Commit Graph

16522 Commits

Author SHA1 Message Date
Hasan Ramezani 226ebb1729 Fixed #28622 -- Allowed specifying password reset link expiration in seconds and deprecated PASSWORD_RESET_TIMEOUT_DAYS. 2019-09-20 13:52:04 +02:00
James Timmins 0719edcd5f Fixed #30771 -- Fixed exact lookup against queries with selected columns.
Use pre-existing select fields (and thereby GROUP BY fields) from
subquery if they were specified, instead of always defaulting to pk.

Thanks Aur Saraf for the report and Simon Charette for guidance.
2019-09-20 10:42:14 +02:00
Andrew 3346b78a8a Fixed #30786 -- Used CONVERT_TZ to check if the time zone definitions are installed on MySQL.
Replaced a timezone check in the MySQL backend with one that doesn't
require access to the mysql.time_zone database.
2019-09-20 08:17:27 +02:00
Daniel Fairhead 5cb3ed187b Fixed #30772 -- Optimized make_template_fragment_key().
Removed usage of urllib.quote(), unnecessary since cbbe60c7fc.
Used hasher's .update() on key fragments.
2019-09-18 14:53:05 +02:00
Sam Reynolds 6c9778a58e Fixed #30776 -- Restored max length validation on AuthenticationForm.UsernameField.
Regression in 5ceaf14686.

Thanks gopackgo90 for the report and Mariusz Felisiak for tests.
2019-09-18 11:37:38 +02:00
Min ho Kim b1d6b35e14 Fixed #30725 -- Fixed width of DateTimeField inputs in admin tabular inline.
"width" of DateTimeField inputs in admin tabular inline wasn't set
correctly what caused displaying too small inputs with responsive CSS
when timezone warning wasn't present.
2019-09-17 14:30:33 +02:00
Nasir Hussain faf4b988fe Fixed #30758 -- Made RangeFields use multiple hidden inputs for initial data. 2019-09-17 12:08:49 +02:00
Hasan Ramezani b9db423d3c Fixed #29376 -- Allowed hiding "Save and Add Another" button in admin. 2019-09-16 11:37:09 +02:00
Simon Charette 6c3dfba892 Fixed #30769 -- Fixed a crash when filtering against a subquery JSON/HStoreField annotation.
This was a regression introduced by 7deeabc7c7
to address CVE-2019-14234.

Thanks Tim Kleinschmidt for the report and Mariusz for the tests.
2019-09-16 08:24:40 +02:00
Carlton Gibson b5db65c4fb Increased the default PBKDF2 iterations for Django 3.1. 2019-09-12 17:24:01 +02:00
Adnan Umer 241deed259 Fixed #30591 -- Fixed recreation of foreign key constraints on MySQL when altering type of referenced unique field.
Thanks Mariusz Felisiak for tests and Matthijs Kooijman for
investigation and initial patch.
2019-09-11 11:21:08 +02:00
Mads Jensen b616908ce1 Used Statement in PostGISSchemaEditor._create_index_sql(). 2019-09-11 07:51:31 +02:00
Mariusz Felisiak 9a2a12d415 Advanced deprecation warnings for Django 3.1. 2019-09-10 12:01:00 +02:00
Mariusz Felisiak 0ddb4ebf7b Refs #14357 -- Made Meta.ordering not affect GROUP BY queries.
Per deprecation timeline.
2019-09-10 12:01:00 +02:00
Mariusz Felisiak d17be88afd Refs #30037 -- Required the RemoteUserBackend.configure_user() to have request as the first positional argument.
Per deprecation timeline.
2019-09-10 12:01:00 +02:00
Mariusz Felisiak b61ea56789 Refs #28478 -- Removed support for TestCase's allow_database_queries and multi_db per deprecation timeline. 2019-09-10 12:01:00 +02:00
Mariusz Felisiak f1894bae30 Refs #28606 -- Removed CachedStaticFilesStorage per deprecation timeline. 2019-09-10 12:01:00 +02:00
Mariusz Felisiak 81993b47ea Refs #29703 -- Removed QuerySetPaginator alias per deprecation timeline. 2019-09-10 12:01:00 +02:00
Mariusz Felisiak cb2be9d5d5 Refs #29546 -- Removed django.utils.timezone.FixedOffset per deprecation timeline. 2019-09-10 12:01:00 +02:00
Mariusz Felisiak 3d716467a9 Refs #29817 -- Removed settings.FILE_CHARSET per deprecation timeline. 2019-09-10 12:01:00 +02:00
Mariusz Felisiak b47bb4c4a7 Refs #29598 -- Removed FloatRangeField per deprecation timeline. 2019-09-10 12:01:00 +02:00
Mariusz Felisiak 0f2f517298 Bumped version; master is now 3.1 pre-alpha. 2019-09-10 11:54:25 +02:00
Simon Charette 34decdebf1 Fixed #30754 -- Prevented inclusion of aliases in partial index conditions.
SQLite doesn't repoint table aliases in partial index conditions on table
rename which breaks the documented table alteration procedure.

