innov
/
django1
1
0
Fork 0
Code Issues Pull Requests 1 Projects Releases Wiki Activity
13,760 Commits 25 Branches 361 Tags 501 MiB
Commit Graph

175 Commits

Author SHA1 Message Date
Jannis Leidel 6c17190bf8 Fixed #11639, #13618 -- Added get_prepopulated_fields method to ModelAdmin and InlineModelAdmin to be able to handle prepopulated fields on a case-by-case basis. Thanks, leanmeandonothingmachine. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16069 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-04-22 12:02:25 +00:00
Adrian Holovaty a87be3554f Removed a bunch of Python 2.4 workarounds now that we don't support it. Refs #15702 -- thanks to jonash for the patch. Splitting this over muliple commits to make it more manageable. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15926 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-03-28 01:40:43 +00:00
Russell Keith-Magee 49cfe25399 Fixed #15512 -- Cleanup of imports in contrib.admin. Thanks to Julien Phalip for the patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15719 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-03-03 01:54:33 +00:00
Russell Keith-Magee 03717325dd Corrected some typos from r14673. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15712 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-03-03 00:24:41 +00:00
Ramiro Morales 52fc61e0cf Fixed #14529 -- Fixed representation of model names in admin messages after model object changes when the ModelAdmin queryset() uses defer() or only(). Thanks rlaager for report and initial patch, to rasca an julien for help in tracking the problem. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15596 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-02-20 23:09:25 +00:00
Russell Keith-Magee 75a1aaa1f9 Fixed #11513 -- Ensure that the redirect at the end of an object change won't redirect to a page for which the user doesn't have permission. Thanks to rlaager for the report and draft patch, and to Julien Phalip for the final patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15584 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-02-19 14:05:07 +00:00
Alex Gaynor 05e3bf4bef Fixed #15212 -- ensure that ModelAdmin.get_actions still returns a SortedDict if there are no actions. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15393 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-02-02 15:24:31 +00:00
Luke Plant c24bdf044b Fixed #15103 - SuspiciousOperation with limit_choices_to and raw_id_fields 
Thanks to natrius for the report.

This patch also fixes some unicode bugs in affected code.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@15347 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-01-28 14:08:25 +00:00
Carl Meyer 53dac996ef Poured a little more perfectionism into the delete-confirmation templates. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15250 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-01-20 01:00:47 +00:00
Carl Meyer 93a4d46184 Fixed #14672 - Added admin handling for on_delete=PROTECT. Thanks to jtiai for the report. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15249 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-01-20 00:33:32 +00:00
Russell Keith-Magee 6bd8c14be9 Fixed #14999 -- Ensure that filters on local fields are allowed, and aren't caught as a security problem. Thanks to medhat for the report. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15139 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-01-03 13:56:31 +00:00
Ramiro Morales 0f783b7f4e Fixed #2986 -- Made the JavaScript code that drives related model instance addition in a popup window handle a model representation containing new lines. Also, moved the escapejs functionality yoo django.utils.html so it can be used from Python code. Thanks andrewwatts for the patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15131 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-01-02 17:34:52 +00:00
Jannis Leidel 7a89d3d503 Fixed #11700 -- Stopped admin actions and list_editable fields to show up in popups. Thanks to Simon Meers for the initial patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15129 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-01-02 01:32:40 +00:00
Ramiro Morales 9c950db518 Fixed #11124 -- Expanded docstrings of the ModelAdmin has_{change|delete}_permission methods to make it clear they can be overriden to implement per-instance permission checks. Refs #12642. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15126 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-01-01 00:37:38 +00:00
Alex Gaynor 732198ed5c Fix a security issue in the admin. Disclosure and new release forthcoming. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15031 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-12-23 03:44:38 +00:00
Jannis Leidel af5ad1116c Rectified bugs that were accidentally committed in r14997. Thanks for the heads-up, Alex Gaynor. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15011 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-12-21 19:19:04 +00:00
Jannis Leidel 98e1a71ceb Fixed #14900 -- Added ability to override the paginator class used in a ModelAdmin. Thanks, Adam Vandenberg. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14997 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-12-21 14:57:29 +00:00
Jannis Leidel b3520da9ac Fixed #13862 -- Added an ordering option to InlineModelAdmin and cleaned up documentation for it a bit. Thanks, Simon Meers, rasca and cogat. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14882 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-12-12 22:56:01 +00:00
Alex Gaynor 274aba3b9b Fixed #11108 -- added ModelAdmin.delete_model, a hook with which to perform custom pre-post delete behavior. Thanks to Florian Apolloner for the patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14673 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-11-21 19:00:40 +00:00
Alex Gaynor 0cf1c96d06 Removed some deprecated code that survived [14138]. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14672 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-11-21 18:08:00 +00:00
Carl Meyer 616b30227d Fixed #7539, #13067 -- Added on_delete argument to ForeignKey to control cascade behavior. Also refactored deletion for efficiency and code clarity. Many thanks to Johannes Dollinger and Michael Glassford for extensive work on the patch, and to Alex Gaynor, Russell Keith-Magee, and Jacob Kaplan-Moss for review. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14507 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-11-09 16:46:42 +00:00
Alex Gaynor c38a174f7c Remove several uses of the deprecated dict.has_key in favor of the in operator. This is faster, has less code, and is in every single way better. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14392 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-10-29 04:24:53 +00:00
Honza Král b7ed25a0f3 Fixed #14017 -- wrong comment on log_deletion method of ModelAdmin 
Also added a transaction around the deletion view to preserve DB state (and rollback the creation of LogEntry object in case the deletion fails)

