Commit Graph

16740 Commits

Author SHA1 Message Date
Anatol Ulrich 8ed6788aa4 Fixed #30821 -- Added ExtractIsoWeekYear database function and iso_week_day lookup. 2019-10-02 10:41:34 +02:00
Tanner Stirrat 17595407ca Fixed #14218 -- Added Paginator.__iter__(). 2019-10-02 09:49:31 +02:00
ElizabethU 54ea290e5b Fixed #30651 -- Made __eq__() methods return NotImplemented for not implemented comparisons.
Changed __eq__ to return NotImplemented instead of False if compared to
an object of the same type, as is recommended by the Python data model
reference. Now these models can be compared to ANY (or other objects
with __eq__ overwritten) without returning False automatically.
2019-10-01 17:58:19 +02:00
Mariusz Felisiak 67e7dffe95 Fixed typo in BulkInsertMapper constant name. 2019-10-01 14:46:10 +02:00
Ahmet Kucuk dc890bef5a Fixed #30510 -- Fixed crash of QuerySet.bulk_create() with mixed-length texts on Oracle.
Text with more than 4000 characters must be set to as a CLOB on Oracle
what caused a mixed datatype error (ORA-01790) when shorter text
appeared in the same operation.
2019-10-01 12:38:58 +02:00
Ad Timmering 7b5f8acb9e Fixed #28690 -- Fixed handling of two-digit years in parse_http_date().
Due to RFC7231 ayear that appears to be more than 50 years in the
future are interpreted as representing the past.
2019-09-30 14:42:56 +02:00
Hasan Ramezani f0adf3b9b7 Fixed #30774 -- Made serialization in migrations use members names for Enums. 2019-09-30 10:28:05 +02:00
pablo fa8fe09e4e Fixed #30802 -- Prevented manifest creation when running collectstatic in dry run mode. 2019-09-27 23:01:41 +02:00
Hasan Ramezani 95a11578ce Fixed #30798 -- Fixed Meta.ordering validation for pk of related fields.
Regression in 440505cb2c.
2019-09-27 14:22:31 +02:00
Hasan Ramezani c7944628a1 Refs #30798 -- Prevented chaining fields from the same related model multiple times in model Meta.ordering. 2019-09-27 13:57:22 +02:00
Oleg Kainov c574bec092 Fixed #25598 -- Added SCRIPT_NAME prefix to STATIC_URL and MEDIA_URL set to relative paths.
Thanks Florian Apolloner for reviews.

Co-authored-by: Joel Dunham <Joel.Dunham@technicalsafetybc.ca>
2019-09-25 19:47:03 +02:00
Mariusz Felisiak 580e644f24
Fixed #30800 -- Fixed migrations crash when altering a field with custom db_type().
Regression in 1378d665a1.
2019-09-25 12:32:24 +02:00
Mads Jensen 129583a0d3 Removed some outdated backwards compatibility imports and misleading comments.
EmptyResultSet moved in 46509cf13d.
FieldDoesNotExist moved in 8958170755.
BoundField and pretty_name moved in 8550161e53.
EMPTY_VALUES moved in 471596fc1a.
BaseRunserverCommand moved in 5c53e30607.
2019-09-24 15:18:53 +02:00
Mariusz Felisiak 01104368ff Refs #29444 -- Removed redundant DatabaseFeatures.can_return_multiple_columns_from_insert.
Unnecessary since b31e63879e.
2019-09-24 10:37:22 +02:00
Johannes Hoppe b31e63879e Fixed #29444 -- Allowed returning multiple fields from INSERT statements on Oracle. 2019-09-24 10:22:43 +02:00
Simon Charette 37f8f29377 Fixed #30796 -- Prevented select_related() from mutating a queryset on chaining.
Thanks Darren Maki for the report.
2019-09-24 09:17:45 +02:00
Hasan Ramezani f97bbad908 Fixed #13296 -- Fixed ordering by Options.order_with_respect_to after deleting objects.
Thanks Simon Meers for the original patch.
2019-09-23 11:20:37 +02:00
Ian Foote d9881a025c Fixed #29915 -- Added support for values with hyphens to pattern lookups for UUIDField on backends without UUID datatype.
Support hyphens in iexact, contains, icontains, startswith, istartswith,
endswith and iendswith UUIDField filters on backends without UUID
datatype.
2019-09-23 08:24:08 +02:00
Hasan Ramezani 226ebb1729 Fixed #28622 -- Allowed specifying password reset link expiration in seconds and deprecated PASSWORD_RESET_TIMEOUT_DAYS. 2019-09-20 13:52:04 +02:00
James Timmins 0719edcd5f Fixed #30771 -- Fixed exact lookup against queries with selected columns.
Use pre-existing select fields (and thereby GROUP BY fields) from
subquery if they were specified, instead of always defaulting to pk.

