:35:42 +02:00
Chris Jerdonek de4f620183 Fixed #32609 -- Updated runtests.py to support directory path test labels.
For example, with this change, the following now works from the tests
directory:

    $ ./runtests.py view_tests/tests/
2021-06-10 20:19:30 +02:00
Mariusz Felisiak fa0433d05f Fixed #32832 -- Fixed adding BLOB/TEXT nullable field with default on MySQL 8.0.13+.
Regression in d4ac23bee1.

Thanks Omkar Deshpande for the report.
2021-06-10 20:03:43 +02:00
Mariusz Felisiak 8b4983cfd4
Fixed typo in tests/test_runner/test_discover_runner.py. 2021-06-10 13:25:05 +02:00
saeedblanchette 66ed03e7c9 Refs #24121 -- Added __repr__() to AdminForm, BlockContext, BlockTranslateNode, and IncludeNode. 2021-06-10 12:47:53 +02:00
Ceesjan Luiten cb6c19749d Refs #27734 -- Prevented creation of more parallel workers than TestCases.
The parallel test runner uses multiple workers to distribute the
workload. These workers are assigned a worker ID using a globally
incremented variable, which determines what test database to connect
to. When the worker ID surpasses the test database IDs Django will
crash.

This reduce likelihood of crashing parallel tests because
ParallelTestSuite will no longer create more workers than TestCases.

It won't eliminate the problem completely though because there are
other circumstances in which new workers can be created which can then
be assigned an "illegal" worker ID.
2021-06-10 07:32:15 +02:00
Angus Holder 3e73c65ffc Fixed #32195 -- Added system check for invalid view in path() and improved error messages. 2021-06-09 09:06:42 +02:00
Mariusz Felisiak 8f89454bbc Refs #32195 -- Added path() test for invalid view. 2021-06-09 08:58:41 +02:00
Jacob Walls c0e29cec83 Fixed #25255 -- Recorded unapplied squashed migrations. 2021-06-08 08:40:34 +02:00
Sanskar Jaiswal 8c3bd0b708 Fixed #31653 -- Added AddConstraintNotValid()/ValidateConstraint() operations for PostgreSQL. 2021-06-08 07:46:51 +02:00
luzpaz bbf09254a3
Fixed typos in test comments. 2021-06-07 20:54:28 +02:00
Chris Jerdonek 87bb746ea6 Refs #32668 -- Renamed setup()/teardown() to setup_run_tests()/teardown_run_tests() in runtests.py. 2021-06-07 09:04:27 +02:00
Chris Jerdonek 9389d4d3db Refs #32668 -- Changed bisect_tests() and paired_tests() to use only setup_collect_tests(). 2021-06-07 09:04:27 +02:00
Chris Jerdonek e96e93618c Refs #32668 -- Passed setup()'s return value to run_tests() instead of get_installed(). 2021-06-07 09:04:27 +02:00
Chris Jerdonek b3083d5bd2 Refs #32668 -- Refactored out setup_collect_tests() in runtests.py. 2021-06-07 09:04:24 +02:00
Chris Jerdonek 9b9cea04b9 Refs #32668 -- Added gis_enabled argument to get_test_modules(). 2021-06-07 08:54:15 +02:00
aryabartar 651e527f9b Fixed #32716 -- Fixed ManifestStaticFilesStorage crash when max_post_process_passes is 0. 2021-06-07 07:56:20 +02:00
Chris Jerdonek 7272e1963f Fixed #32821 -- Updated os.scandir() uses to use a context manager. 2021-06-07 06:52:42 +02:00
saeedblanchette 7dd502b0e1 Refs #24121 -- Added __repr__() to ChangeList and BaseStorage. 2021-06-07 06:31:50 +02:00
Chris Jerdonek 9812b486b5
Refs #32668 -- Simplified start_at/start_after logic in runtests.py's setup(). 2021-06-05 16:46:37 +02:00
Mariusz Felisiak 213850b4b9
Refs #32355 -- Used addClassCleanup() in tests.
Inspired by Adam Johnson talk on DjangoCon Europe 2021.
2021-06-04 12:53:11 +02:00
Adam Johnson 2e4711c611 Made SerializeMixin check lockfile attr at import time. 2021-06-04 12:29:09 +02:00
Takayuki Hirayama 0393b9262d Fixed #32812 -- Restored immutability of named values from QuerySet.values_list().
Regression in 981a072dd4.

Thanks pirelle for the report.
2021-06-04 07:23:16 +02:00
Chris Jerdonek 0d2816133c Refs #32668 -- Simplified get_test_modules() in runtests.py.
This simplifies runtests.py's get_test_modules() in a few ways.  For
example, it changes the function to yield strings instead of returning
pairs of strings, which simplifies the calling code.

