Russell Keith-Magee
056c940f0d
Fixed #13304 -- Updated auth decorators so they can be used with callable classes. Thanks to Horst Gutmann for the report and patch.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12938 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-04-09 11:07:17 +00:00
Jannis Leidel
7989a78baf
Fixed #13000 - Use a dictionary for the error messages definition in user creation and change form. Thanks for the patch, lgs.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12785 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-03-15 12:16:01 +00:00
Russell Keith-Magee
4dfe6190fa
Fixed #13108 -- Corrected an ambiguity in test data with the potential to cause test failures out of the box. Thanks to benreynwar for the report.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12778 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-03-15 06:55:56 +00:00
Jacob Kaplan-Moss
973bf6f485
Fixed #5605 : only lowercase the domain portion of an email address in `UserManager.create_user`.
...
Thanks, Leo.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12641 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-03-01 20:30:44 +00:00
Jacob Kaplan-Moss
6e748b5db4
Fixed #11457 : tightened the security check for "next" redirects after logins.
...
The new behavior still disallows redirects to off-site URLs, but now allows
redirects of the form `/some/other/view?foo=http://...`.
Thanks to brutasse.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12635 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-03-01 19:58:53 +00:00
Jacob Kaplan-Moss
c8015052d9
Fixed #5786 : relaxed the validation for usernames to allow more common characters '@', etc.
...
This is really just a stop-gap until we come up with a improved way of handling
disparate auth data, but it should help us stretch a bit more milage out of the
current system.
Thanks to alextreme, lbruno, and clayg.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12634 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-03-01 19:49:05 +00:00
Russell Keith-Magee
6b2f125b80
Fixed #12729 -- Replaced a hard-coded SQL statement with an ORM query so that the contrib.auth ModelBackend will work on a routed multi-db setup. Thanks to dhageman for the report.
...
Historical note: The SQL that was removed predates Django being open sourced.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12509 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-02-23 12:02:41 +00:00
Justin Bronn
1d5165e3be
Fixed #12776 -- `User.get_profile` now raises `SiteProfileNotAvailable` instead of `AttributeError` in certain circumstances. Thanks, Bruno Renié.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12506 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-02-23 05:52:37 +00:00
Russell Keith-Magee
eb67e449dd
Fixed #12864 -- Corrected handling of new user creation when a multi-database router is in place. Thanks to haris@dubizzle.com for the report.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12488 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-02-22 13:09:02 +00:00
Jannis Leidel
67d4289c2e
Fixed #12066 - Moved auth context processor from core to the auth app. Thanks, Rob Hudson.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12466 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-02-21 23:40:47 +00:00
Russell Keith-Magee
b794441951
Fixed #10976 -- Isolated contrib.auth tests so they will always pass, regardless of any local templates. Thanks to aarond10 for the report, and SmileyChris for turning that into a patch.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12420 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-02-13 12:02:11 +00:00
Luke Plant
4bff194633
Fixed #12804 - regression with decorating admin views.
...
This is a BACKWARDS INCOMPATIBLE change, because it removes the flawed
'auto_adapt_to_methods' decorator, and replaces it with 'method_decorator'
which must be applied manually when necessary, as described in the 1.2
release notes.
For users of 1.1 and 1.0, this affects the decorators:
* login_required
* permission_required
* user_passes_test
For those following trunk, this also affects:
* csrf_protect
* anything created with decorator_from_middleware
If a decorator does not depend on the signature of the function it is
supposed to decorate (for example if it only does post-processing of the
result), it will not be affected.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12399 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-02-09 15:02:39 +00:00
Russell Keith-Magee
47acb1d659
Fixed #6273 -- Added a 'changepassword' management command. Thanks to Ludvig Ericson and Justin Lilly for their work on this patch.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12351 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-01-29 08:10:29 +00:00
Luke Plant
8daec78cfd
Fixed #12557 - AnonymousUser should check auth backends for permissions
...
Thanks to hvdklauw for the idea and work on the patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12316 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-01-28 01:47:23 +00:00
Russell Keith-Magee
1b3dc8ad9a
Fixed #12540 , #12541 -- Added database routers, allowing for configurable database use behavior in a multi-db setup, and improved error checking for cross-database joins.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12272 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-01-22 14:30:06 +00:00
Jannis Leidel
5cd4c3e559
Fixed #12644 - Allow overriding the admin user creation form based on r12216. Thanks, minmax.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12265 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-01-19 22:19:26 +00:00
Jannis Leidel
373076a3cc
Fixed #12606 - Removed stray print statement. Thanks, Sean Brant.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12225 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-01-14 11:12:24 +00:00
Jannis Leidel
f4998574d3
Fixed #11796 - Tweaked ordering of permissions a little more to be even nicer.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12219 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-01-12 23:35:54 +00:00
Jannis Leidel
c4470e5ced
Make use of new ability to override admin add form templates and removed a litle bit of redundancy in the templates.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12218 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-01-12 23:35:29 +00:00
Joseph Kocherhans
2f9853b2dc
Fixed #12512 . Changed ModelForm to stop performing model validation on fields that are not part of the form. Thanks, Honza Kral and Ivan Sagalaev.