Thanks Aur Saraf for the report and Simon Charette for guidance.
2019-09-20 10:42:14 +02:00
Andrew 3346b78a8a Fixed #30786 -- Used CONVERT_TZ to check if the time zone definitions are installed on MySQL.
Replaced a timezone check in the MySQL backend with one that doesn't
require access to the mysql.time_zone database.
2019-09-20 08:17:27 +02:00
Daniel Fairhead 5cb3ed187b Fixed #30772 -- Optimized make_template_fragment_key().
Removed usage of urllib.quote(), unnecessary since cbbe60c7fc.
Used hasher's .update() on key fragments.
2019-09-18 14:53:05 +02:00
Sam Reynolds 6c9778a58e Fixed #30776 -- Restored max length validation on AuthenticationForm.UsernameField.
Regression in 5ceaf14686.

Thanks gopackgo90 for the report and Mariusz Felisiak for tests.
2019-09-18 11:37:38 +02:00
Min ho Kim b1d6b35e14 Fixed #30725 -- Fixed width of DateTimeField inputs in admin tabular inline.
"width" of DateTimeField inputs in admin tabular inline wasn't set
correctly what caused displaying too small inputs with responsive CSS
when timezone warning wasn't present.
2019-09-17 14:30:33 +02:00
Nasir Hussain faf4b988fe Fixed #30758 -- Made RangeFields use multiple hidden inputs for initial data. 2019-09-17 12:08:49 +02:00
Hasan Ramezani b9db423d3c Fixed #29376 -- Allowed hiding "Save and Add Another" button in admin. 2019-09-16 11:37:09 +02:00
Simon Charette 6c3dfba892 Fixed #30769 -- Fixed a crash when filtering against a subquery JSON/HStoreField annotation.
This was a regression introduced by 7deeabc7c7
to address CVE-2019-14234.

Thanks Tim Kleinschmidt for the report and Mariusz for the tests.
2019-09-16 08:24:40 +02:00
Carlton Gibson b5db65c4fb Increased the default PBKDF2 iterations for Django 3.1. 2019-09-12 17:24:01 +02:00
Adnan Umer 241deed259 Fixed #30591 -- Fixed recreation of foreign key constraints on MySQL when altering type of referenced unique field.
Thanks Mariusz Felisiak for tests and Matthijs Kooijman for
investigation and initial patch.
2019-09-11 11:21:08 +02:00
Mads Jensen b616908ce1 Used Statement in PostGISSchemaEditor._create_index_sql(). 2019-09-11 07:51:31 +02:00
Mariusz Felisiak 9a2a12d415 Advanced deprecation warnings for Django 3.1. 2019-09-10 12:01:00 +02:00
Mariusz Felisiak 0ddb4ebf7b Refs #14357 -- Made Meta.ordering not affect GROUP BY queries.
Per deprecation timeline.
2019-09-10 12:01:00 +02:00
Mariusz Felisiak d17be88afd Refs #30037 -- Required the RemoteUserBackend.configure_user() to have request as the first positional argument.
Per deprecation timeline.
2019-09-10 12:01:00 +02:00
Mariusz Felisiak b61ea56789 Refs #28478 -- Removed support for TestCase's allow_database_queries and multi_db per deprecation timeline. 2019-09-10 12:01:00 +02:00
Mariusz Felisiak f1894bae30 Refs #28606 -- Removed CachedStaticFilesStorage per deprecation timeline. 2019-09-10 12:01:00 +02:00
Mariusz Felisiak 81993b47ea Refs #29703 -- Removed QuerySetPaginator alias per deprecation timeline. 2019-09-10 12:01:00 +02:00
Mariusz Felisiak cb2be9d5d5 Refs #29546 -- Removed django.utils.timezone.FixedOffset per deprecation timeline. 2019-09-10 12:01:00 +02:00
Mariusz Felisiak 3d716467a9 Refs #29817 -- Removed settings.FILE_CHARSET per deprecation timeline. 2019-09-10 12:01:00 +02:00
Mariusz Felisiak b47bb4c4a7 Refs #29598 -- Removed FloatRangeField per deprecation timeline. 2019-09-10 12:01:00 +02:00
Mariusz Felisiak 0f2f517298 Bumped version; master is now 3.1 pre-alpha. 2019-09-10 11:54:25 +02:00
Simon Charette 34decdebf1 Fixed #30754 -- Prevented inclusion of aliases in partial index conditions.
SQLite doesn't repoint table aliases in partial index conditions on table
rename which breaks the documented table alteration procedure.

