Commit Graph

677 Commits

Author SHA1 Message Date
Tim Graham e39af5ea59 Fixed #21648 -- Deprecated is_admin_site option to auth.views.password_reset(). 2014-08-23 19:32:58 -04:00
Preston Holmes 5307ce565f Fixed #23066 -- Modified RemoteUserMiddleware to logout on REMOTE_USER change.
This is a security fix. Disclosure following shortly.
2014-08-20 14:39:40 -04:00
Claude Paroz efa67b897b Fetched translations from Transifex
Forward port of 49280a73ea from stable/1.7.x
2014-08-20 10:22:41 +02:00
Collin Anderson 1d79d08d9a Fixed #23294 -- Add related_name to existing migrations.
Thanks to Florian Apolloner for the review; refs #23288.
2014-08-15 12:39:06 -04:00
Gabriel Muñumel deed00c0d8 Fixed #23162 -- Renamed forms.Field._has_changed() to has_changed(). 2014-08-15 08:14:45 -04:00
Trey Hunner 6868643063 Added newlines to the ends of CSS, HTML, and JavaScript files missing them. 2014-08-12 19:22:09 -04:00
Tim Graham a9fd740d22 Fixed #23276 -- Deprecated passing views as strings to url(). 2014-08-12 13:15:40 -04:00
Andrew Godwin 059f5d17c5 Fixed #23163: Align user help text with migrations 2014-08-04 13:57:02 +10:00
Tim Graham a2479f46f3 Fixed #7220 -- Allowed AbstractBaseUser.last_login to be null.
Thanks veena for the suggestion and Simon Charette and Kévin Etienne for reviews.
2014-08-01 17:51:49 -04:00
Jürno Ader 76f2f58a18 Fixed #22956 -- Made PermissionManager.get_by_natural_key() use the correct database for content type lookup. 2014-07-31 13:35:27 -04:00
Iain Dawson b4cf7e3d1d Fixed typo in PermissionsMixin.groups.help_text. 2014-07-21 20:03:45 +00:00
Iain Dawson 8fbf13a6c8 Replaced instances of 'his/her' with 'their'. 2014-07-21 19:49:12 +00:00
Alex Gaynor 6732566967 Bump the default iterations for PBKDF2.
The rate at which we've increased this has not been keeping up with hardware (and software) improvements, and we're now considerably behind where we should be. The delta between our performance and an optimized implementation's performance prevents us from improving that further, but hopefully once Python 2.7.8 and 3.4+ get into more hands we can more aggressively increase this number.
2014-07-11 22:43:26 -07:00
Tim Graham d5e1a2d5eb Added contrib.auth migration for refs #13147. 2014-07-10 13:06:42 -04:00
Yin Jifeng 849538d03d Fixed #13147 -- Moved User validation logic from form to model. 2014-07-10 09:36:43 -04:00
Anubhav Joshi 75ff7b8fb8 Fixed #21832 -- Updated prompt, tests, and docs to show that USERNAME_FIELD supports FK after 9bc2d76.
Also added get_input_data() hook in createsuperuser.

Thanks Chris Jerdonek and Tim Graham for review.
2014-07-08 08:21:41 -04:00
Tim Graham 7fd55c3481 Fixed #20631 -- Increased the default EmailField max_length to 254.
Thanks pmartin for the report.
2014-07-04 14:15:00 -04:00
Anubhav Joshi 9bc2d766a0 Fixed #21755 -- Added ForeignKey support to REQUIRED_FIELDS.
This allows specifying ForeignKeys in REQUIRED_FIELDS when using a
custom User model.

Thanks cjerdonek and bmispelon for suggestion and timgraham for review.
2014-07-03 07:42:52 -04:00
Tim Graham c26579eaa7 Removed django/contrib/auth/create_superuser.py
It's a shim that calls the actual createsuperuser management command and
it's been marked as deprecated since Django 1.0.
2014-07-01 08:51:06 -04:00
Tim Graham cf252dbea6 Fixed #8162 -- Increased Permission.name max_length to 255 characters. 2014-06-30 14:20:51 -04:00
Tim Graham 150d88cc2c Restored is_anonymous() check in ModelBackend permission checking removed in refs #17903.
Thanks Florian Apolloner for raising the issue.
2014-06-24 07:09:38 -04:00
Jorge C. Leitão c33447a50c Fixed #17903 -- Modified ModelBackend to eliminate permissions on inactive users.
Thanks to @SmileyChris for the report and @timgraham for review.
2014-06-23 19:57:20 -04:00
Jorge C. Leitão 0a8c0eda2a Simplified test of contrib.auth.tests. 2014-06-23 19:30:06 -04:00
Tim Graham b341f33697 Added database migration for contrib.auth.
refs #22170.
2014-06-16 16:21:37 -04:00
Claude Paroz f17b24e407 Converted remaining management commands to argparse 2014-06-14 13:43:44 +02:00
mlavin 4696cd9671 Fixed #22477 -- Removed contrib middleware from the global settings defaults.
Also added a compatibility check for changed middleware defaults.