This commit also changes SUBDIRS_TO_SKIP from a list to a dict since
the directories to skip depend on the parent directory.
2021-06-03 09:20:47 +02:00
Chris Jerdonek ffc0d57a04 Refs #32668 -- Refactored away module_found_in_labels in runtests.py's setup(). 2021-06-03 09:20:47 +02:00
Chris Jerdonek 90f41c2d91 Refs #32668 -- Made setup()'s test_labels argument optional in runtests.py. 2021-06-03 09:20:47 +02:00
Mariusz Felisiak 62e8f369c3
Fixed #32808 -- Prevented DiscoverRunner.build_suite() from mutating test loader patterns.
Thanks Chris Jerdonek for the report and reviews.
2021-06-03 08:59:37 +02:00
Chris Jerdonek 1b4d1675b2
Refs #32641 -- Made DiscoverRunner's "Found X tests" message work for finding one test.
This also removes passing level to log() as logging.INFO is the default.
2021-06-02 12:53:09 +02:00
Jacob Walls ec2727efef Fixed #28154 -- Prevented infinite loop in FileSystemStorage.save() when a broken symlink with the same name exists. 2021-06-02 12:20:22 +02:00
Mariusz Felisiak e1d787f1b3 Fixed CVE-2021-33571 -- Prevented leading zeros in IPv4 addresses.
validate_ipv4_address() was affected only on Python < 3.9.5, see [1].
URLValidator() uses a regular expressions and it was affected on all
Python versions.

[1] https://bugs.python.org/issue36384
2021-06-02 10:58:39 +02:00
Florian Apolloner 46572de2e9 Fixed CVE-2021-33203 -- Fixed potential path-traversal via admindocs' TemplateDetailView. 2021-06-02 10:58:39 +02:00
Mariusz Felisiak e703b152c6
Fixed #32793 -- Fixed loss of precision for temporal operations with DecimalFields on MySQL.
Regression in 1e38f1191d.

Thanks Mohsen Tamiz for the report.
2021-06-01 15:11:42 +02:00
Daniyal a0410ffe8f Refs #32552 -- Added DiscoverRunner.log() to allow customization.
Thanks Carlton Gibson, Chris Jerdonek, and David Smith for reviews.
2021-06-01 13:31:44 +02:00
Chris Jerdonek cd19db10df Fixed #32796 -- Changed CsrfViewMiddleware to fail earlier on badly formatted cookie tokens. 2021-06-01 09:02:27 +02:00
Chris Jerdonek 623cec0879 Refs #32796 -- Added CsrfViewMiddleware tests for incorrectly formatted cookie tokens. 2021-06-01 09:02:23 +02:00
abhiabhi94 c609d5149c Refs #24121 -- Added __repr__() to Engine 2021-06-01 07:44:36 +02:00
Chris Jerdonek 55775891fb Fixed #32795 -- Changed CsrfViewMiddleware to fail earlier on badly formatted tokens. 2021-05-31 21:12:21 +02:00
Chris Jerdonek ffdee8d264 Refs #32795 -- Added CsrfViewMiddleware tests for rejecting invalid or missing tokens.
This also improves test names for test_process_request_no_csrf_cookie
and test_process_request_csrf_cookie_no_token. The logic being tested
is actually in process_view() rather than process_request(), and it's
not necessary to include the method name.
2021-05-31 21:12:17 +02:00
Gildardo Adrian Maravilla Jacome 91e21836f6 Fixed #32319 -- Added ES module support to ManifestStaticFilesStorage. 2021-05-31 11:09:48 +02:00
Gildardo Adrian Maravilla Jacome 781b44240a Refs #32319 -- Changed HashedFilesMixin to use named groups in patterns. 2021-05-31 10:40:21 +02:00
David Wobrock b9df2b74b9 Fixed #32676 -- Prevented migrations from rendering related field attributes when not passed during initialization.
Thanks Simon Charette for the implementation idea.
2021-05-28 20:25:59 +02:00
Hannes Ljungberg b746596f5f Refs #32779 -- Changed DatabaseSchemaEditor._unique_sql()/_create_unique_sql() to take fields as second parameter. 2021-05-28 10:50:27 +02:00
abhiabhi94 22da686ca9 Refs #24121 -- Added __repr__() to PermWrapper. 2021-05-28 08:03:23 +02:00
Chris Jerdonek 71179a6124 Fixed #32596 -- Added CsrfViewMiddleware._check_referer().
This encapsulates CsrfViewMiddleware's referer logic into a method and
updates existing tests to check the "seam" introduced by the refactor,
when doing so would improve the test.
2021-05-28 07:31:56 +02:00
Mohammadreza Varasteh e93eb3d971 Fixed #32789 -- Made feeds emit elements with no content as self-closing tags. 2021-05-27 21:05:28 +02:00
Chris Jerdonek 02c59b7a43 Refs #32596 -- Added extra tests for CsrfViewMiddleware's referer logic. 2021-05-27 10:53:20 +02:00
Nilo César Teixeira 0d67481a66 Fixed #32762 -- Fixed locale reset in compilemessages test.
Reset the `LC_ALL` override value in the test environment to ensure that locale
values the calling environment are not used.
2021-05-26 15:37:42 +02:00
Moriyoshi Koizumi 9e4780deda Fixed #32669 -- Fixed detection when started non-django modules which aren't packages with "python -m" in autoreloader. 2021-05-26 12:29:43 +02:00
Michael Lissner 5a8e8f80bb Fixed #32772 -- Made database cache count size once per set. 2021-05-26 11:21:11 +02:00
Mariusz Felisiak 12b19a1d76
Fixed #32783 -- Fixed crash of autoreloader when __main__ module doesn't have __spec__ attribute.
Regression in ec6d2531c5.