Thanks Pēteris Caune for the report.
2019-09-10 10:03:16 +02:00
Vojtech Bocek b1d37fea8f Fixed #28107 -- Added DatabaseFeatures.allows_group_by_selected_pks_on_model() to allow enabling optimization for unmanaged models. 2019-09-09 14:04:46 +02:00
Nick Pope 406dba04e1 Fixed #29406 -- Added support for Referrer-Policy header.
Thanks to James Bennett for the initial implementation.
2019-09-09 13:35:41 +02:00
Johannes Hoppe 7254f1138d Refs #29444 -- Allowed returning multiple fields from INSERT statements on PostgreSQL.
Thanks Florian Apolloner, Tim Graham, Simon Charette, Nick Pope, and
Mariusz Felisiak for reviews.
2019-09-09 10:51:14 +02:00
Johannes Hoppe 736e7d44de Refs #29444 -- Fixed DateField constructor in db.backends.oracle.utils.InsertVar. 2019-09-09 10:51:07 +02:00
Nick Pope b6251956b6 Fixed #30757 -- Added a system check to ensure max_length fits the longest choice. 2019-09-09 10:28:18 +02:00
Claude Paroz 05d0eca635 Fixed #30426 -- Changed X_FRAME_OPTIONS setting default to DENY. 2019-09-09 08:15:26 +02:00
Claude Paroz 5495ea3ae0 Updated translation catalogs 2019-09-08 17:35:32 +02:00
Mariusz Felisiak addabc492b
Fixed DatabaseFeatures.can_introspect_check_constraints on MariaDB < 10.2.22, 10.3.0 - 10.3.9.
Regression in e2c6a0858d.
2019-09-06 11:53:54 +02:00
Hasan Ramezani 6c379f1a18 Fixed #30763 -- Fixed management commands when using required mutually exclusive groups. 2019-09-06 10:55:24 +02:00
Mariusz Felisiak e2c6a0858d Fixed #30750 -- Added support for check constraints on MySQL 8.0.16+. 2019-09-05 09:18:34 +02:00
Shai Berger 72ebe85a26 Fixed #27910 -- Added enumeration helpers for use in Field.choices.
These classes can serve as a base class for user enums, supporting
translatable human-readable names, or names automatically inferred
from the enum member name.

Additional properties make it easy to access the list of names, values
and display labels.

Thanks to the following for ideas and reviews:

Carlton Gibson, Fran Hrženjak, Ian Foote, Mariusz Felisiak, Shai Berger.

Co-authored-by: Shai Berger <shai@platonix.com>
Co-authored-by: Nick Pope <nick.pope@flightdataservices.com>
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2019-09-04 14:42:49 +02:00
Nasir Hussain 25706d7285 Fixed #29714 -- Allowed using ExceptionReporter subclass with AdminEmailHandler. 2019-09-04 08:40:46 +02:00
Viktor Lomakin 5931d2e96a Fixed #30691 -- Made migrations autodetector find dependencies for foreign keys altering. 2019-09-03 14:45:49 +02:00
Johannes Hoppe 003bb34b21 Refs #29444 -- Made db.backends.oracle.utils.InsertVar use str as default. 2019-09-03 10:34:55 +02:00
Carlton Gibson 4f61810751 Fixed #30747 -- Renamed is_safe_url() to url_has_allowed_host_and_scheme(). 2019-09-02 15:32:23 +02:00
Simon Charette 13a8884a08 Fixed #30739 -- Fixed exclusion of multi-valued lookup against outer rhs.
OuterRef right hand sides have to be nested, just like F rhs have to,
during the subquery pushdown split_exclude performs to ensure they are
resolved against the outer query aliases.
2019-09-02 10:52:36 +02:00
Simon Charette 600628f8f0 Refs #28442 -- Adjusted related lookups handling of expression rhs.
Expressions should never be prepared as other Lookup.get_prep_lookup
implementations hint at by returning early on the presence of the
resolve_expression attribute.

The previous solution was only handling lookups against related fields
pointing at AutoFields and would break for foreign keys to other fields.

It was also causing bidirectional coupling between model fields and
expressions which the method level import of OuterRef was a symptom of.
2019-09-02 10:52:36 +02:00
Nick Pope 999891bd80 Refs #29379 -- Moved autocomplete attribute to UsernameField.
Moving the autocomplete attribute into UsernameField allows this to work
for custom forms making use of UsernameField, removes some duplication
in the code, and keeps consistency with the autocapitalize attribute
that is already defined on UsernameField.
2019-09-02 10:50:56 +02:00
Alan Crosswell 03fa846c6a Fixed #30731 -- Fixed handling trailing groups in simplify_regex().
Previously simplify_regex() didn't handle trailing groups for regexp
without the end of string character ("$").
2019-08-30 12:43:39 +02:00
yukihira1992 0545781764 Fixed #30736 -- Added Storage.get_alternative_name() to allow customization. 2019-08-30 11:32:19 +02:00
Berker Peksag 400ec5125e Fixed #18763 -- Added ModelBackend/UserManager.with_perm() methods.
Co-authored-by: Nick Pope <nick.pope@flightdataservices.com>
2019-08-29 19:32:12 +02:00
daniel a rios b5a5c92c72 Fixed #30066 -- Enabled super user creation without email and password 2019-08-29 12:49:16 +02:00
Mariusz Felisiak d275fd04f3
Refs #25367 -- Simplified OrderBy and Lookup by using Case() instead of RawSQL() on Oracle.
Follow up to efa1908f66.
2019-08-29 11:56:12 +02:00
Matthew Schinckel 4137fc2efc Fixed #25367 -- Allowed boolean expressions in QuerySet.filter() and exclude().
This allows using expressions that have an output_field that is a
BooleanField to be used directly in a queryset filters, or in the
When() clauses of a Case() expression.

Thanks Josh Smeaton, Tim Graham, Simon Charette, Mariusz Felisiak, and
Adam Johnson for reviews.

