innov
/
django1
1
0
Fork 0
Code Issues Pull Requests 1 Projects Releases Wiki Activity
20,934 Commits 25 Branches 361 Tags 501 MiB
Commit Graph

12639 Commits

Author SHA1 Message Date
Anssi Kääriäinen 6f403056f0 Fixed #24923 -- errored out nicely when using aggregates in order_by() 2015-07-13 08:36:25 -04:00
Ben Spaulding 83f6373030 Fixed #25116 -- Removed long-broken admindocs bookmarklets 
These were broken back in commit 64e11a6.
 2015-07-13 08:18:58 -04:00
Szilveszter Farkas f576b23a65 Fixed #25073 -- Added verbose_name to contrib's model fields that were missing it. 2015-07-12 13:44:16 -04:00
Claude Paroz d72f8862cb Fixed #25072 -- Prevented GDALRaster memory to be uncollectable 
Setting GDALRaster.bands as a cached property was creating a circular
reference with objects having __del__ methods, which means the memory
could never be freed.
Thanks Daniel Wiesmann for the report and test, and Tim Graham for the review.
 2015-07-10 19:56:17 +02:00
darkryder f675afa13c Fixed #25093 -- Added utils.datastructures.OrderedSet.__len__() 2015-07-09 21:20:52 -04:00
Simon Charette 07577a2d05 Fixed #25081 -- Prevented DISTINCT ON ordering from being cleared in get(). 
Thanks to pdewacht for the patch.
 2015-07-09 16:00:52 -04:00
Shai Berger 17d3a6d804 Fixed catastrophic backtracking in URLValidator. 
Thanks João Silva for reporting the problem and Tim Graham for finding the
problematic RE and for review.

This is a security fix; disclosure to follow shortly.
 2015-07-08 15:23:03 -04:00
Tim Graham 014247ad19 Prevented newlines from being accepted in some validators. 
This is a security fix; disclosure to follow shortly.

Thanks to Sjoerd Job Postmus for the report and draft patch.
 2015-07-08 15:23:03 -04:00
Carl Meyer df049ed77a Fixed #19324 -- Avoided creating a session record when loading the session. 
The session record is now only created if/when the session is modified. This
prevents a potential DoS via creation of many empty session records.

This is a security fix; disclosure to follow shortly.
 2015-07-08 15:23:03 -04:00
Chris Bainbridge e5cfa394d7 Refs #23882 -- Added detection for moved files when using inotify polling 
Commit 15f82c7 ("used pyinotify as change detection system when
available") introduced a regression where editing a file in vim with
default settings (writebackup=auto) no longer causes the dev server
to be restarted. On a write, vim moves the monitored file to a backup
path and then creates a new file in the original. The new file is not
monitored as it has a different inode. Fixed this by also watching for
inotify events IN_DELETE_SELF and IN_MOVE_SELF.
 2015-07-07 12:23:04 -04:00
David Wolever 0d71349773 Fixed #22804 -- Added warning for unsafe value of 'sep' in Signer 
Thanks Jaap Roes for completing the patch.
 2015-07-07 11:44:37 -04:00
Alexey Sveshnikov bc98bc56a5 Fixed #25059 -- Allowed Punycode TLDs in URLValidator 2015-07-06 15:08:43 -04:00
Karol Duleba b74b94445d Updated Memcached get_backend_timeout() comment. 2015-07-06 10:13:20 -04:00
Tim Graham 69483e022a Removed some u string prefixes in code comments. 2015-07-06 09:17:28 -04:00
Tim Graham 8556978078 Removed unused variable template.base.ALLOWED_VARIABLE_CHARS. 
Unused since 5d863f1fbd.
 2015-07-06 08:49:24 -04:00
Sylvain Fankhauser f5d5867a4a Fixed #24877 -- Added middleware handling of response.render() errors. 2015-07-03 12:06:40 -04:00
Rigel Di Scala b91a2a499f Fixed #23190 -- Made Paginator.page_range an iterator 2015-07-03 11:34:34 -04:00
Jan Pazdziora 3353684102 Fixed #25032 -- Removed double redirect in admin login. 2015-07-03 08:53:10 -04:00
Jan Pazdziora a570701e02 Fixed #25029 -- Added PersistentRemoteUserMiddleware for login-page-only external authentication. 2015-07-02 17:38:10 -04:00
Grégoire ROCHER c6cce4de38 Fixed #25050 -- Allowed serialization of models with deferred fields. 2015-07-02 14:46:16 -04:00
Chris Lamb 61f3e22e38 Fixed #25054 -- Added app_label to swapped model AttributeError 2015-07-02 14:18:10 -04:00
Adam Taylor 30a152a367 Fixed #25053 -- Made admin templates use |safe with password help_text 2015-07-02 14:02:18 -04:00
William Schwartz 9a5cfa05a0 Fixed #24997 -- Enabled bulk_create() on proxy models 2015-07-02 13:53:51 -04:00
jpic fedef7b2c6 Fixed #24908 -- Fixed duplicate readonly field rendering. 
ModelAdmin added readonly_fields to exclude, but would not undeclare
them if they were overridden.
 2015-07-02 13:37:30 -04:00
Kai Richard Koenig 60f795c060 Fixed #25040 -- Fixed migrations state crash with GenericForeignKey 2015-07-02 12:48:29 -04:00
Curtis 11cac1bd8e Fixed #4960 -- Added "strip" option to CharField 2015-07-01 17:47:05 -04:00
Jon Dufresne b44dee16e6 Fixed #20916 -- Added Client.force_login() to bypass authentication. 2015-07-01 13:01:08 -04:00
Matthew Somerville 839edcebb3 Fixed #21695 -- Added asvar option to blocktrans. 
Thanks Bojan Mihelac for the initial patch.
 2015-07-01 10:03:00 -04:00
Michael Tänzer 3bbaf84d65 Fixed #18247 -- Added cast to NUMERIC for Decimals on sqlite 
On sqlite the SUM() of a decimal column doesn't have a NUMERIC type so
when comparing it to a string literal (which a Decimal gets converted to
in Django) it is not compared as expected.
 2015-06-30 18:27:42 -04:00
Jean-Michel Vourgère b64c0d4d61 Fixed #23658 -- Provided the password to PostgreSQL dbshell command 
The password from settings.py is written in a temporary .pgpass file
file whose name is given to psql using the PGPASSFILE environment
variable.
 2015-06-30 18:21:51 -04:00
Shai Berger eecd42ea7d Removed datetime_cast_sql, which is never overridden or used anywhere in Django. 
Thanks Tim Graham for review.
 2015-07-01 00:43:45 +03:00
Marten Kenbeek aabb58428b Refs #23621 -- Fixed warning message when reloading models. 2015-06-30 15:00:10 -04:00
Andreas Pelme 00a1d4d042 Fixed #21803 -- Added support for post-commit callbacks 
Made it possible to register and run callbacks after a database
transaction is committed with the `transaction.on_commit()` function.