Thanks JonathanNickelson for the report.
2021-05-26 11:19:47 +02:00
Hasan Ramezani 1143f3bb5e Fixed #32543 -- Added search_help_text to ModelAdmin. 2021-05-26 10:20:13 +02:00
Hasan Ramezani 68357b2ca9 Fixed #32744 -- Normalized to pathlib.Path in autoreloader check for template changes. 2021-05-26 09:41:29 +02:00
Mariusz Felisiak 7e51893911
Refs #32379 -- Added USE_TZ settings to AdminScriptTestCase.write_settings(). 2021-05-25 13:22:40 +02:00
Hannes Ljungberg 3e0fdf5546
Fixed #32780 -- Made Add/RemoveConstraint operations a noop for covering/deferrable unique constraints on SQLite. 2021-05-25 11:34:25 +02:00
saeedblanchette d3d95d645f Refs #24121 -- Added __repr__() to Lookup. 2021-05-24 07:32:25 +02:00
Mariusz Felisiak f0a9413bd2 Refs #24121 -- Improved Value.__repr__(). 2021-05-24 07:26:53 +02:00
Mariusz Felisiak 3f6d4e22f8 Fixed typo in tests/expressions/tests.py. 2021-05-24 07:26:53 +02:00
Hannes Ljungberg 7ef2398e81 Fixed #32777 -- Passed table reference as a string to DatabaseSchemaEditor._index_columns(). 2021-05-24 06:31:48 +02:00
Yuekui Li 5e04e84d67 Fixed #32503 -- Fixed altering BLOB/TEXT field to non-nullable with default on MySQL 8.0.13+.
MySQL 8.0.13+ supports defaults for BLOB/TEXT but not in the
ALTER COLUMN statement.

Regression in 6b16c91157.

Thanks Matt Westcott for the report.
2021-05-21 13:34:37 +02:00
Rohith PR 7cca22964c Fixed #32375 -- Started deprecation toward changing the default sitemap protocol to https.
The default sitemap protocol, when it is built outside the context of
a request, will be changed from 'http' to 'https' in Django 5.0.
2021-05-21 11:00:54 +02:00
Rohith PR 56003b21ea Added tests for Sitemap.get_protocol(). 2021-05-21 10:55:05 +02:00
David Sanders 736bb9868a Renamed "object" argument of ModelAdmin.log_addition(), log_change(), and log_deletion() methods. 2021-05-20 07:29:16 +02:00
David Sanders 2978c63a34 Fixed #32771 -- Used IS_POPUP_VAR constant instead of hard-coded value. 2021-05-20 07:04:26 +02:00
David Sanders 536c155e67 Fixed #32765 -- Removed "for" HTML attribute from ReadOnlyPasswordHashWidget.
ReadOnlyPasswordHashWidget doesn't have any labelable elements.
2021-05-19 20:34:57 +02:00
Claude Paroz 8cd55021bc Fixed #32379 -- Started deprecation toward changing default USE_TZ to True.
Co-authored-by: Nick Pope <nick@nickpope.me.uk>
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2021-05-18 20:26:44 +02:00
Mariusz Felisiak 958cdf65ae Fixed #32747 -- Prevented initialization of unused caches.
Thanks Alexander Ebral for the report.