Co-Authored-By: NyanKiyoshi <hello@vanille.bid>
2019-08-29 09:45:29 +02:00
Jon Dufresne a44d80f88e Adjusted subprocess.run() calls to use arg list, rather than string.
The Python docs recommend passing a sequence to subprocess.run() when
possible. Doing so allows for automatic escaping and quoting of
arguments.

https://docs.python.org/3/library/subprocess.html#frequently-used-arguments

> args is required for all calls and should be a string, or a sequence
> of program arguments. Providing a sequence of arguments is generally
> preferred, as it allows the module to take care of any required
> escaping and quoting of arguments (e.g. to permit spaces in file
> names).

Also removed `shell=True` where unnecessary.
2019-08-28 10:19:30 +02:00
Jon Dufresne 1e6b9e29e6 Refs #27795 -- Removed an unnecessary force_bytes() call in uri_to_iri().
The value returned from urllib.parse.quote() is always a string, so can
safely call .encode().
2019-08-28 09:20:46 +02:00
Federico Jaramillo Martínez 8f6860863e Fixed #30722 -- Added default rate-limiting requests to admin's Select2 widget. 2019-08-27 13:47:36 +02:00
Andrew Brown 691def10a0 Fixed #30727 -- Made Subquery pickle without evaluating their QuerySet.
Subquery expression objects, when pickled, were evaluating the QuerySet
objects saved in its _constructor_args attribute.
2019-08-27 13:05:20 +02:00
Hasan Ramezani 03dbdfd9bb Fixed #29019 -- Added ManyToManyField support to REQUIRED_FIELDS. 2019-08-26 14:48:40 +02:00
Mariusz Felisiak 579909a13f
Refs #30591 -- Fixed introspection of check and unique column constraints on MariaDB.
Unnamed unique and check columns constraints have the same name as
a column. Ensure uniqueness by using custom names.

Thanks Adnan Umer for the report.
2019-08-26 09:15:37 +02:00
Jon Dufresne d0861fcb2d Refs #23919 -- Replaced super(ASGIHandler, self) with super(). 2019-08-26 08:36:56 +02:00
Simon Charette bb9e82f274 Fixed #29955 -- Added support for distance expression to the dwithin lookup.
This was missed when adding support to other distance lookups in
refs #25499.

Thanks Peter Bex for the report and Mariusz for testcases.
2019-08-23 21:28:28 +02:00
Dulmandakh 06372a8d27 Fixed #30507 -- Updated admin's jQuery to 3.4.1. 2019-08-23 11:00:16 +02:00
Claude Paroz 9386586f31 Replaced subprocess commands by run() wherever possible. 2019-08-23 10:53:36 +02:00
Mariusz Felisiak 521308e575 Fixed #30715 -- Fixed crash of ArrayField lookups on ArrayAgg annotations over AutoField. 2019-08-23 10:43:08 +02:00
Mariusz Felisiak b1f669406f Reduced code duplication in ArrayField's lookups. 2019-08-23 10:43:08 +02:00
Carlton Gibson 5b4c6b58a0
Fixed #30064 -- Added form to validate admin search fields query input. 2019-08-22 14:09:49 +02:00
Nasir Hussain 6b16c91157 Fixed #30712 -- Allowed BLOB/TEXT defaults on MySQL 8.0.13+. 2019-08-22 12:23:10 +02:00
Mads Jensen 85ac838d9e Fixed #21039 -- Added AddIndexConcurrently/RemoveIndexConcurrently operations for PostgreSQL.
Thanks to Simon Charettes for review.

Co-Authored-By: Daniel Tao <daniel.tao@gmail.com>
2019-08-21 13:10:06 +02:00
Hasan Ramezani 22394bd3a1 Fixed #29667 -- Prohibited whitespaces in path() URLs. 2019-08-20 11:53:10 +02:00
Nick Pope 21e559495b Fixed #29979, Refs #17337 -- Extracted AutoField field logic into a mixin and refactored AutoFields.
This reduces duplication by allowing AutoField, BigAutoField and
SmallAutoField to inherit from IntegerField, BigIntegerField and
SmallIntegerField respectively. Doing so also allows for enabling the
max_length warning check and minimum/maximum value validation for auto
fields, as well as providing a mixin that can be used for other possible
future auto field types such as a theoretical UUIDAutoField.
2019-08-20 09:22:25 +02:00
Hasan Ramezani 85458e94e3 Fixed #29260 -- Skipped an UPDATE when adding a model instance with primary key that has a default. 2019-08-19 13:28:35 +02:00
Maaz Bin Tahir Saeed e9f74f53cc Fixed #30693 -- Removed separate import of os.path in django.core.management.templates. 2019-08-19 13:27:13 +02:00
Claude Paroz d1c2e6dd04 Refs #28428 -- Made FileField.upload_to support pathlib.Path. 2019-08-18 20:34:58 +02:00
Claude Paroz 0468159763 Refs #30426 -- Changed default SECURE_CONTENT_TYPE_NOSNIFF to True. 2019-08-18 13:17:49 +02:00
Simon Charette 8b4a43dda7 Fixed #29545 -- Fixed using filter lookups againts nested subquery expressions.
Made sql.Where resolve lhs of its child nodes. This is necessary to
allow filter lookups against nested subquery expressions to properly
resolve their OuterRefs to Cols.