git-svn-id: http://code.djangoproject.com/svn/django/trunk@14197 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-10-13 04:16:31 +00:00
Chris Beaven e509c1527a Fixed #14425 -- Unused imports in contrib.admin. Thanks robhudson. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14175 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-10-12 01:03:53 +00:00
Malcolm Tredinnick 30610719d5 Adding related objects in the admin (via popup) respects user 
permissions. Patch from SmileyChris. Fixed #1035.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@13708 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-09-10 16:56:36 +00:00
Luke Plant ef4b29a001 Fixed #13081 - Admin actions lose get-parameters in changelist view 
Thanks to joh for report and to SmileyChris for patch.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@13696 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-09-07 20:55:53 +00:00
Russell Keith-Magee c4b6edf3b8 Fixed #12746 -- Updated sorting calls to use 'key' instead of 'cmp'. This will be slightly faster in certain circumstances, but more importantly, is a required step for migration to Python 3. Thanks to Martin van Loewis for the patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13509 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-08-06 16:31:44 +00:00
Russell Keith-Magee 5211f48ae3 Fixed #12164 -- Removed the Python 2.3 compatibility imports and workarounds. Thanks to timo and claudep for the patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13094 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-05-04 14:00:30 +00:00
Jannis Leidel cce32a9b09 Fixed #13166 - Added JavaScript warnings to admin changelist to help against ambiguity between action and list_editable form submission. Thanks to blinkylights and aaugustin for the report and initial patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13072 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-05-02 23:02:16 +00:00
Jannis Leidel c3dbe9d509 Fixed #13361 - Made sure jQuery is always included in the admin changelist and changeform. Thanks to Carl Meyer for report and patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12997 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-04-19 10:16:25 +00:00
Russell Keith-Magee 94a968cfc6 Fixed #13357 -- Minor changes to get Django running under PyPy. Thanks to Alex Gaynor for the patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12991 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-04-16 11:11:55 +00:00
Jannis Leidel 31f7ff1518 Fixed #12903 - Made translating the admin action selection text easier. Thanks to Ramiro Morales for the patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12968 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-04-13 10:29:19 +00:00
Jannis Leidel c3d1267c15 Also minify the JavaScript file for pre-populated form fields in the admin. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12967 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-04-13 10:28:44 +00:00
Jannis Leidel 1fcf747b13 Fixed #12882 - Moved the admin's jQuery into our own namespace to lower the risk of a clash with third party apps that use jQuery. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12966 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-04-13 10:28:24 +00:00
Luke Plant 736b751ed9 Fixed #13068, #9264, #9983, #9784 - regression with pre-populated fields and javascript inlines, and related bugs. 
Thanks to hejsan for the report, and to Sean Brant and Carl Meyer for the patch.