Regression in 98e05ccde4.
2021-05-18 18:24:19 +02:00
Rust Saiargaliev a24fed399c Fixed #32733 -- Skipped system check for specifying type of auto-created primary keys on abstract models.
Regression in b5e12d490a.
2021-05-18 13:02:33 +02:00
Rust Saiargaliev f07723aa0a Refs #31007 -- Added test for check for specifying type of auto-created primary keys from abstract models. 2021-05-18 12:54:51 +02:00
Slava Skvortsov f7691d4812 Fixed #32754 -- Made AdminSite.catch_all_view() respect SCRIPT_NAME.
Regression in ba31b01034.
2021-05-18 09:14:05 +02:00
Artur Beltsov 3954bf50fb Fixed #32750 -- Fixed crash of Extract() transform on OuterRef() expressions.
Thanks Simon Charette for the review.
2021-05-17 17:51:39 +02:00
Rohith PR 530f58caaa Fixed #32734 -- Fixed validation of startapp's directory with trailing slash.
Regression in fc9566d42d.
2021-05-14 12:45:00 +02:00
snowman2 29345aecf6 Fixed #32721 -- Fixed migrations crash when adding namespaced spatial indexes on PostGIS. 2021-05-14 07:10:28 +02:00
Mariusz Felisiak c6d88a1872 Refs #16455 -- Added test for using opclasses on indexes for multidimensional geometry fields on PostGIS. 2021-05-13 13:13:12 +02:00
Mariusz Felisiak b55699968f
Fixed #32718 -- Relaxed file name validation in FileField.
- Validate filename returned by FileField.upload_to() not a filename
  passed to the FileField.generate_filename() (upload_to() may
  completely ignored passed filename).
- Allow relative paths (without dot segments) in the generated filename.

Thanks to Jakub Kleň for the report and review.
Thanks to all folks for checking this patch on existing projects.
Thanks Florian Apolloner and Markus Holtermann for the discussion and
implementation idea.

Regression in 0b79eb3691.
2021-05-13 08:53:44 +02:00
Simon Charette b81c7562fc Fixed #32717 -- Fixed filtering of querysets combined with the | operator.
Address a long standing bug in a Where.add optimization to discard
equal nodes that was surfaced by implementing equality for Lookup
instances in bbf141bcdc.

Thanks Shaheed Haque for the report.
2021-05-13 07:26:52 +02:00
Raffaele Salmaso 3733ae8957 Fixed #32031 -- Added model class for each model to AdminSite.each_context(). 2021-05-13 06:57:09 +02:00
Nick Pope 29e4ccb1a2 Fixed #32738 -- Deprecated django.utils.datetime_safe module. 2021-05-12 14:42:17 +02:00
Nick Pope 46346f8ea0 Refs #32738 -- Added sanitize_strftime_format() to replace datetime_safe. 2021-05-12 14:42:17 +02:00
Nick Pope 44accb066a Refs #32738, Refs #29600, Refs #29595 -- Removed unused django.utils.datetime_safe.time().
Unused since c72dde41e6.
2021-05-12 14:42:17 +02:00
Nick Pope 1061f52436 Fixed #32732 -- Removed usage of deprecated 'db' and 'passwd' connection options in MySQL backend.
The 'db' and 'passwd' connection options have been deprecated, use
'database' and 'password' instead (available since mysqlclient >= 1.3.8).

This also allows the 'database' option in DATABASES['OPTIONS'] on MySQL.
2021-05-12 12:21:57 +02:00
Nick Pope d06c5b3581 Fixed #32366 -- Updated datetime module usage to recommended approach.
- Replaced datetime.utcnow() with datetime.now().
- Replaced datetime.utcfromtimestamp() with datetime.fromtimestamp().
- Replaced datetime.utctimetuple() with datetime.timetuple().
- Replaced calendar.timegm() and datetime.utctimetuple() with datetime.timestamp().
2021-05-12 11:08:41 +02:00
Nick Pope 6b7960188b Added extra assertion to migrations.test_writer.WriterTests.test_serialize_datetime.
This checks that datetime.timezone.utc serializes correctly.
2021-05-12 11:06:30 +02:00
saeedblanchette e6406853c3 Refs #24121 -- Added__repr__() to StaticNode. 2021-05-12 08:41:52 +02:00
Nick Pope 34363a391b Fixed #32735 -- Made DateFormat.Y() return a zero-padded year. 2021-05-12 08:17:06 +02:00
Mariusz Felisiak b1a4b1f0bd Fixed #32722 -- Fixed comparing to TruncTime() on Oracle. 2021-05-11 09:19:25 +02:00
Jordi Castells 205c36b58f Fixed #32670 -- Allowed GDALRasters to use any GDAL virtual filesystem. 2021-05-07 20:03:46 +02:00
Hasan Ramezani 028f10fac6 Fixed #32712 -- Deprecated django.utils.baseconv module. 2021-05-07 11:57:40 +02:00
Alex Hill c4ee3b208a Fixed #32699 -- Fixed comparing to TruncTime() with 0 microseconds on MySQL. 2021-05-07 08:13:40 +02:00
Mariusz Felisiak 65a9d0013d
Removed unused TestHashedFiles._max_post_process_passes.
Unused since f1894bae30
2021-05-06 12:26:25 +02:00
Mariusz Felisiak e1e81aa1c4
Fixed #32713, Fixed CVE-2021-32052 -- Prevented newlines and tabs from being accepted in URLValidator on Python 3.9.5+.
In Python 3.9.5+ urllib.parse() automatically removes ASCII newlines
and tabs from URLs [1, 2]. Unfortunately it created an issue in
the URLValidator. URLValidator uses urllib.urlsplit() and
urllib.urlunsplit() for creating a URL variant with Punycode which no
longer contains newlines and tabs in Python 3.9.5+. As a consequence,
the regular expression matched the URL (without unsafe characters) and
the source value (with unsafe characters) was considered valid.