Thanks Oskar Persson for the simplified test case.
2019-08-17 11:24:35 +02:00
Adnan Umer 6805c0f99f Fixed #30701 -- Updated patch_vary_headers() to handle an asterisk according to RFC 7231. 2019-08-16 15:25:42 +02:00
Adam Johnson 7da6a28a44 Fixed #27676 -- Allowed BLOB/TEXT defaults on MariaDB 10.2.1+. 2019-08-16 11:39:37 +02:00
Andrew Brown 8a281aa7fe Fixed #30687 -- Fixed using of OuterRef() expressions in distance lookups. 2019-08-16 06:50:33 +02:00
zeyneloz 8289fc55ff Refs #30449 -- Made RelatedOnlyFieldListFilter respect ModelAdmin.ordering. 2019-08-15 10:29:10 +02:00
zeyneloz 00035672a4 Fixed #30449 -- Fixed RelatedFieldListFilter/RelatedOnlyFieldListFilter to respect model's Meta.ordering.
Regression in 6d4e5feb79.

Co-Authored-By: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2019-08-15 10:29:05 +02:00
Mariusz Felisiak 1f8382d34d
Fixed #30672 -- Fixed crash of JSONField/HStoreField key transforms on expressions with params.
Regression in 4f5b58f5cd.

Thanks Florian Apolloner for the report and helping with tests.
2019-08-14 15:25:35 +02:00
Mads Jensen 0b8d911d28 Optimized Field.deconstruct() by using elif. 2019-08-14 10:50:31 +02:00
Claude Paroz eed2e740f7 Fixed #30461 -- Made GeoIP2 and GEOIP_PATH setting accept pathlib.Path as library path.
Thanks Nikita Krokosh for the initial patch.
2019-08-13 19:44:10 +02:00
Claude Paroz 88c0b907e7 Refs #30461 -- Added django.utils._os.to_path(). 2019-08-13 17:17:39 +02:00
Mariusz Felisiak c19ad2da4b
Fixed #30704 -- Fixed crash of JSONField nested key and index transforms on expressions with params.
Thanks Florian Apolloner for the report and helping with tests.
2019-08-13 08:42:17 +02:00
Simon Charette efa1908f66 Refs #25367 -- Moved Oracle Exists() handling to contextual methods.
Oracle requires the EXISTS expression to be wrapped in a CASE WHEN in
the following cases.

1. When part of a SELECT clause.
2. When part of a ORDER BY clause.
3. When compared against another expression in the WHERE clause.

This commit moves the systematic CASE WHEN wrapping of Exists.as_oracle
to contextual .select_format, Lookup.as_oracle, and OrderBy.as_oracle
methods in order to avoid unnecessary wrapping.
2019-08-13 06:48:14 +02:00
Simon Charette fff5186d32 Refs #25367 -- Moved select_format hook to BaseExpression.
This will expose an intermediary hook for expressions that need special
formatting when used in a SELECT clause.
2019-08-13 06:48:14 +02:00
Min ho Kim 4f7328ce8a Corrected multiple typos. 2019-08-12 12:53:36 +02:00
Simon Charette 088a6fab1c Refs #24793 -- Removed bogus connection argument from SQLCompiler.compile() calls.
The method doesn't expect a connection object to be passed as its second
argument.
2019-08-12 07:47:55 +02:00
Simon Charette 8b3e1b6e9e Refs #11964 -- Made constraint support check respect required_db_features.
This will notably silence the warnings issued when running the test
suite on MySQL.
2019-08-12 06:44:37 +02:00
Simon Charette 2fb872e56f Refs #23879 -- Made introspection respect required_db_features. 2019-08-12 06:33:46 +02:00
swatantra 73ac9e3f04 Fixed #30677 -- Improved error message for urlencode() and Client when None is passed as data. 2019-08-11 20:15:23 +02:00
Ngalim Siregar 503f60ff57 Fixed #29008 -- Fixed crash of 404 debug page when URL path converter raises Http404. 2019-08-09 22:48:08 +02:00
Jon Dufresne 5b57798513 Removed unnecessary StatAggregate.resolve_expression().
This method only calls the parent method, but without the for_save
argument. The parent class, Aggregate, already ignores the for_save
argument so there is no need for special handling.

Unnecessary since its introduction in e4cf8c8420.
2019-08-08 22:34:25 +02:00
Adnan Umer 8d3519071e Fixed #30673 -- Relaxed system check for db_table collision when database routers are installed by turning the error into a warning. 2019-08-08 21:14:06 +02:00
Min ho Kim 65e86948b8 Corrected several typos in string literals and test names. 2019-08-07 11:23:14 +02:00
Andrew Godwin 052388aba4 Fixed #30676 -- Added --pdb option to test runner. 2019-08-07 08:16:31 +02:00
Adnan Umer c5075360c5 Fixed #30680 -- Removed obsolete system check for SECURE_BROWSER_XSS_FILTER setting. 2019-08-05 18:44:08 +02:00
Mariusz Felisiak 05964b2198 Moved indexes in ArrayField's Index and Slice transforms to SQL params.
Follow up to 7deeabc7c7.

