innov
/
django1
1
0
Fork 0
Code Issues Pull Requests 1 Projects Releases Wiki Activity
13,726 Commits 25 Branches 361 Tags 501 MiB
Commit Graph

440 Commits

Author SHA1 Message Date
Claude Paroz 1686e0d184 Fixed #18460 -- Fixed change detection of ReadOnlyPasswordHashField 
Thanks jose.sanchez et ezeep.com for the report and Vladimir Ulupov
for the initial patch.
 2013-01-25 21:27:49 +01:00
Florian Apolloner cc4de61a2b Fixed #19596 -- Use `_default_manager` instead of `objects` in the auth app. 
This is needed to support custom user models which don't define a manager
named `objects`.
 2013-01-22 12:47:34 +01:00
Nick Sandford cdad0b28d4 Fixed #19573 -- Allow override of username field label in AuthenticationForm 2013-01-10 09:06:04 +01:00
Claude Paroz 34ee7d9875 Updated deprecated test assertions 2013-01-08 19:08:15 +01:00
Anssi Kääriäinen a2396a4c8f Fixed #19173 -- Made EmptyQuerySet a marker class only 
The guarantee that no queries will be made when accessing results is
done by new EmptyWhere class which is used for query.where and having.

Thanks to Simon Charette for reviewing and valuable suggestions.
 2013-01-06 19:18:28 +02:00
Aymeric Augustin 4e5369a596 Silenced warnings in the tests of deprecated features. 2012-12-29 22:32:07 +01:00
Aymeric Augustin ef017a5f00 Advanced pending deprecation warnings. 
Also added stacklevel argument, fixed #18127.
 2012-12-29 21:59:07 +01:00
Julien Phalip 35d1cd0b28 Fixed #19505 -- A more flexible implementation for customizable admin redirect urls. 
Work by Julien Phalip.

Refs #8001, #18310, #19505. See also 0b908b92a2.
 2012-12-24 15:44:19 -03:00
Claude Paroz 0dc3fc954f Fixed #19509 -- Fixed crypt/bcrypt non-ascii password encoding 
Also systematically added non-ascii passwords in hashers test suite.
Thanks Vaal for the report.
 2012-12-22 16:04:10 +01:00
Russell Keith-Magee 9facca28b6 Corrected tests depending on the error message on the AuthenticationForm. 
Refs #19368, and the fix introduced in 27f8129d64.
 2012-12-16 07:18:45 +08:00
Russell Keith-Magee 27f8129d64 Fixed #19368 -- Ensured that login error messages adapt to changes in the User model. 
Thanks to un33k for the report.
 2012-12-15 22:44:47 +08:00
Russell Keith-Magee 47e1df896b Fixed #19412 -- Added PermissionsMixin to the auth.User heirarchy. 
This makes it easier to make a ModelBackend-compliant (with regards to
permissions) User model.

Thanks to cdestigter for the report about the relationship between
ModelBackend and permissions, and to the many users on django-dev that
contributed to the discussion about mixins.
 2012-12-15 22:44:47 +08:00
Florian Apolloner a2f2a39956 Fixed #18856 -- Ensured that redirects can't be poisoned by malicious users. 2012-12-10 22:11:39 +01:00
Claude Paroz c91667338a Fixed #19357 -- Allow non-ASCII chars in filesystem paths 
Thanks kujiu for the report and Aymeric Augustin for the review.
 2012-12-08 11:13:52 +01:00
Ramiro Morales b64d30405a Fixed #18697 -- Made values accepted for two customizable admin templates consistent. 
Thanks and at cloverfastfood dot com for the report.
 2012-12-04 01:13:01 -03:00
Claude Paroz a0cd6dd11e Fixed #19349 -- Fixed re-rendering of ReadOnlyPasswordHashWidget 
Thanks tim.bowden at mapforge.com.au for the report, Andreas Hug
for the patch and Anton Baklanov for the review.
 2012-12-01 12:22:43 +01:00
Preston Holmes 84a5294788 Added missing custom user skip decorator 
PermissionDeniedBackendTest references User model.
 2012-11-30 22:54:42 -08:00
Claude Paroz 0eeae15056 Fixed #19354 -- Do not assume usermodel.pk == usermodel.id 
Thanks markteisman at hotmail.com for the report.
 2012-11-29 21:45:43 +01:00
Claude Paroz a962bc7c45 Updated User manager when testing custom AUTH_USER_MODEL 
This is giving more real test conditions when AUTH_USER_MODEL is
set with override_settings.
 2012-11-24 16:00:00 +01:00
Aymeric Augustin a026e480da Fixed #16039 -- Made post_syncdb handlers multi-db aware. 
Also reverted 8fb7a90026. Refs #17055.
 2012-11-22 20:53:59 +01:00
Aymeric Augustin 9e11253497 Merge pull request #511 from ryankask/username-password-admin 
Allowed custom User models to use the UserAdmin's change password view.

Fix #19056 (again).
 2012-11-22 06:50:37 -08:00
Jannis Leidel 1520748dac Fixed #2550 -- Allow the auth backends to raise the PermissionDenied exception to completely stop the authentication chain. Many thanks to namn, danielr, Dan Julius, Łukasz Rekucki, Aashu Dwivedi and umbrae for working this over the years. 2012-11-17 20:24:54 +01:00
Ryan Kaskel bfdedb687a Allow custom User models to use the UserAdmin's change password view. 2012-11-10 15:48:46 +00:00
Aymeric Augustin fc10418fba Fixed #18963 -- Used a subclass-friendly pattern 
for Python 2 object model compatibility methods.
 2012-11-03 22:07:35 +01:00
Preston Holmes 9741912a9a Fixed #17869 - force logout when REMOTE_USER header disappears 
If the current sessions user was logged in via a remote user backend log out
the user if REMOTE_USER header not available - otherwise leave it to other auth
middleware to install the AnonymousUser.