[1] https://bugs.python.org/issue43882 and
[2] 76cd81d603
2021-05-06 08:45:23 +02:00
Carlton Gibson a708f39ce6 Refs CVE-2021-31542 -- Skipped mock AWS storage test on Windows.
The validate_file_name() sanitation introduced in
0b79eb3691 correctly rejects the example
file name as containing path elements on Windows. This breaks the test
introduced in 914c72be2a to allow path
components for storages that may allow them.

Test is skipped pending a discussed storage refactoring to support this
use-case.
2021-05-06 07:04:52 +02:00
ecogels a0a5e0f4c8 Fixed #32705 -- Prevented database cache backend from checking .rowcount on closed cursor.
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2021-05-05 12:41:59 +02:00
Simon Charette 136ff592ad Fixed #32690 -- Fixed __in lookup crash when combining with filtered aggregates.
Having lookups group by subquery right-hand-sides is likely unnecessary
in the first place but relatively large amount of work would be needed
to achieve that such as making Lookup instances proper resolvable
expressions.

Regression in 3543129822.

Thanks James A. Munsch for the report.
2021-05-05 11:41:35 +02:00
Maxim Beder 06fd4df41a Fixed #32479 -- Added fallbacks to subsequent language codes in translations.
Thanks Claude Paroz and Nick Pope for reviews.
2021-05-05 09:37:54 +02:00
Simon Charette 96f55ccf79 Fixed #32714 -- Prevented recreation of migration for Meta.ordering with OrderBy expressions.
Regression in c8b6594305.

Thanks Kevin Marsh for the report.
2021-05-05 08:43:57 +02:00
Karthikeyan Singaravelan f9f6bd63c9 Refs #32074 -- Removed usage of deprecated Thread.setDaemon().
Thread.setDaemon() was deprecated in Python 3.10 and will be removed in
Python 3.12.
2021-05-04 12:07:18 +02:00
Florian Apolloner 0b79eb3691 Fixed CVE-2021-31542 -- Tightened path & file name sanitation in file uploads. 2021-05-04 08:44:42 +02:00
Hasan Ramezani 8de4ca74ba Fixed #32693 -- Quoted and lowercased generated column aliases. 2021-05-04 07:36:56 +02:00
Mariusz Felisiak 1f643c28b5
Fixed #32653 -- Made quoting names in the Oracle backend consistent with db_table. 2021-04-30 12:59:07 +02:00
Tim Graham 54da6e2ac2 Fixed #32678 -- Removed SECURE_BROWSER_XSS_FILTER setting. 2021-04-30 12:32:52 +02:00
Hasan Ramezani 8bcb00858e Fixed #32698 -- Moved HttpRequest.get_raw_uri() to ExceptionReporter._get_raw_insecure_uri(). 2021-04-30 08:05:42 +02:00
Nick Pope 2161db0792
Fixed capitalization of "ECMAScript" and "JavaScript". 2021-04-29 20:29:08 +02:00
Simon Charette c8b6594305 Fixed #32632, Fixed #32657 -- Removed flawed support for Subquery deconstruction.
Subquery deconstruction support required implementing complex and
expensive equality rules for sql.Query objects for little benefit as
the latter cannot themselves be made deconstructible to their reference
to model classes.

Making Expression @deconstructible and not BaseExpression allows
interested parties to conform to the "expression" API even if they are
not deconstructible as it's only a requirement for expressions allowed
in Model fields and meta options (e.g. constraints, indexes).

Thanks Phillip Cutter for the report.

This also fixes a performance regression in bbf141bcdc.
2021-04-28 12:13:55 +02:00
Mariusz Felisiak 4f600673d7 Refs #32632 -- Added tests for returning a copy when combining Q() objects. 2021-04-28 11:31:17 +02:00
Konstantin Alekseev 6e742dabc9 Fixed #32687 -- Restored passing process’ environment to underlying tool in dbshell on PostgreSQL.
Regression in bbe6fbb876.
2021-04-27 10:43:35 +02:00
Mariusz Felisiak 1871182031 Fixed #32682 -- Made admin changelist use Exists() instead of distinct() for preventing duplicates.
Thanks Zain Patel for the report and Simon Charette for reviews.