These lookups aren't vulnerable to SQL injection because both accept
only integer indexes. It is a part of good practices.
2019-08-05 14:16:35 +02:00
Diederik van der Boor 25f21bd237 Fixed #28393 -- Added helpful error messages for invalid AutoField/FloatField/IntegerField values.
Co-authored-by: Diederik van der Boor <vdboor@edoburu.nl>
Co-authored-by: Nick Pope <nick.pope@flightdataservices.com>
2019-08-05 08:41:29 +02:00
Nick Pope 4cf1f2f13e Simplified AlterModelTable by making it subclass ModelOptionOperation. 2019-08-02 18:19:55 +02:00
aaktsipetrov 4edad1ddf6 Fixed #30668 -- Made QuerySet.filter() raise NotSupportedError if any of source expressions is not filterable. 2019-08-02 15:06:00 +02:00
Nick Pope 194d1dfc18 Fixed #30661 -- Added models.SmallAutoField. 2019-08-02 11:39:01 +02:00
zeyneloz 955b382600 Fixed #30599 -- Prevented ManifestFilesMixin.read_manifest() from silencing errors other than FileNotFoundError. 2019-08-02 08:35:28 +02:00
Mariusz Felisiak d14fa04ab3 Removed obsolete mentions of a check constraint in BaseDatabaseSchemaEditor.add_constraint()/remove_constraint() docstrings. 2019-08-02 07:09:37 +02:00
Jon Dufresne e8d0d2a5ef Removed unneeded ValueError catching in django.utils.text._replace_entity().
The html.entities.name2codepoint dict contains only valid Unicode
codepoints. Either the key exists and chr() will succeed or the key does
not exist.
2019-08-01 14:30:20 +02:00
Mariusz Felisiak ff111ea5e3 Refs #30664 -- Fixed migrations crash when altering AutoField/BigAutoField with quoted db_column on PostgreSQL. 2019-08-01 12:06:32 +02:00
Ngalim Siregar e4684220af Fixed #30664 -- Fixed migrations crash when altering table on SQLite or altering AutoField/BigAutoField on PostgreSQL for models with quoted db_table. 2019-08-01 12:06:32 +02:00
Florian Apolloner 76ed1c49f8 Fixed CVE-2019-14235 -- Fixed potential memory exhaustion in django.utils.encoding.uri_to_iri().
Thanks to Guido Vranken for initial report.
2019-08-01 09:24:54 +02:00
Mariusz Felisiak 7deeabc7c7 Fixed CVE-2019-14234 -- Protected JSONField/HStoreField key and index lookups against SQL injection.
Thanks to Sage M. Abdullah for the report and initial patch.
Thanks Florian Apolloner for reviews.
2019-08-01 09:24:54 +02:00
Florian Apolloner 4b78420d25 Fixed CVE-2019-14233 -- Prevented excessive HTMLParser recursion in strip_tags() when handling incomplete HTML entities.
Thanks to Guido Vranken for initial report.
2019-08-01 09:24:54 +02:00
Florian Apolloner 7f65974f82 Fixed CVE-2019-14232 -- Adjusted regex to avoid backtracking issues when truncating HTML.
Thanks to Guido Vranken for initial report.
2019-08-01 09:24:54 +02:00
Carlton Gibson eea0bf7bd5 Refs #30669 -- Removed incorrect branch in ASGIHander.read_body().
None is not valid for settings.FILE_UPLOAD_MAX_MEMORY_SIZE.
Always use SpooledTemporaryFile.
2019-07-31 13:33:01 +02:00
Étienne Beaulé 5f24e7158e Fixed #30665 -- Added support for distinct argument to Avg() and Sum(). 2019-07-31 11:22:50 +02:00
Nick Pope f618e033ac Fixed #30160 -- Added support for LZMA and XZ templates to startapp/startproject management commands. 2019-07-31 10:02:13 +02:00
Nick Pope 69a30f620e Refs #30160 -- Simplified archive extension map and added other aliases. 2019-07-31 09:46:17 +02:00
Hasan Ramezani e3fc9af4ab Refs #30593 -- Fixed introspection of check constraints columns on MariaDB. 2019-07-30 16:32:13 +02:00
Hasan Ramezani b2aad9ad4d Refs #30593 -- Added _parse_constraint_columns() hook to introspection on MariaDB. 2019-07-30 16:32:13 +02:00
Nick Pope 0509148c24 Refs #30160 -- Made destination path a required argument of extract(). 2019-07-30 11:27:56 +02:00
Jerrod Martin c7bef16a74 Fixed #30411 -- Improved formatting of text tracebacks in technical 500 templates.
Co-Authored-By: Daniel Hahler <git@thequod.de>
2019-07-29 11:09:54 +02:00
Claude Paroz 3c6d32e0b2 Fixed #30552 -- Fixed loss of SRID when calling reverse() on LineString/Point.
Thanks Mariusz Felisiak for contributing the Point part.
2019-07-27 20:12:46 +02:00
Jon Dufresne 4122d9d3f1 Refs #28147 -- Fixed setting of OneToOne and Foreign Key fields to None when using attnames.
Regression in 519016e5f2.
2019-07-27 12:04:56 +02:00
Piotr Domanski 4b4e68a7a6 Fixed #30567 -- Made WSGIHandler pass FileResponse.block_size to wsgi.file_wrapper. 2019-07-26 07:31:51 +02:00
Mariusz Felisiak 806ba19bbf
Added Query.is_sliced property.
Previously, we used Query.can_filter() mainly to check if a query is
sliced what was confusing.
2019-07-25 20:45:55 +02:00
Hasan Ramezani 1853383969 Fixed #27995 -- Added error messages on unsupported operations following union(), intersection(), and difference(). 2019-07-25 12:39:55 +02:00
Jon Dufresne 5ed20b3aa3 Fixed #30657 -- Allowed customizing Field's descriptors with a descriptor_class attribute.
Allows model fields to override the descriptor class used on the model
instance attribute.
2019-07-25 08:15:20 +02:00
Jon Dufresne 93ffa81bc5 Refs #30657 -- Made DeferredAttribute.__init__() to take a field instance instead of a field name. 2019-07-25 07:24:52 +02:00
Tom Forbes fc75694257 Fixed #30647 -- Fixed crash of autoreloader when extra directory cannot be resolved. 2019-07-24 14:08:37 +02:00
Mariusz Felisiak fed5e19369
Removed unused BaseReloader.watch_file().
Unused since its introduction in c8720e7696.
2019-07-24 13:32:02 +02:00
Jon Dufresne d89053585e Improved error message when index in __getitem__() is invalid. 2019-07-23 20:12:08 +02:00
Mariusz Felisiak 8d52a525c8
Refs #29548 -- Fixed DatabaseWrapper.display_name on MariaDB. 2019-07-23 13:34:06 +02:00
Tom Forbes 2ff517ccb6 Fixed #30506 -- Fixed crash of autoreloader when path contains null characters. 2019-07-23 10:03:23 +02:00
Jon Dufresne 60dc957a82 Removed unnecessary code in Model.__init__().
As is_related_object is True, the val variable is unused for the
remainder of the method.