Thanks to Sylvain Bouchard for the initial patch and ticket maintenance.
 2012-10-29 22:58:14 -07:00
Preston Holmes 2b5f848207 Fixed #19057 (again) -- added additional tests 2012-10-29 22:24:42 -07:00
Russell Keith-Magee 81f5d4a1a7 Added some test guards for some recently added auth tests. 
Refs #19061, #19057.
 2012-10-30 10:28:35 +08:00
Claude Paroz b774c5993c Fixed #19172 -- Isolated poisoned_http_host tests from 500 handlers 
Thanks bernardofontes for the report.
 2012-10-29 17:28:04 +01:00
Preston Holmes 4ea8105120 Fixed #19061 -- added is_active attribute to AbstractBaseUser 2012-10-28 23:04:03 -07:00
Russell Keith-Magee 04b53ebfb7 Fixed #19133 -- Corrected regression in form handling for user passwords. 
Thanks to pressureman for the report, and to Preston Holmes for the draft patch.
 2012-10-20 11:41:54 +08:00
Ramiro Morales 0b908b92a2 Fixed #8001 -- Made redirections after add/edit in admin customizable. 
Also fixes #18310.
 2012-10-18 20:58:52 -03:00
Preston Holmes 9305c0e12d Fixed a security issue related to password resets 
Full disclosure and new release are forthcoming
 2012-10-17 14:36:41 -07:00
Russell Keith-Magee bfcda7781a Fixed #19130 -- Made some of the auth forms more flexible for user models. 2012-10-16 16:03:29 +08:00
Claude Paroz 58365401c9 Updated base translation files 2012-10-15 11:17:06 +02:00
Daniele Procida cc83a4af0c Added 'groups' to UserAdmin.filter_horizontal 
Is there some reason it's not there already?

Our list of groups is very cumbersome to use with the standard widget.
 2012-10-13 14:58:36 +01:00
Russell Keith-Magee b3b3db3d95 Fixed #19067 -- Clarified handling of username in createsuperuser. 
Thanks to clelland for the report, and Preston Holmes for the draft patch.
 2012-10-13 13:36:07 +08:00
Russell Keith-Magee c433fcb3fb Fixed #19077, #19079 -- Made USERNAME_FIELD a required field, and modified UserAdmin to match. 2012-10-13 11:44:50 +08:00
Anssi Kääriäinen b5f224e8e2 Fixed tests introduced for #15915 
The tests didn't clean up properly. The commit that introduced the
errors was 8c427448d5.

Thanks to Trac alias rizumu for spotting this.
 2012-10-12 00:10:49 +03:00
Russell Keith-Magee b9039268a1 Fixed #19060 -- Corrected assumptions about the name of the User model in the ModelBackend. 
Thanks to Ivan Virabyan for the report and initial patch.
 2012-10-06 12:43:29 +08:00
Mateusz Haligowski 8c427448d5 Fixed #15915 -- Cleaned handling of duplicate permission codenames 
Previously, a duplicate model, codename for permission would lead to
database integrity error. Cleaned the implementation so that this case
now raises an CommandError instead.
 2012-10-03 23:10:32 +03:00
Russell Keith-Magee 934f35f1f9 Corrected test docstring. 2012-10-03 09:16:33 +08:00
Preston Holmes 5f8b97f9fb Fixed #19057 -- support custom user models in mod_wsgi auth handler 
thanks @freakboy3742 for the catch and review
 2012-10-02 06:42:05 -07:00
Michael Farrell 7cc4068c44 Fixed #18616 -- added user_login_fail signal to contrib.auth 
Thanks to Brad Pitcher for documentation
 2012-09-30 22:34:50 -07:00
Anssi Kääriäinen d5a4f209c3 Fixed #18991 -- Allowed permission lookup by "if in" 
When looking permissions from PermWrapper it is now possible to use
{% if "someapp.someperm" in perms %} instead of
{% if perms.someapp.someperm %}.
 2012-09-30 19:38:16 +03:00
Claude Paroz 82a74dce24 Used TransactionTestCase in ModWsgiHandlerTestCase 
Now the data created in setUp() is not discarded when the connection
is closed in the handler's methods.
 2012-09-29 12:10:52 +02:00
Russell Keith-Magee 15d355d79d Fixed #19041 -- Corrected the handling of default usernames in createsuperuser. 2012-09-29 11:14:16 +08:00
Preston Holmes 373932fa6b fixed #10809 -- add a mod_wsgi authentication handler 
Thanks to baumer1122 for the suggestion and initial 
patch and David Fischer for the contributions and
long term patch maintenance and docs.
 2012-09-27 12:43:37 -07:00
Preston Holmes 01362745ba Fixed a small oversight in auth tests 
Thanks to Vinicius Ruan Cainelli for the catch
closes #392
 2012-09-27 10:24:34 -07:00
Anssi Kääriäinen 50d573d2c0 Fixed #18979 -- Avoid endless loop caused by "val in PermLookupDict" 
Fixed by defining __iter__ which raises TypeError. This was done to
PermWrapper earlier.
 2012-09-27 15:36:30 +03:00
Adrien Lemaire 2c8267bf3d Fixed #17899 -- Rewrote [Ee]-mail to [Ee]mail 2012-09-26 14:14:51 +02:00