Forwardport of d94de802d3 from stable/1.7.x
2014-06-13 12:45:56 -04:00
Jorge C. Leitão cc35bd461d Fixed #7599 -- Added get_user_permissions to ModelBackend.
Thanks to @gdub for the report and intial patch and
@charettes and @timgraham for the review.
2014-06-13 09:34:04 -04:00
Tim Graham 93d05536fd Fixed #22770 -- Removed create_superuser from post_migrate signals.
Moved logic to syncdb command for backwards compatibility.
2014-06-10 14:37:37 -04:00
Jorge C. Leitão a00b78b1e2 Fixed #17431 -- Added send_mail() method to PasswordResetForm.
Credits for the initial patch go to ejucovy;
big thanks to Tim Graham for the review.
2014-06-10 14:00:52 -04:00
Alex Gaynor 1dcc603eff Fixed several typos in Django 2014-05-28 17:39:14 -07:00
Claude Paroz b8c480a12b Removed unused translations in auth tests 2014-05-20 12:21:05 +02:00
Claude Paroz 1a69d276bd Updated translation catalogs 2014-05-19 15:17:35 +02:00
Tim Graham b68fac7e88 Fixed #22652 -- Replaced UserModel.objects with UserModel._default_manager.
Thanks alexdlaird for the report.
2014-05-19 08:35:44 -04:00
Jorge C. Leitão 2e364a0aac Fixed #15716 - Authentication backends can short-circuit authorization.
Authorization backends can now raise PermissionDenied in "has_perm"
and "has_module_perms" to short-circuit authorization process.
2014-05-16 12:57:38 -04:00
Erik Romijn 255449c1ee Added additional checks in is_safe_url to account for flexible parsing.
This is a security fix. Disclosure following shortly.
2014-05-14 10:19:48 +02:00
Alex Gaynor 2bcb8bfc8d Fix many many typos in comments throughout the codebase 2014-04-26 10:18:45 -07:00
Tim Graham 9e7f86b890 Fixed #22515 -- Fixed the object_id of the LogEntry that's created after a user password change in the admin.
Thanks ross at servercode.co.uk for the report.
2014-04-25 08:20:25 -04:00
Aymeric Augustin 428c0bbe1b Appeased flake8 2.1.0. 2014-04-21 12:27:34 +02:00
Tim Graham 11e30b684d Fixed a KeyError on login with legacy sessions; refs #21649.
Thanks Loic for the report.
2014-04-17 19:57:20 -04:00
John Paulett b5a9166f7e Fixed #22364 -- Sanitized getpass input in changepassword.
Python 2 getpass on Windows does not accept unicode, even
when containing on ASCII characters. Related #190807.
2014-04-10 13:15:37 -04:00
Tim Graham b513fa5fc6 Fixed #22195 -- Used constants to define built-in tags for check framework.
Thanks Elvard for the patch.
2014-04-10 08:45:48 -04:00
Aymeric Augustin 2791fbf59d Used more specific test assertions. 2014-04-09 22:20:22 +02:00
Anubhav Joshi cd914e31c9 Fixed #21977 -- Deprecated SimpleTestCase.urls 2014-04-06 17:33:43 -04:00
Tim Graham fd23c06023 Fixed #21649 -- Added optional invalidation of sessions when user password changes.
Thanks Paul McMillan, Aymeric Augustin, and Erik Romijn for reviews.
2014-04-05 12:50:51 -04:00
Tim Graham d73d0e071c Fixed #22218 -- Deprecated django.conf.urls.patterns.
Thanks Carl Meyer for the suggestion and Alex Gaynor and Carl for reviews.
2014-04-03 07:28:10 -04:00
Tim Graham 246face209 Fixed #22362 -- Improved AuthenticationMiddleware assertion message.
Thanks Keryn Knight.
2014-03-31 08:10:59 -04:00
Tim Graham ed4c2e1c0d Fixed #22329 -- Used label_tag() in some admin auth templates.
refs #17922.
2014-03-29 08:54:56 -04:00
Tim Graham 6d1ae5e27c Removed reading of old 'django_language' session variable per deprecation timeline.
refs #5789.
2014-03-21 09:53:16 -04:00
Ramiro Morales 1d42a86ec7 Tweak password admin change form view context. Refs #21293. 2014-03-11 09:52:43 -03:00
James Jenkins ec675ed6cc Fixed #22070 -- Changed verbose_name for apps in django.contrib to use title case
Thanks bendavis78 for the report.
2014-03-06 18:43:04 -05:00