Unnecessary since 53da1e4794.
2019-07-23 07:45:07 +02:00
Georgi Yanchev c6581a40be Fixed #30644 -- Made introspection use pg_table_is_visible() instead of filtering by public schema on PostgreSQL. 2019-07-22 08:14:53 +02:00
Mariusz Felisiak 842fd620ff
Simplified get_key_columns()/get_relations() introspection methods for PostgreSQL. 2019-07-20 15:15:41 +02:00
Min ho Kim 9f11939dd1 Fixed typos in comments and a test name. 2019-07-19 18:24:06 +02:00
Hasan Ramezani 1fc2c70f76 Fixed #30593 -- Added support for check constraints on MariaDB 10.2+. 2019-07-19 11:05:06 +02:00
Mads Jensen a3417282ac Fixed #29824 -- Added support for database exclusion constraints on PostgreSQL.
Thanks to Nick Pope and Mariusz Felisiak for review.

Co-Authored-By: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2019-07-16 18:04:41 +02:00
Mads Jensen 7174cf0b00 Refs #29824 -- Added RangeOperators helper class. 2019-07-16 16:57:46 +02:00
Yann Sionneau e47b8293a7 Fixed #30636 -- Fixed options ordering when cloning test database on MySQL.
--defaults-file must be given before other options.
2019-07-16 07:25:43 +02:00
Mariusz Felisiak 858cfd74e9
Simplified RangeContainedBy by making it subclass PostgresSimpleLookup. 2019-07-13 10:55:19 +02:00
Mariusz Felisiak 70c2b90d95
Simplified DateTimeRangeContains by making it subclass PostgresSimpleLookup. 2019-07-12 17:27:49 +02:00
Hasan Ramezani 402e6d292f Fixed #30602 -- Made Extract raise ValueError when using unsupported lookups for DurationField. 2019-07-12 08:08:35 +02:00
Mariusz Felisiak 7a42cfcfdc
Refs #30557 -- Fixed crash of ordering by ptr fields when Meta.ordering contains F() expressions.
Thanks Can Sarıgöl for the report.

Follow up to 8c5f9906c5.
2019-07-11 13:40:36 +02:00
Hasan Ramezani 8c5f9906c5 Fixed #30557 -- Fixed crash of ordering by ptr fields when Meta.ordering contains expressions. 2019-07-11 11:24:59 +02:00
can 52545e788d Fixed #28289 -- Fixed crash of RawSQL annotations on inherited model fields. 2019-07-11 08:27:15 +02:00
atsuo ishimoto a9c6ab0356 Fixed #30619 -- Made runserver --nothreading use single threaded WSGIServer.
Browsers often use multiple connections with Connection: keep-alive.
If --nothreading is specified, the WSGI server cannot accept new
connections until the old connection is closed, causing hangs.

Force Connection: close when --nothreading option is used.
2019-07-10 13:22:17 +02:00
Johannes Hoppe 00d4e6f8b5 Updated Select2 to version 4.0.7. 2019-07-10 12:31:16 +02:00
Hasan Ramezani ed668796f6 Fixed #30543 -- Fixed checks of ModelAdmin.list_display for fields accessible only via instance.
Co-Authored-By: Andrew Simons <andrewsimons@bubblegroup.com>
2019-07-10 10:37:34 +02:00
Mariusz Felisiak 7991111af1
Fixed #30621 -- Fixed crash of __contains lookup for Date/DateTimeRangeField when the right hand side is the same type.
Thanks Tilman Koschnick for the report and initial patch.
Thanks Carlton Gibson the review.