Thanks Pēteris Caune for the report.
2019-09-10 10:03:16 +02:00
Vojtech Bocek b1d37fea8f Fixed #28107 -- Added DatabaseFeatures.allows_group_by_selected_pks_on_model() to allow enabling optimization for unmanaged models. 2019-09-09 14:04:46 +02:00
Nick Pope 406dba04e1 Fixed #29406 -- Added support for Referrer-Policy header.
Thanks to James Bennett for the initial implementation.
2019-09-09 13:35:41 +02:00
Johannes Hoppe 7254f1138d Refs #29444 -- Allowed returning multiple fields from INSERT statements on PostgreSQL.
Thanks Florian Apolloner, Tim Graham, Simon Charette, Nick Pope, and
Mariusz Felisiak for reviews.
2019-09-09 10:51:14 +02:00
Johannes Hoppe 736e7d44de Refs #29444 -- Fixed DateField constructor in db.backends.oracle.utils.InsertVar. 2019-09-09 10:51:07 +02:00
Nick Pope b6251956b6 Fixed #30757 -- Added a system check to ensure max_length fits the longest choice. 2019-09-09 10:28:18 +02:00
Claude Paroz 05d0eca635 Fixed #30426 -- Changed X_FRAME_OPTIONS setting default to DENY. 2019-09-09 08:15:26 +02:00
Claude Paroz 5495ea3ae0 Updated translation catalogs 2019-09-08 17:35:32 +02:00
Mariusz Felisiak addabc492b
Fixed DatabaseFeatures.can_introspect_check_constraints on MariaDB < 10.2.22, 10.3.0 - 10.3.9.
Regression in e2c6a0858d.
2019-09-06 11:53:54 +02:00
Hasan Ramezani 6c379f1a18 Fixed #30763 -- Fixed management commands when using required mutually exclusive groups. 2019-09-06 10:55:24 +02:00
Mariusz Felisiak e2c6a0858d Fixed #30750 -- Added support for check constraints on MySQL 8.0.16+. 2019-09-05 09:18:34 +02:00
Shai Berger 72ebe85a26 Fixed #27910 -- Added enumeration helpers for use in Field.choices.
These classes can serve as a base class for user enums, supporting
translatable human-readable names, or names automatically inferred
from the enum member name.

Additional properties make it easy to access the list of names, values
and display labels.

Thanks to the following for ideas and reviews:

Carlton Gibson, Fran Hrženjak, Ian Foote, Mariusz Felisiak, Shai Berger.