#13068 is a regression caused by the new javascript inline forms in the
admin.  The others were existing javascript bugs with prepopulated fields. 
Since the solution depends on jQuery and would likely be very hard to
backport without it, it will not be backported to 1.1.X.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@12937 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-04-07 23:37:48 +00:00
Russell Keith-Magee c421a4fd92 Fixed #11949 -- Added a hook to allow ModelAdmin customization of the delete selected template. Thanks to bendavis78 for the report and patch, and Ramiro Morales for his cleanup work. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12916 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-04-05 12:02:27 +00:00
Jannis Leidel aba95dcc0b Fixed #13023 - Removed ambiguity with regard to the max_num option of formsets and as a result of admin inlines. Thanks to Gabriel Hurley for the patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12872 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-03-27 23:03:56 +00:00
Jannis Leidel 3f4fef432b Fixed #12778 - Added media handling abilities to admin inlines. Thanks for the patch, pmclanahan. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12825 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-03-21 01:54:00 +00:00
Karen Tracey 4528f39886 Fixed #12962: Made admin delete action work again. Thanks ptone, skevy, mlavin and anyone else I've missed. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12813 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-03-20 14:53:17 +00:00
Jannis Leidel e889b69dd2 Fixed #12966 - Force unicode of verbose labels in admin change messages. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12627 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-03-01 14:34:24 +00:00
Jannis Leidel 2dafe4ac3a Fixed #12903 - Added plural forms to a few strings in the admin actions template. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12626 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-03-01 14:34:07 +00:00
Russell Keith-Magee e12b3199d0 Fixed #6191, #11296 -- Modified the admin deletion confirmation page to use the same object collection scheme as the actual deletion. This ensures that all objects that may be deleted are actually deleted, and that cyclic display problems are avoided. Thanks to carljm for the patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12598 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-02-26 13:17:43 +00:00
Joseph Kocherhans f2d5582c53 Fixed #12561. InlineAdmin now respects can_delete=False. Thanks, nessita. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12533 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-02-23 17:14:50 +00:00
Joseph Kocherhans 7aeb37d610 Fixed #12707. Admin action messages are no longer displayed when submitting list_editable content. Thanks, copelco. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12525 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-02-23 14:48:15 +00:00
Luke Plant 4bff194633 Fixed #12804 - regression with decorating admin views. 
This is a BACKWARDS INCOMPATIBLE change, because it removes the flawed
'auto_adapt_to_methods' decorator, and replaces it with 'method_decorator'
which must be applied manually when necessary, as described in the 1.2
release notes.

For users of 1.1 and 1.0, this affects the decorators:

 * login_required
 * permission_required
 * user_passes_test

For those following trunk, this also affects:

 * csrf_protect
 * anything created with decorator_from_middleware 

If a decorator does not depend on the signature of the function it is
supposed to decorate (for example if it only does post-processing of the
result), it will not be affected.
 



git-svn-id: http://code.djangoproject.com/svn/django/trunk@12399 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-02-09 15:02:39 +00:00
Jannis Leidel f109f36a06 Fixed #12282 - When paginated allow selecting all items in the admin changlist. 
Thanks to Martin Mahner, Rob Hudson and Zain Memon for providing inital patches and guidance.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@12298 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-01-26 15:03:23 +00:00
Jannis Leidel c14937cf7a Fixed #12508 - Added ability to dynamically add inlines in the admin app. 
Refs #13. Also introduces an ``empty_form`` attribute on formsets to make it easier to implement dynamic forms.

