Commit Graph

9346 Commits

Author SHA1 Message Date
Matt Johnson 907ef9d0d1 Fixed #20555 -- Make subwidget id attribute available
In `BoundField.__iter__`, the widget's id attribute is now passed to
each subwidget. A new id_for_label property was added to ChoiceInput.
2013-08-13 13:23:05 -04:00
Jacob Kaplan-Moss cbe6d5568f Apply autoescaping to AdminURLFieldWidget.
This is a security fix; disclosure to follow shortly.
2013-08-13 11:06:41 -05:00
Jacob Kaplan-Moss ae3535169a Fixed is_safe_url() to reject URLs that use a scheme other than HTTP/S.
This is a security fix; disclosure to follow shortly.
2013-08-13 11:06:22 -05:00
Tim Graham 737b53ab9a Merge pull request #1470 from loic/admin.actionlist
Fixed overflow for the "Recent Actions" widget on the admin index.
2013-08-13 05:11:39 -07:00
Loic Bistuer 163a34ce4b Fixed #20883 -- Made model inheritance find parent links in abstract parents 2013-08-13 15:14:11 +03:00
Loic Bistuer 33fc083b0d Fixed overflow for the "Recent Actions" widget on the admin index.
Previously the CSS targeted "li.changelink" and therefore didn't
work for the "add" and "delete" actions.

Refs #14868.
2013-08-13 18:20:12 +07:00
Anssi Kääriäinen dcdc579d16 Fixed #20874 -- bump_prefix() in nested subqueries
Also made some cleanup to build_filter() code by introducing submethods
solve_lookup_type() and prepare_lookup_value().
2013-08-13 14:11:52 +03:00
Ramiro Morales 6c12cd15e9 Unlocalize line numbers and ids in debug 500 view.
While using USE_L10N, line numbers and IDs were printed as comma (or
locale equivalent) separated values.

Thanks Kronuz for the report and intial patch.

Fixes #20861.
2013-08-12 21:59:27 -03:00
Tim Graham 71b5617c24 Fixed #17778 -- Prevented class attributes on context from resolving as template variables.
Thanks KyleMac for the report, regebro for the patch, and Aymeric for the test.
2013-08-12 12:41:39 -04:00
Mel Collins 6bdb3b1135 Fixed #13518 -- Added FILE_UPLOAD_DIRECTORY_PERMISSIONS setting
This setting does for new directories what FILE_UPLOAD_PERMISSIONS
does for new files.

Thanks jacob@ for the suggestion.
2013-08-12 07:15:59 -04:00
ersran9 00d23a13eb Fixed #20828 -- Allowed @permission_required to take a list of permissions
Thanks Giggaflop for the suggestion.
2013-08-10 10:10:18 -04:00
Tim Graham db0779dbe1 Merge pull request #1447 from evansd/patch-1
Use `usegmt` flag in formatdate
2013-08-09 12:18:56 -07:00
Bojan Mihelac 0cac4fbf69 Fixed #18356 -- Gave the test client signals.template_rendered call a unique dispatch_uid
This prevents the test client context from being lost when the client
is used in a nested fashion.
2013-08-09 12:22:42 -04:00
Tim Graham 453915bb12 SQLite test fix -- refs #9057 2013-08-09 10:57:25 -04:00
Tim Graham ddae74b64c Fixed #9057 -- Added default_permissions model meta option.
Thanks hvendelbo for the suggestion and koenb for the draft patch.
2013-08-09 09:19:52 -04:00
Tim Graham 9c711ee3a6 Fixed test failures on Python 3 - refs #12288 2013-08-09 09:12:15 -04:00
SusanTan 2ac89012d8 Fixed #12288 -- Added unique validation for INSTALLED_APPS 2013-08-09 08:08:34 -04:00
Loic Bistuer f8a6a4eba1 Improved queryset handling and docs for (Single|Multiple)ObjectMixin. 2013-08-09 17:51:58 +07:00
Marc Tamlyn 1c4a9bd9ad Revert change to the default Form.clean()
This means it doesn't break for people who are doing
`cleaned_data = super(FooForm, self).clean()`.
2013-08-08 14:27:48 +01:00
Marc Tamlyn fb1dd6b13a Form.clean() does not need to return cleaned_data.
If it does, that will be used as the cleaned_data. The default
implementation has been changed to match this change.
2013-08-08 14:05:55 +01:00
David Evans 8a160d5de1 Use `usegmt` flag in formatdate
Slightly cleaner and faster than string manipulation.
 
This flag has been available since Python 2.4:
http://docs.python.org/2/library/email.util.html#email.utils.formatdate
2013-08-07 12:00:39 +01:00
Anssi Kääriäinen c7739e30b2 Fixed #17424 -- annotate() + exclude() bug
The bug was already fixed by 01b9c3d519,
so only tests added.

At the same time promote_joins()'s uncoditional flag is gone, it isn't
needed for anything any more.
2013-08-07 12:53:33 +03:00
Collin Anderson d53e574676 Fixed #20865 -- Fixed raw_id_fields to work with callable limit_choices_to. 2013-08-06 13:41:52 -04:00
Alex Cucu 1c64a0f29e Fixed #19918 -- Modified select_for_update to run on the write database. 2013-08-06 09:50:59 -04:00
Tai Lee 1280675834 Fixed #15511 -- Allow optional fields on ``MultiValueField` subclasses.
The `MultiValueField` class gets a new ``require_all_fields`` argument that
defaults to ``True``. If set to ``False``, individual fields can be made
optional, and a new ``incomplete`` validation error will be raised if any
required fields have empty values.