...
This reverts some admin and test changes from [12098] and also fixes #12507 , #12520 , #12552 and #12553 .
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12206 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-01-12 02:29:45 +00:00
Adrian Holovaty
71e8d5dd87
Fixed #11409 -- Reordered the permissions checkboxes in the admin into a more natural progression. Thanks, benspaulding
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12203 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-01-10 21:58:01 +00:00
Adrian Holovaty
5ceed0a053
Changed a whole bunch of places to raise exception instances instead of old-style raising exception classes plus a comma. Good for the future Python 3 conversion
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12180 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-01-10 18:36:20 +00:00
Adrian Holovaty
19b72077f7
Fixed #8049 -- Fixed inconsistency in admin site is_active checks. Thanks for patch and tests, isagalaev
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12159 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-01-10 16:51:13 +00:00
Joseph Kocherhans
471596fc1a
Merged soc2009/model-validation to trunk. Thanks, Honza!
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12098 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-01-05 03:56:19 +00:00
Jannis Leidel
57d7181caa
Fixed #12462 - Fixed edge case with auth backends that don't support object permissions. Thanks to Florian Apolloner for catching it.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12032 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-12-30 22:12:57 +00:00
Russell Keith-Magee
ff60c5f9de
Fixed #1142 -- Added multiple database support.
...
This monster of a patch is the result of Alex Gaynor's 2009 Google Summer of Code project.
Congratulations to Alex for a job well done.
Big thanks also go to:
* Justin Bronn for keeping GIS in line with the changes,
* Karen Tracey and Jani Tiainen for their help testing Oracle support
* Brett Hoerner, Jon Loyens, and Craig Kimmerer for their feedback.
* Malcolm Treddinick for his guidance during the GSoC submission process.
* Simon Willison for driving the original design process
* Cal Henderson for complaining about ponies he wanted.
... and everyone else too numerous to mention that helped to bring this feature into fruition.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11952 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-12-22 15:18:51 +00:00
Russell Keith-Magee
35cc439228
Fixed #7052 -- Added support for natural keys in serialization.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11863 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-12-14 12:39:20 +00:00
Jannis Leidel
9bf652dfd6
Fixed #11010 - Add a foundation for object permissions to authentication backends. Thanks to Florian Apolloner for writing the initial patch.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11807 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-12-10 01:05:35 +00:00
Luke Plant
25020ddb05
Fixed #4604 - Configurable message passing system, supporting anonymous users
...
This deprecates User.message_set in favour of a configurable messaging
system, with backends provided for cookie storage, session storage and
backward compatibility.
Many thanks to Tobias McNulty for the bulk of the work here, with
contributions from Chris Beaven (SmileyChris) and lots of code review from
Russell Keith-Magee, and input from many others. Also credit to the authors
of various messaging systems for Django whose ideas may have been pinched
:-)
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11804 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-12-09 16:57:23 +00:00
Luke Plant
7230a995ce
Moved contrib.csrf.* to core code.
...
There is stub code for backwards compatiblity with Django 1.1 imports.
The documentation has been updated, but has been left in
docs/contrib/csrf.txt for now, in order to avoid dead links to
documentation on the website.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11661 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-27 00:36:34 +00:00
Luke Plant
8e70cef9b6
Fixed #9977 - CsrfMiddleware gets template tag added, session dependency removed, and turned on by default.
...
This is a large change to CSRF protection for Django. It includes:
* removing the dependency on the session framework.
* deprecating CsrfResponseMiddleware, and replacing with a core template tag.
* turning on CSRF protection by default by adding CsrfViewMiddleware to
the default value of MIDDLEWARE_CLASSES.
* protecting all contrib apps (whatever is in settings.py)
using a decorator.
For existing users of the CSRF functionality, it should be a seamless update,
but please note that it includes DEPRECATION of features in Django 1.1,
and there are upgrade steps which are detailed in the docs.
Many thanks to 'Glenn' and 'bthomas', who did a lot of the thinking and work
on the patch, and to lots of other people including Simon Willison and
Russell Keith-Magee who refined the ideas.