Many thanks to Zain Memon for the initial patch from his Summer of Code 2009 project, Stanislaus Madueke for his django-dynamic-formset app and all the other people helping out.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@12297 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-01-26 15:02:53 +00:00
Jannis Leidel 31f3a8c1ad Fixed #10640 - Adds a add_form_template option to ModelAdmin. Thanks jcsackett. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12216 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-01-12 23:34:03 +00:00
Joseph Kocherhans 2f9853b2dc Fixed #12512. Changed ModelForm to stop performing model validation on fields that are not part of the form. Thanks, Honza Kral and Ivan Sagalaev. 
This reverts some admin and test changes from [12098] and also fixes #12507, #12520, #12552 and #12553.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@12206 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-01-12 02:29:45 +00:00
Jannis Leidel afa4c5ac60 Fixed #10615 - Added selection counter to admin change list. Thanks to Martin Mahner for the idea and initial patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12107 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-01-05 18:24:27 +00:00
Joseph Kocherhans 471596fc1a Merged soc2009/model-validation to trunk. Thanks, Honza! 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12098 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-01-05 03:56:19 +00:00
Luke Plant 3952d3129c Fixed #11191 - Admin throws 500 instead of 404 for PK of incorrect type 
Thanks to mmachine for report and test, and Chris Beaven for the patch



git-svn-id: http://code.djangoproject.com/svn/django/trunk@12011 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-12-28 14:08:11 +00:00
Brian Rosner bcd9482a20 Fixed #342 -- added readonly_fields to ModelAdmin. Thanks Alex Gaynor for bootstrapping the patch. 
ModelAdmin has been given a readonly_fields that allow field and calculated
values to be displayed alongside editable fields. This works on model
add/change pages and inlines.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@11965 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-12-22 18:29:00 +00:00
Russell Keith-Magee ff60c5f9de Fixed #1142 -- Added multiple database support. 
This monster of a patch is the result of Alex Gaynor's 2009 Google Summer of Code project.
Congratulations to Alex for a job well done.

Big thanks also go to:
 * Justin Bronn for keeping GIS in line with the changes,
 * Karen Tracey and Jani Tiainen for their help testing Oracle support
 * Brett Hoerner, Jon Loyens, and Craig Kimmerer for their feedback.
 * Malcolm Treddinick for his guidance during the GSoC submission process.
 * Simon Willison for driving the original design process
 * Cal Henderson for complaining about ponies he wanted.

... and everyone else too numerous to mention that helped to bring this feature into fruition.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@11952 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-12-22 15:18:51 +00:00
Jannis Leidel ca2d64788d Fixed #9749 - Added hook to ModelAdmin for specifying custom ChangeLists. Thanks to David Larlet and Eric Florenzano. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11910 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-12-18 10:08:05 +00:00
Karen Tracey 5bd63663a9 Fixed #399: Added big integer field. Thanks to Tomáš Kopeček for persistently maintaining a patch for this. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11887 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-12-17 15:10:38 +00:00
Karen Tracey 7aaacb589a Made the message strings added in r11837 visible to makemessages. Refs #12281. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11864 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-12-14 16:01:43 +00:00
Karen Tracey 8a59084c3a Fixed #12218: Added some helpful messages when Go is pressed in admin actions and there 
is nothing to do because no action was selected or no items are selected.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@11837 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-12-12 21:51:47 +00:00
Karen Tracey 5543b10608 Fixed #12349: Added missing unquote in admin history view. Thanks for the report guard. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11808 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-12-10 19:58:20 +00:00
Luke Plant 25020ddb05 Fixed #4604 - Configurable message passing system, supporting anonymous users 
This deprecates User.message_set in favour of a configurable messaging
system, with backends provided for cookie storage, session storage and
backward compatibility.

Many thanks to Tobias McNulty for the bulk of the work here, with
contributions from Chris Beaven (SmileyChris) and lots of code review from
Russell Keith-Magee, and input from many others.  Also credit to the authors
of various messaging systems for Django whose ideas may have been pinched
:-)



git-svn-id: http://code.djangoproject.com/svn/django/trunk@11804 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-12-09 16:57:23 +00:00
Russell Keith-Magee 585b7acaa3 Fixed #10109 -- Removed the use of raw SQL in many-to-many fields by introducing an autogenerated through model. 
This is the first part of Alex Gaynor's GSoC project to add Multi-db support to Django.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@11710 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-11-03 14:02:49 +00:00
Luke Plant 7230a995ce Moved contrib.csrf.* to core code. 
There is stub code for backwards compatiblity with Django 1.1 imports.