The exception introduced in 6307c3f1a1
revealed a possible data loss issue in the admin.
2021-04-27 10:34:47 +02:00
Mariusz Felisiak cd74aad90e Refs #32682 -- Renamed use_distinct variable to may_have_duplicates.
QuerySet.distinct() is not the only way to avoid duplicate, it's also
not preferred.
2021-04-27 10:34:47 +02:00
Mariusz Felisiak 4074f38e1d Refs #32682 -- Fixed QuerySet.delete() crash on querysets with self-referential subqueries on MySQL. 2021-04-27 10:34:47 +02:00
Mariusz Felisiak 158eca4f93 Refs #19080 -- Added tests for preserving select_related() in the admin changelist. 2021-04-27 10:34:47 +02:00
Mariusz Felisiak d68be0494b
Refs 32637 -- Made technical 404 debug page display exception message when URL is resolved.
Follow up to 3b8527e32b.
2021-04-27 08:40:52 +02:00
Hannes Ljungberg eab71f7690 Fixed #32686 -- Removed unnecessary semicolon on collected multiline SQL for RunSQL. 2021-04-27 08:01:07 +02:00
Hannes Ljungberg 95754dbc9b Refs #32686 -- Added tests for adding a semicolon when collecting SQL for RunSQL. 2021-04-27 07:59:41 +02:00
Zain Patel 4e5bbb6ef2 Fixed #32681 -- Fixed VariableDoesNotExist when rendering some admin template.
Regression in 84609b3205.
2021-04-26 07:08:16 +02:00
Mariusz Felisiak af609c2f4d
Fixed isolation of test_rename_table_renames_deferred_sql_references(). 2021-04-26 06:11:13 +02:00
Simon Charette 170b006ce8 Fixed #32673 -- Fixed lookups crash when comparing against lookups on PostgreSQL.
Regression in 3a505c70e7.

Nonlitteral right-hand-sides of lookups need to be wrapped in
parentheses to avoid operator precedence ambiguities.

Thanks Charles Lirsac for the detailed report.
2021-04-23 15:38:32 +02:00
Mariusz Felisiak 2f435e75ab
Fixed isolation of test_showmigrations_unmigrated_app().
Follow up to 90916f050c.
2021-04-23 10:06:08 +02:00
Mariusz Felisiak ac2e6e6869
Fixed isolation of i18n.tests.FormattingTests.test_get_custom_format(). 2021-04-22 19:57:27 +02:00
Mariusz Felisiak 90916f050c
Fixed isolation of test_showmigrations_unmigrated_app(). 2021-04-22 17:43:58 +02:00
Mariusz Felisiak c3278bb71f
Used assertCountEqual() in ExcludeTests.test_exclude_subquery(). 2021-04-22 10:47:10 +02:00
Simon Charette 6d0cbe42c3 Fixed #32650 -- Fixed handling subquery aliasing on queryset combination.
This issue started manifesting itself when nesting a combined subquery
relying on exclude() since 8593e162c9 but
sql.Query.combine never properly handled subqueries outer refs in the
first place, see QuerySetBitwiseOperationTests.test_subquery_aliases()
(refs #27149).

Thanks Raffaele Salmaso for the report.
2021-04-21 09:49:15 +02:00
Mariusz Felisiak 34d1905712
Fixed #32665 -- Fixed caches system check crash when STATICFILES_DIRS is a list of 2-tuples.
Thanks Jared Lockhart for the report.

Regression in c36075ac1d.
2021-04-21 09:41:37 +02:00
Carlton Gibson 5c73fbb6a9 Fixed #32647 -- Restored multi-row select with shift-modifier in admin changelist.
Regression in 30e59705fc.
2021-04-21 08:31:06 +02:00
Tobias Bengfort 54e94640ac Refs #25287 -- Added support for multiplying and dividing DurationField by scalar values on SQLite. 2021-04-20 11:44:41 +02:00
François Freitag 6b0b3eafd6 Fixed #32664 -- Made PasswordResetTokenGenerator.secret validation lazy.
Django apps initialization to run management command triggers the admin
autodiscovery. Importing django.contrib.auth.tokens creates an instance
of PasswordResetTokenGenerator which required a SECRET_KEY.

For several management commands, the token generator is unused. It
should only complain about a missing SECRET_KEY when it is used.
2021-04-20 07:34:53 +02:00
François Freitag b13af4752f Refs #28017 -- Added test for PasswordResetTokenGenerator subclass with a custom secret. 2021-04-20 07:28:06 +02:00
Chris Jerdonek 413c15ef2e
Refs #32609 -- Simplified test_labels_set construction in runtests.py's setup().
Follow up to 7cf3a5786b.
2021-04-19 11:01:48 +02:00
Chris Jerdonek a41ed8f1b9 Refs #32611 -- Removed initial "Testing against ..." log message calls from --bisect/--pair runtests options. 2021-04-19 09:18:46 +02:00
Chris Jerdonek 9fa8460081 Fixed #32611 -- Prevented unecessary setup()/teardown() calls when using --bisect/--pair runtests options.
This commit changes runtests.py's bisect_tests() and paired_tests() to
change settings only when necessary, namely when specific test names
aren't provided.
2021-04-19 09:14:35 +02:00
David Wobrock aa4acc164d Fixed #29899 -- Made autodetector use model states instead of model classes.
Thanks Simon Charette and Markus Holtermann for reviews.
2021-04-16 11:18:10 +02:00
girishsontakke a815a6a315 Fixed #32641 -- Made DiscoverRunner print the number of found tests.
Thanks Chris Jerdonek for reviews.
2021-04-15 11:42:46 +02:00
Florian Apolloner 4511d14598 Fixed #32643 -- Fixed decoding of messages in the pre-Django 3.2 format.
Thanks Jan Pieter Waagmeester for the report.