This patch is heavily based on Carl Meyers django-transaction-hooks
<https://django-transaction-hooks.readthedocs.org/>. Thanks to
Aymeric Augustin, Carl Meyer, and Tim Graham for review and feedback.
 2015-06-30 14:51:00 -04:00
Jonas Degrave 4352e865a7 Fixed #24911 -- Made BaseManager.get_queryset() allow custom queryset args. 2015-06-30 13:48:30 -04:00
Ned Batchelder 3b81dbe844 Used %r in the TextNode repr to show newlines better. 2015-06-30 09:54:18 -04:00
Andriy Sokolovskiy 7866968eb3 Removed unused condition for the abstract model in ensure_default_manager() 2015-06-29 21:17:19 -04:00
Andriy Sokolovskiy c0cf73a57d Refs #20203 -- Allowed adding custom default manager to the model state 
If the only manager on the model is the default manager defined
by Django (`objects = models.Manager()`), this manager will not
be added to the model state. If it is custom, it needs to be
passed to the model state.
 2015-06-29 21:15:37 -04:00
Andriy Sokolovskiy 1d40204f82 Removed unnecessary return 2015-06-29 17:14:29 -04:00
Andriy Sokolovskiy 4359be023b Removed unreachable code 2015-06-29 17:14:29 -04:00
Luke Plant aef2a0ec59 Fixed #25018 -- Changed simple_tag to apply conditional_escape() to its output. 
This is a security hardening fix to help prevent XSS (and incorrect HTML)
for the common use case of simple_tag.

Thanks to Tim Graham for the review.
 2015-06-29 08:16:19 -04:00
Anssi Kääriäinen 9ed82154bd Fixed #23791 -- Corrected object type check for pk__in=qs 
When the pk was a relation field, qs.filter(pk__in=qs) didn't work.

In addition, fixed Restaurant.objects.filter(place=restaurant_instance),
where place is an OneToOneField and the primary key of Restaurant.

A big thank you to Josh for review and to Tim for review and cosmetic
edits.

Thanks to Beauhurst for commissioning the work on this ticket.
 2015-06-29 07:49:31 -04:00
Markus Holtermann 736fb1838c Used field.clone() where applicable 2015-06-28 15:11:26 +02:00
Trey Hunner ec4f219ecb Fixed #22463 -- Added code style guide and JavaScript linting (EditorConfig and ESLint) 2015-06-27 16:36:26 -04:00
Tim Graham 7da3923ba0 Sorted imports in __init__.py files. 2015-06-27 11:53:33 -04:00
Greg Chapple 4a66a69239 Fixed #24887 -- Removed one-arg limit from models.aggregate 2015-06-27 11:44:33 -04:00
Noam e291fc4757 Fixed #25031 -- Fixed a regression in the unordered_list template filter. 2015-06-27 09:37:41 -04:00
sujayskumar 2e70bf3785 Fixed #25017 -- Allowed customizing the DISALLOWED_USER_AGENTS response 2015-06-27 08:46:23 -04:00
Jason Hoos a50b66da30 Fixed #24958 -- Fixed inline forms using UUID-PK parents with auto-PK children. 2015-06-26 09:09:09 -04:00
薛丞宏 d3e12c9017 Fixed #25016 -- Reallowed non-ASCII values for ForeignKey.related_name on Python 3. 2015-06-26 08:30:05 -04:00
Claude Paroz 60879a2193 Loaded real destructor functions before garbage time 
This is an alternative patch to the unsuccessful b43b27bcd.
 2015-06-26 13:41:48 +02:00