The documentation has been updated, but has been left in
docs/contrib/csrf.txt for now, in order to avoid dead links to
documentation on the website.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@11661 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-10-27 00:36:34 +00:00
Luke Plant 8e70cef9b6 Fixed #9977 - CsrfMiddleware gets template tag added, session dependency removed, and turned on by default. 
This is a large change to CSRF protection for Django.  It includes:

 * removing the dependency on the session framework.
 * deprecating CsrfResponseMiddleware, and replacing with a core template tag.
 * turning on CSRF protection by default by adding CsrfViewMiddleware to
   the default value of MIDDLEWARE_CLASSES.
 * protecting all contrib apps (whatever is in settings.py)
   using a decorator.

For existing users of the CSRF functionality, it should be a seamless update,
but please note that it includes DEPRECATION of features in Django 1.1,
and there are upgrade steps which are detailed in the docs.

Many thanks to 'Glenn' and 'bthomas', who did a lot of the thinking and work
on the patch, and to lots of other people including Simon Willison and
Russell Keith-Magee who refined the ideas.

Details of the rationale for these changes is found here:

http://code.djangoproject.com/wiki/CsrfProtection

As of this commit, the CSRF code is mainly in 'contrib'.  The code will be
moved to core in a separate commit, to make the changeset as readable as
possible.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@11660 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-10-26 23:23:07 +00:00
Karen Tracey ab6d6896c4 Fixed #11471: Fixed typo in a comment in admin options.py. Thanks adamv. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11446 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-08-13 17:04:42 +00:00
Russell Keith-Magee 8d48eaa064 Fixed #10061 -- Added namespacing for named URLs - most importantly, for the admin site, where the absence of this facility was causing problems. Thanks to the many people who contributed to and helped review this patch. 
This change is backwards incompatible for anyone that is using the named URLs
introduced in [9739]. Any usage of the old admin_XXX names need to be modified
to use the new namespaced format; in many cases this will be as simple as a
search & replace for "admin_" -> "admin:". See the docs for more details on
the new URL names, and the namespace resolution strategy.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@11250 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-07-16 16:16:13 +00:00
Jacob Kaplan-Moss 23fa913676 Fixed #10448: correcting errors on "save as new" now correctly create a new object instead of modifying the old one. Thanks, bastih. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10713 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-05-08 12:53:14 +00:00
Russell Keith-Magee ae7d9bfad2 Fixed #10899 -- Ensured that log messages for deletions in the admin contain useful descriptions. Thanks to Jeremy Dunck for the patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10686 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-05-07 13:10:59 +00:00
Russell Keith-Magee 31c833f113 Fixed #10897 -- Modified use of ngettext to ungettext in admin change messages. Thanks to zuber for the report and patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10677 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-05-05 22:25:35 +00:00
Jacob Kaplan-Moss 6c15b5db60 Fixed #10208: `ModelAdmin` now respects the `exclude` and `field` atributes of custom `ModelForm`s. Thanks, Alex Gaynor. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10619 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-04-22 15:48:51 +00:00
Jacob Kaplan-Moss f55f2b9d74 Fixed #10059: `ModelAdmin.formfield_for_dbfield` now handles custom `Field` subclasses. Thanks, Alex Gaynor. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10454 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-04-08 20:25:56 +00:00
Jacob Kaplan-Moss 7d1b4295b9 Fixed #9036: unified the permission checking in `AdminSite`, pushing it down to the `ModelAdmin` where it belongs. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10451 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-04-08 19:47:46 +00:00
Jacob Kaplan-Moss bb15cee58a Made a bunch of improvements to admin actions. Be warned: this includes one minor but BACKWARDS-INCOMPATIBLE change. 
These changes are:

    * BACKWARDS-INCOMPATIBLE CHANGE: action functions and action methods now share the same signature: `(modeladmin, request, queryset)`. Actions defined as methods stay the same, but if you've defined an action as a standalone function you'll now need to add that first `modeladmin` argument.
    * The delete selected action is now a standalone function registered site-wide; this makes disabling it easy.
    * Fixed #10596: there are now official, documented `AdminSite` APIs for dealing with actions, including a method to disable global actions. You can still re-enable globally-disabled actions on a case-by-case basis.
    * Fixed #10595: you can now disable actions for a particular `ModelAdmin` by setting `actions` to `None`.
    * Fixed #10734: actions are now sorted (by name).
    * Fixed #10618: the action is now taken from the form whose "submit" button you clicked, not arbitrarily the last form on the page.
    * All of the above is documented and tested.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@10408 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-04-06 20:23:33 +00:00
Jacob Kaplan-Moss f83af07ce3 Fixed #7510: the ModelAdmin now uses `self.queryset` instead of the default manager. Thanks, Alex Gaynor. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10314 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-04-01 03:11:58 +00:00
Malcolm Tredinnick 2dfdc2b01b Fixed #10600 -- Allow for format marker reordering in a translatable string. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10141 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-03-24 08:22:23 +00:00
Jacob Kaplan-Moss 44f3080226 Fixed #10505: added support for bulk admin actions, including a globally-available "delete selected" action. See the documentation for details. 
This work started life as Brian Beck's "django-batchadmin." It was rewritten for inclusion in Django by Alex Gaynor, Jannis Leidel (jezdez), and Martin Mahner (bartTC). Thanks, guys!

git-svn-id: http://code.djangoproject.com/svn/django/trunk@10121 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-03-23 20:22:56 +00:00
Malcolm Tredinnick 4a67fee785 Fixed #10533 -- Worked around an apparent limitation of xgettext. 
Looks like we have to use the same format specifiers in both singular and
plural forms of a message or the PO file cannot be compiled to MO format. This
commit changes one place in admin that was using different specifiers.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@10081 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-03-18 09:19:24 +00:00
Jacob Kaplan-Moss 7bc0878922 Fixed #8939: added a `list_editable` option to `ModelAdmin`; fields declared `list_editable` may be edited, in bulk, on the changelist page. Thanks, Alex Gaynor. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10077 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-03-17 20:51:47 +00:00
Russell Keith-Magee 3c8568a7dc Fixed #10271, #10281 -- Fixed the handling multiple inline models that share a common base class and have the link to the inline parent on the base class. Includes modifications that allow the equivalent handling for GenericFields. Thanks to Idan Gazit, Antti Kaihola (akaihola), and Alex Gaynor for their work on this patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10017 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-03-10 11:19:26 +00:00
Jacob Kaplan-Moss f212b24b64 Cleaned up and refactored `ModelAdmin.formfield_for_dbfield`: 
* The new method uses an admin configuration option (`formfield_overrides`); this makes custom admin widgets especially easy.
  * Refactored what was left of `formfield_for_dbfield` into a handful of smaller methods so that it's easier to hook in and return custom fields where needed.
  * These `formfield_for_*` methods now pass around `request` so that you can easily modify fields based on request (as in #3987).

Fixes #8306, #3987, #9148.

Thanks to James Bennet for the original patch; Alex Gaynor and Brian Rosner also contributed.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@9760 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-01-16 15:32:31 +00:00
Jacob Kaplan-Moss 1f84630c87 Fixed #6470: made the admin use a URL resolver. 
This *is* backwards compatible, but `admin.site.root()` has been deprecated. The new style is `('^admin/', include(admin.site.urls))`; users will need to update their code to take advantage of the new customizable admin URLs.