The ``incomplete`` error message can be defined on a `MultiValueField`
subclass or on each individual field. Skip duplicate errors.
2013-08-06 08:50:47 -04:00
Tim Graham 04489c7dbf Fixed #17667 -- Prevented app loading from skipping nonexistent apps after the first try
Thanks ea2100@ for the report and akaariai for the patch.
2013-08-05 13:34:35 -04:00
Tim Heap 75c87e2d38 Fixed #20850 -- Added MultiWidget.needs_multipart_form 2013-08-05 10:02:28 -04:00
Justin Michalicek 6d88d47be6 Fixed #20832 -- Enabled HTML password reset email
Added optional html_email_template_name parameter to password_reset view
and PasswordResetForm.
2013-08-05 09:47:28 -04:00
Alex Gaynor 3e0eb2d788 Fixed a number of lint warnings, particularly around unused variables. 2013-08-04 09:17:10 -07:00
Loic Bistuer ebb3e50243 Introduced ModelAdmin.get_fields() and refactored get_fieldsets() to use it.
Refs #18681.

This also starts the deprecation of ModelAdmin.declared_fieldsets
2013-08-04 09:14:18 -04:00
Tim Graham 59f58bf731 Merge pull request #1432 from loic/modeladmin.get_search_results
Moved get_search_results from BaseModelAdmin to ModelAdmin.
2013-08-04 04:17:34 -07:00
Curtis Maloney 07876cf02b Deprecated SortedDict (replaced with collections.OrderedDict)
Thanks Loic Bistuer for the review.
2013-08-04 07:09:39 -04:00
Loic Bistuer 470a9bb22d Moved get_search_results from BaseModelAdmin to ModelAdmin.
Refs #15961.
2013-08-04 17:18:17 +07:00
Aymeric Augustin 784377544e Fixed #20822 -- Set content type of default error pages to 'text/html'.
Thanks Jimmy Song for the patch.
2013-08-04 11:04:37 +02:00
Loic Bistuer 0bcdcc7eb9 Added ModelAdmin.get_search_fields. 2013-08-03 20:02:43 -04:00
Tim Graham 425d076d0c Fixed #18923 -- Corrected usage of sensitive_post_parameters in contrib.auth
Thanks Collin Anderson for the report.
2013-08-02 14:46:17 -04:00
Petr Dlouhý 1b47508ac8 Fixed LogEntry.get_admin_url() for non-existent models.
Regression introduced by [369b6fa]; refs #18169.
2013-08-02 12:51:10 -04:00
Loic Bistuer a0ed2f9260 Fixed #18681 -- GenericInlineModelAdmin.get_formset() no longer bypasses get_fieldsets().
Refs 23e1b59 which already fixed this issue for ModelAdmin and InlineModelAdmin.
2013-08-02 10:41:29 -04:00
Harm Geerts fd0d486467 Fixed #20838 -- Fixed Geodjango spatialrefsys test failure with postgis-2.0.3 2013-08-02 09:26:53 -04:00
Aleksandra Sendecka 893d8de6f5 Fixed #18777 -- Localized form fields with as_text/as_hidden
Thanks croldan for the report.
2013-08-02 08:41:54 -04:00
Tim Graham aa830009de Fixed #17519 -- Fixed missing SQL constraints to proxy models.
Thanks thibaultj for the report, jenh for the patch,
and charettes for the tests.
2013-08-02 07:41:56 -04:00
Tim Graham 5df84b268d Removed unused model option "admin" 2013-08-01 10:27:30 -04:00
Alex Couper 1123f45511 Fixed #20649 -- Allowed blank field display to be defined in the initial list of choices. 2013-07-31 14:12:03 -04:00
Tim Graham a1889397a9 Fixed #12103 -- Added AuthenticationForm.confirm_login_allowed to allow customizing the logic policy.
Thanks ejucovy and lasko for work on the patch.
2013-07-31 13:54:05 -04:00
Will Hardy 1c3c21b38d Fixed #19987 -- Disabled host validation when DEBUG=True.
The documentation promises that host validation is disabled when
DEBUG=True, that all hostnames are accepted. Domains not compliant with
RFC 1034/1035 were however being validated, this validation has now been
removed when DEBUG=True.

Additionally, when DEBUG=False a more detailed SuspiciousOperation
exception message is provided when host validation fails because the
hostname is not RFC 1034/1035 compliant.
2013-07-31 10:38:59 -04:00
Loic Bistuer acd1d439fd Fixed #20826 -- Moved Manager.raw() and Manager._insert() to the QuerySet class. 2013-07-31 09:54:00 -04:00
Florian Hahn e888a9b30d Fixed #15624 -- Made sure aggregations are present in SELECT 2013-07-31 16:27:58 +03:00
Anssi Kääriäinen c21e86ab9e Added field.attname to Options.name_map
The change also removed allow_explicit_fk from sql/query.py.
2013-07-31 16:02:36 +03:00
Tai Lee 31e6d58d46 Fixed #20348 -- Consistently handle Promise objects in model fields.
All Promise objects were passed to force_text() deep in ORM query code.
Not only does this make it difficult or impossible for developers to
prevent or alter this behaviour, but it is also wrong for non-text
fields.

This commit changes `Field.get_prep_value()` from a no-op to one that
resolved Promise objects. All subclasses now call super() method first
to ensure that they have a real value to work with.
2013-07-31 15:54:17 +03:00
Julian Bez 8f5533ab25 Fixed #20793 -- Added Last-Modified header to sitemaps. 2013-07-31 07:42:30 -04:00