Regression in 2d6179c819.
2021-04-14 22:52:59 +02:00
Mariusz Felisiak ca98729055
Fixed #32645 -- Fixed QuerySet.update() crash when ordered by joined fields on MySQL/MariaDB.
Thanks Matt Westcott for the report.

Regression in 779e615e36.
2021-04-14 21:11:17 +02:00
Arthur Jovart 08c60cce3b Fixed #32648 -- Fixed VariableDoesNotExist rendering sitemaps template. 2021-04-14 16:50:47 +02:00
Mariusz Felisiak 23fa29f6a6
Fixed #32649 -- Fixed ModelAdmin.search_fields crash when searching against phrases with unbalanced quotes.
Thanks Dlis for the report.

Regression in 26a413507a.
2021-04-14 12:23:47 +02:00
Hasan Ramezani a77c9a4229 Fixed #32635 -- Fixed system check crash for reverse o2o relations in CheckConstraint.check and UniqueConstraint.condition.
Regression in b7b7df5fbc.

Thanks Szymon Zmilczak for the report.
2021-04-14 10:06:18 +02:00
Hasan Ramezani 33abc55601 Refs #31530 -- Added test for joined OneToOneField in CheckConstraint.check 2021-04-14 09:37:55 +02:00
Mariusz Felisiak 3b8527e32b
Fixed #32637 -- Restored exception message on technical 404 debug page.
Thanks Atul Varma for the report.
2021-04-13 09:15:04 +02:00
Adam Johnson b8bb9e1549 Reduced the garbage collection frequency in runtests.py. 2021-04-13 07:43:29 +02:00
Iuri de Silvio 9760e262f8 Fixed #32627 -- Fixed QuerySet.values()/values_list() crash on combined querysets ordered by unannotated columns. 2021-04-12 21:11:40 +02:00
Chris Jerdonek 823a9e6bac Fixed #32416 -- Made ThreadedWSGIServer close connections after each thread.
ThreadedWSGIServer is used by LiveServerTestCase.
2021-04-12 10:23:56 +02:00
Claude Paroz e4430f22c8 Fixed #31937 -- Eased translation of time strings in some languages. 2021-04-10 20:23:12 +02:00
Adam Johnson 45a58c31e6 Fixed #32620 -- Allowed subclasses of Big/SmallAutoField for DEFAULT_AUTO_FIELD. 2021-04-08 13:17:08 +02:00
Claude Paroz 30e123ed35 Fixed #32575 -- Added support for SpatiaLite 5. 2021-04-08 09:36:29 +02:00
Claude Paroz 3ae4344bbd Dropped support for GEOS 3.5 and GDAL 2.0. 2021-04-07 20:39:30 +02:00
Adam Johnson d9de74141e Fixed #32442 -- Used converters on returning fields from INSERT statements. 2021-04-07 17:10:00 +02:00
Claude Paroz e3cfba0029 Fixed #32544 -- Confirmed support for GDAL 3.2 and GEOS 3.9. 2021-04-07 15:54:24 +02:00
Mariusz Felisiak c6859f1a68
Refs #32074 -- Backported Enum.__repr__() from Python 3.10.
Enum.__repr__() was changed in [1], we should use the same format in
Python < 3.10.

[1] https://bugs.python.org/issue40066
2021-04-07 10:28:40 +02:00
Carlton Gibson 5aea50e57f Updated asgiref dependency for 3.2 release series. 2021-04-06 10:38:43 +02:00
Mariusz Felisiak d4d800ca1a Fixed CVE-2021-28658 -- Fixed potential directory-traversal via uploaded files.
Thanks Claude Paroz for the initial patch.
Thanks Dennis Brinkrolf for the report.
2021-04-06 08:15:17 +02:00
Mariusz Felisiak 78fea27f69
Fixed #32614 -- Fixed MiddlewareSyncAsyncTests tests with asgiref 3.3.2+. 2021-04-06 08:03:43 +02:00
Claude Paroz 90b95d2959 Updated translations from Transifex.
Forwardport of 1ea5e98315 from stable/3.2.x.
2021-04-06 06:19:31 +02:00
Hugo Cachitas 8f6a7a0e9e Fixed #32594 -- Doc'd and tested that Signal.disconnect() with lazy references returns None. 2021-04-03 14:57:43 +02:00
Chris Jerdonek a89e975caf Fixed #32532 -- Made DiscoverRunner raise RuntimeError when a test label is a file path. 2021-04-02 12:54:08 +02:00
Adam Johnson e32722d160 Fixed #32383 -- Added source map support to ManifestStaticFilesStorage. 2021-04-02 12:21:21 +02:00
William Schwartz 9ee693bd6c Fixed #32316 -- Deferred accessing __file__.
Deferred accessing the module-global variable __file__ because the
Python import API does not guarantee it always exists—in particular, it
does not exist in certain "frozen" environments. The following changes
advanced this goal.