Thanks to Alex Gaynor.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@9739 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-01-14 20:22:25 +00:00
Karen Tracey 6ed91234e3 Fixed #8910 -- Added force_unicode during admin log message creation to avoid triggering a Python 2.3 bug. Thanks for the report joshg and patch nfg. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9383 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-11-10 17:13:41 +00:00
Karen Tracey 04354e1afc Fixed #9506 take 2 -- Marked the message properly for translation, in both places it appears in the source. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9363 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-11-06 16:44:42 +00:00
Karen Tracey e40bd61ef7 Fixed #9506 -- Marked error string for translation. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9360 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-11-06 14:32:33 +00:00
Brian Rosner 5e5af8a8aa Display non_field_errors of inline forms in the admin. This was a presentation bug. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9243 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-10-21 20:25:45 +00:00
Malcolm Tredinnick 6c7cf34d69 Fixed #9171 -- Fixed a few places where we were assuming lists instead of 
generic sequences in ModelForm structures. Patch from mrmachine.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@9086 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-09-27 05:57:10 +00:00
Karen Tracey 060919afa1 Fixed #9129 -- Restored a force_unicode that was lost when unicode changes were merged to newforms-admin. Thanks Ricardo & Ramiro. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9070 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-09-18 17:10:16 +00:00
Malcolm Tredinnick 0aff292bcf Changed a slightly suspicious usage of request.POST to request.method == 'POST'. 
Refs #9014 (not the root cause of that bug, but discovered whilst people were
diagnosing it).


git-svn-id: http://code.djangoproject.com/svn/django/trunk@9063 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-09-17 08:59:55 +00:00
Adrian Holovaty 1bfed070c3 Fixed #7929 -- Removed some snippets of admin code that weren't doing anything, and tightened up a few more lines. Plus, an indentation fix. Thanks, julien 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8985 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-09-08 05:45:17 +00:00
Brian Rosner c1de41f4d2 Fixed #7973 -- Added exclude to BaseModelAdmin to make everything consistent with the form/formset factories. Refs #8071 to make it easier to get at exclude. Thanks julien for the patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8861 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-09-02 17:26:24 +00:00
Jacob Kaplan-Moss 8b11341a9a Fixed `ModelAdmin.radio_fields` to work with the new `TypedChoiceField`. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8773 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-08-31 20:11:28 +00:00
Brian Rosner d05ebdb649 Fixed #8058 -- Moved media for filter_vertical/filter_horizontal widget to the widget for use outside the admin. This also corrects RelatedFieldWidgetWrapper to expose the media of the wrapped widget. Thanks Erwin for the report and cgrady and ramikassab for the complete patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8764 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-08-31 17:20:43 +00:00
Brian Rosner 5c31c68560 Properly reference FieldDoesNotExist as it does not exist in global of django/contrib/admin/options.py. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8719 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-08-29 19:50:22 +00:00
Malcolm Tredinnick 71076ae299 Fixed some edge-case error handling from [8699]. Thanks, gkelly. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8714 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-08-29 18:12:31 +00:00
Brian Rosner cd0b65bcf7 Fixed #7982 -- Corrected ModelAdmin url dispatching to ensure it matching exactly what it needs and doesn't stomp on primary key space. 'add' is a lost cause for now. This originated from #6470. Thanks jdetaeye for the original patch and basith for providing test cases. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8704 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-08-29 16:46:46 +00:00
Jacob Kaplan-Moss 21928f2ba0 Fixed #7738: support initial values via `GET` for `SelectMutliple` in the admin. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8699 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-08-29 16:09:29 +00:00
Jacob Kaplan-Moss a41ca9c9e2 Fixed #8556: added a useful formfield to `CommaSeparatedIntegerField`. gkelly, mattmcc, and kratorius all contributed portions of this patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8682 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-08-28 20:58:10 +00:00
Brian Rosner 853f4d29b8 Fixed #8547 -- Corrected the breadcrumb display in the object_history.html template. Thanks sorl for catching this. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8555 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-08-25 19:56:14 +00:00
Brian Rosner 58c579b005 Fixed #8367 -- Pass the object to get_form from get_fieldsets in ModelAdmin. Thanks jarrow for catching this. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8479 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-08-23 05:05:21 +00:00
Brian Rosner 77c78201b8 Fixed #1390 -- Added an app index in the admin interface. Thanks juliae and ext for their work on patches. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8474 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-08-23 04:00:15 +00:00
Brian Rosner 1b8b9686fa Fixed #7947 -- Handle the display of OneToOneField in model forms correctly. Thanks tyson for the report and original patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8469 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-08-22 19:27:26 +00:00