Co-authored-by: Shai Berger <shai@platonix.com>
Co-authored-by: Nick Pope <nick.pope@flightdataservices.com>
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2019-09-04 14:42:49 +02:00
Nasir Hussain 25706d7285 Fixed #29714 -- Allowed using ExceptionReporter subclass with AdminEmailHandler. 2019-09-04 08:40:46 +02:00
Viktor Lomakin 5931d2e96a Fixed #30691 -- Made migrations autodetector find dependencies for foreign keys altering. 2019-09-03 14:45:49 +02:00
Johannes Hoppe 003bb34b21 Refs #29444 -- Made db.backends.oracle.utils.InsertVar use str as default. 2019-09-03 10:34:55 +02:00
Carlton Gibson 4f61810751 Fixed #30747 -- Renamed is_safe_url() to url_has_allowed_host_and_scheme(). 2019-09-02 15:32:23 +02:00
Simon Charette 13a8884a08 Fixed #30739 -- Fixed exclusion of multi-valued lookup against outer rhs.
OuterRef right hand sides have to be nested, just like F rhs have to,
during the subquery pushdown split_exclude performs to ensure they are
resolved against the outer query aliases.
2019-09-02 10:52:36 +02:00
Simon Charette 600628f8f0 Refs #28442 -- Adjusted related lookups handling of expression rhs.
Expressions should never be prepared as other Lookup.get_prep_lookup
implementations hint at by returning early on the presence of the
resolve_expression attribute.

The previous solution was only handling lookups against related fields
pointing at AutoFields and would break for foreign keys to other fields.

It was also causing bidirectional coupling between model fields and
expressions which the method level import of OuterRef was a symptom of.
2019-09-02 10:52:36 +02:00
Nick Pope 999891bd80 Refs #29379 -- Moved autocomplete attribute to UsernameField.
Moving the autocomplete attribute into UsernameField allows this to work
for custom forms making use of UsernameField, removes some duplication
in the code, and keeps consistency with the autocapitalize attribute
that is already defined on UsernameField.
2019-09-02 10:50:56 +02:00
Alan Crosswell 03fa846c6a Fixed #30731 -- Fixed handling trailing groups in simplify_regex().
Previously simplify_regex() didn't handle trailing groups for regexp
without the end of string character ("$").
2019-08-30 12:43:39 +02:00
yukihira1992 0545781764 Fixed #30736 -- Added Storage.get_alternative_name() to allow customization. 2019-08-30 11:32:19 +02:00
Berker Peksag 400ec5125e Fixed #18763 -- Added ModelBackend/UserManager.with_perm() methods.
Co-authored-by: Nick Pope <nick.pope@flightdataservices.com>
2019-08-29 19:32:12 +02:00
daniel a rios b5a5c92c72 Fixed #30066 -- Enabled super user creation without email and password 2019-08-29 12:49:16 +02:00
Mariusz Felisiak d275fd04f3
Refs #25367 -- Simplified OrderBy and Lookup by using Case() instead of RawSQL() on Oracle.
Follow up to efa1908f66.
2019-08-29 11:56:12 +02:00
Matthew Schinckel 4137fc2efc Fixed #25367 -- Allowed boolean expressions in QuerySet.filter() and exclude().
This allows using expressions that have an output_field that is a
BooleanField to be used directly in a queryset filters, or in the
When() clauses of a Case() expression.

Thanks Josh Smeaton, Tim Graham, Simon Charette, Mariusz Felisiak, and
Adam Johnson for reviews.

Co-Authored-By: NyanKiyoshi <hello@vanille.bid>
2019-08-29 09:45:29 +02:00
Jon Dufresne a44d80f88e Adjusted subprocess.run() calls to use arg list, rather than string.
The Python docs recommend passing a sequence to subprocess.run() when
possible. Doing so allows for automatic escaping and quoting of
arguments.

https://docs.python.org/3/library/subprocess.html#frequently-used-arguments

> args is required for all calls and should be a string, or a sequence
> of program arguments. Providing a sequence of arguments is generally
> preferred, as it allows the module to take care of any required
> escaping and quoting of arguments (e.g. to permit spaces in file
> names).

Also removed `shell=True` where unnecessary.
2019-08-28 10:19:30 +02:00
Jon Dufresne 1e6b9e29e6 Refs #27795 -- Removed an unnecessary force_bytes() call in uri_to_iri().
The value returned from urllib.parse.quote() is always a string, so can
safely call .encode().
2019-08-28 09:20:46 +02:00
Federico Jaramillo Martínez 8f6860863e Fixed #30722 -- Added default rate-limiting requests to admin's Select2 widget. 2019-08-27 13:47:36 +02:00