Details of the rationale for these changes is found here:
http://code.djangoproject.com/wiki/CsrfProtection
As of this commit, the CSRF code is mainly in 'contrib'. The code will be
moved to core in a separate commit, to make the changeset as readable as
possible.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11660 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-26 23:23:07 +00:00
Luke Plant
c161bf21f0
Fixed #6552 , #12031 - Make django.core.context_processors.auth lazy to avoid "Vary: Cookie"
...
Thanks to olau@iola.dk , Suor for the report
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11623 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-14 18:09:13 +00:00
Luke Plant
c46ddbf1fc
Fixed #8274 - allow custom forms for auth 'login' and 'password_change' views
...
Thanks to julien for the suggestion and patch, and SmileyChris for work on the patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11618 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-12 15:32:24 +00:00
Luke Plant
af02f38e02
Rewrote user_passes_test to use auto_adapt_to_methods, removing the need for _CheckLogin
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11587 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-21 22:34:45 +00:00
Luke Plant
4a5630fe75
Removed unnecessary keys in django.contrib.auth.test.__test__
...
Only doctest tests, and not TestCases, need to be in __test__ AFAICS.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11481 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-10 09:51:27 +00:00
Russell Keith-Magee
e91deca779
Fixed #10521 -- Modified the Remote User tests so that it isn't dependent on particular deployed URLs. Thanks to Kegan and Ramiro Morales for their contributions.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10674 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-05-04 07:05:44 +00:00
Malcolm Tredinnick
5a57a7f006
Fixed #8752 -- Fixed django.contrib.auth tests to be locale-independent.
...
Patch from Koen Biermans.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10599 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-04-19 03:41:33 +00:00
Jacob Kaplan-Moss
ab562bf954
Fixed #10694 : correctly check permissions in the change password admin. Thanks, jturnbull.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10591 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-04-18 21:04:40 +00:00
Jacob Kaplan-Moss
9faa1cd9b5
Fixed #10747 : fixed the auth tests to ignore broken user-supplied login/logout templates.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10482 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-04-10 15:50:51 +00:00
Jacob Kaplan-Moss
6d5492630d
Fixed a sloppy test auth test. [10400] revealed that the auth test was relying on the weird difference between calling a management from the shell and from `call_command`. That this worked in the first case was pretty much an accident.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10404 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-04-05 19:00:27 +00:00
Jacob Kaplan-Moss
2a994716a1
Fixed #10265 : fixed a bug when generating a password reset token for a user created on the same request. Thanks, crucialfelix.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10341 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-04-01 21:25:24 +00:00
Jacob Kaplan-Moss
3e6f4674e2
Fixed #10460 : the logout view can now redirect like the rest of the auth views. Thanks, chronos and steingrd.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10332 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-04-01 17:02:32 +00:00
Jacob Kaplan-Moss
35a1f22bc2
Fixed #10106 : added is_active to user admin's list_display.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10331 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-04-01 16:43:01 +00:00
Jacob Kaplan-Moss
19b9211a3b
Fixed #9881 : Added the to the login view context, not just the site's name. Thanks, nessita.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10330 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-04-01 16:37:48 +00:00
Jacob Kaplan-Moss
e6ad4fb901
Fixed #9474 : user_passes_test may now be applied multiple times.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10328 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-04-01 16:17:38 +00:00
Gary Wilson Jr
b4f5655c86
Fixed #10553 -- Corrected several uses of `URLconf` in documentation and comments, according to the Django style guide. Based on patch from rduffield.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10256 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-03-31 16:07:07 +00:00
Gary Wilson Jr
3989a7ae11
Fixed #8140 -- Made `UserManager.create_superuser` return the new `User` object, based on patch from ericholscher.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10217 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-03-30 22:00:07 +00:00
Jacob Kaplan-Moss
c485e236bd
Fixed #8193 : all dynamic imports in Django are now done correctly. I know this because Brett Cannon borrowed the time machine and brought Python 2.7's '`importlib` back for inclusion in Django. Thanks for the patch-from-the-future, Brett!
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10088 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-03-18 16:55:59 +00:00
Gary Wilson Jr
b994387d8d
Fixed #689 -- Added a middleware and authentication backend to contrib.auth for supporting external authentication solutions. Thanks to all who contributed to this patch, including Ian Holsman, garthk, Koen Biermans, Marc Fargas, ekarulf, and Ramiro Morales.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10063 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-03-15 05:54:28 +00:00
Luke Plant
1306079a02
Fixed #10017 - PasswordResetForm.clean_email was not returning the value.
...
Thanks Zak Johnson, Leo
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9906 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-02-26 17:11:28 +00:00