Thanks to Carlton Gibson, Tom Forbes, Mariusz Felisiak, and Shreyas
Ravi for review and feedback.
2021-04-01 14:33:30 +02:00
Hugo Cachitas f83214a3e1 Refs #32594 -- Added Signal.disconnect() test with a model class.
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2021-03-31 11:01:48 +02:00
Maxim Milovanov d915dd1c58 Fixed #32204 -- Added quick filter to admin's navigation sidebar. 2021-03-31 09:31:37 +02:00
bankc db5b75f10f Fixed #31840 -- Added support for Cross-Origin Opener Policy header.
Thanks Adam Johnson and Tim Graham for the reviews.

Co-authored-by: Tim Graham <timograham@gmail.com>
2021-03-30 19:59:24 +02:00
Mariusz Felisiak f6018c1e63 Fixed #32595 -- Fixed SchemaEditor.quote_value() crash with bytes. 2021-03-30 11:42:15 +02:00
Mariusz Felisiak 3c75f1f3ca Refs #32595 -- Added MySQL's SchemaEditor.quote_value() tests for values with Unicode chars. 2021-03-30 11:42:15 +02:00
Chris Jerdonek 038940cf55 Fixed #29127 -- Prevented DiscoverRunner from hiding tagged test with syntax errors.
This mades _FailedTest objects always match tags in DiscoverRunner.
2021-03-30 10:26:20 +02:00
Daniyal 7c08f26bf0 Fixed #32260 -- Made View.as_view() do not use update_wrapper().
View.as_view() should not use update_wrapper() for copying attributes
it's unintended and have side-effects such as adding `self` to the
signature.

This also fixes system check for arguments of custom error handler
views with class-based views.

Co-authored-by: Nick Pope <nick.pope@flightdataservices.com>
2021-03-30 07:58:09 +02:00
Nick Pope 41850eec99 Fixed #32572 -- Improved ResolverMatch.__repr__().
When a partial function was passed as the view, the __repr__() would
show the `func` argument as `functools.partial` which isn't very
helpful, especially as it doesn't reveal the underlying function or
arguments provided.
2021-03-29 11:28:56 +02:00
Nick Pope 2f13c476ab Fixed #31487 -- Added precision argument to Round(). 2021-03-29 09:43:08 +02:00
Hasan Ramezani ed0cc52dc3 Fixed #32585 -- Fixed Value() crash with DecimalField on SQLite. 2021-03-29 06:22:36 +02:00
Chris Jerdonek dcb06c2c68 Fixed #32591 -- Made DiscoverRunner order _FailedTest objects first.
Failures detected when loading tests are ordered before all of the
above for quicker feedback. This includes things like test modules that
couldn't be found or that couldn't be loaded due to syntax errors.
2021-03-26 12:18:27 +01:00
Chris Jerdonek ff514309e1 Fixed #32578 -- Fixed crash in CsrfViewMiddleware when a request with Origin header has an invalid host. 2021-03-25 10:34:58 +01:00
Mariusz Felisiak 5b618f239c
Fixed RemoteTestResultTest tests without tblib.
Follow up to e3bca22e7e.
2021-03-25 10:33:54 +01:00
Girish Sontakke 5388ff2a52
Fixed #32582 -- Removed unnecessary dot in names of cloned test databases on SQLite. 2021-03-25 06:37:01 +01:00
Mariusz Felisiak 83443e62d3
Optimized FkConstraintsTests.test_check_constraints by specifying a database table. 2021-03-24 12:18:00 +01:00
Adam Donaghy cdd0b213a8 Fixed #29606 -- Added type check for ALLOWED_HOSTS setting. 2021-03-24 09:18:44 +01:00
Nick Pope a96c730431 Fixed #32460 -- Allowed "label"/"do_not_call_in_templates" members in model choice enums. 2021-03-24 07:45:33 +01:00
Nick Pope 41e39c41c9 Refs #32460 -- Doc'd and tested that property names of model choice enums cannot be used as members. 2021-03-24 07:45:33 +01:00
Florian Demmer 3a185cee2a Fixed #32573 -- Fixed bounds in __iso_year lookup optimization. 2021-03-23 21:27:55 +01:00