Regression in 6b048b364c.
2019-07-10 10:33:36 +02:00
Simon Charette ee6e93ec87 Fixed #30628 -- Adjusted expression identity to differentiate bound fields.
Expressions referring to different bound fields should not be
considered equal.

Thanks Julien Enselme for the detailed report.

Regression in bc7e288ca9.
2019-07-10 07:46:08 +02:00
can febe136d4c Fixed #30397 -- Added app_label/class interpolation for names of indexes and constraints. 2019-07-08 14:57:56 +02:00
Johannes Hoppe bc91f27a86 Refs #29444 -- Added support for fetching a returned non-integer insert values on Oracle.
This is currently not actively used, since the ORM will ask the
SQL compiler to only return auto fields.
2019-07-08 08:53:08 +02:00
can 53209f7830 Fixed #30613 -- Moved index name validation to system checks. 2019-07-05 09:30:21 +02:00
Chason Chaffin c238e65e29 Fixed #30596 -- Fixed SplitArrayField.has_changed() for non-string base fields.
Thanks to Evgeniy Krysanov for the report and the idea to use to_python.
Thanks to Mariusz Felisiak for the test case.
2019-07-03 13:35:51 +02:00
Benjamin Woodruff 54dcfbc367 Fixed #29744 -- Fixed caching of URLResolver for a default URLconf.
get_resolver() for a default URLconf (passing no argument) and for
settings.ROOT_URLCONF should return the same cached object.
2019-07-03 11:37:28 +02:00
Chason Chaffin 55b68de643 Fixed #30608 -- Fixed non-unicode EmailMessage crash when domain name for localhost is non-ASCII.
Assisted by felixxm.
2019-07-03 10:49:03 +02:00
Mariusz Felisiak f226bdbf4e Refs #30608 -- Added django.utils.encoding.punycode(). 2019-07-03 10:48:02 +02:00
Hasan Ramezani a5308514fb Fixed #27801 -- Made createsuperuser fall back to environment variables for password and required fields. 2019-07-02 12:55:09 +02:00
Min ho Kim fbb83fefd4 Fixed typos in comments and docs. 2019-07-02 09:36:17 +02:00
Hasan Ramezani 090ca6512f Fixed #30604 -- Made mail_admins()/mail_managers() raise ValueError if ADMINS/MANAGERS is set incorrectly. 2019-07-02 07:34:07 +02:00
PatOnTheBack 29240a9952 Removed unnecessary import in django/utils/autoreload.py. 2019-07-01 14:50:00 +02:00
Hasan Ramezani 5d03f2bc01 Fixed #30595 -- Added error message when no objects found to sql* management commands. 2019-07-01 13:47:54 +02:00
Carlton Gibson 54d0f5e62f Fixed CVE-2019-12781 -- Made HttpRequest always trust SECURE_PROXY_SSL_HEADER if set.
An HTTP request would not be redirected to HTTPS when the
SECURE_PROXY_SSL_HEADER and SECURE_SSL_REDIRECT settings were used if
the proxy connected to Django via HTTPS.

HttpRequest.scheme will now always trust the SECURE_PROXY_SSL_HEADER if
set, rather than falling back to the request scheme when the
SECURE_PROXY_SSL_HEADER did not have the secure value.

Thanks to Gavin Wahl for the report and initial patch suggestion, and
Shai Berger for review.
2019-07-01 07:48:04 +02:00
Claude Paroz d54baf6970 Updated translations from Transifex
Forward port of b3f7262e6e from stable/2.2.x
2019-06-29 16:17:16 +02:00
Jon Dufresne 42b9a23267 Fixed #30400 -- Improved typography of user facing strings.
Thanks Claude Paroz for assistance with translations.
2019-06-28 16:46:18 +02:00
Hasan Ramezani 2b03e8e9e8 Fixed #30584 -- Fixed management command when using subparsers with dest parameter. 2019-06-28 12:51:26 +02:00
can f03b7bd114 Fixed #28408 -- Added error message when updating with annotated expressions on joined fields.
Co-Authored-By: Simon Charette <charette.s@gmail.com>
2019-06-28 07:55:32 +02:00
Nadège Michel 895b15771e Fixed #28725 -- Prevented serializing inherited ManyToManyFields in child model. 2019-06-27 15:10:22 +02:00
Shubham Bhagat 26d16c07fd Fixed #30578 - Made SelectDateWidget respect a custom date format when USE_L10N is disabled. 2019-06-26 11:07:11 +02:00
nsasaki128 a289e79679 Fixed #30594 -- Added 'private' Cache-Control directive to never_cache() decorator. 2019-06-26 09:25:24 +02:00
Tom Forbes 8454f6dea4 Fixed #30588 -- Fixed crash of autoreloader when __main__ module doesn't have __file__ attribute. 2019-06-26 06:44:10 +02:00
can 325d5d6445 Fixed #30477 -- Made reverse lookup use Field.get_db_prep_value() from the target field. 2019-06-25 10:20:33 +02:00
daniel a rios 76b993a117 Fixed #26431 -- Prevented django.urls.resolve() from returning missing optional parameters.
Previous behavior was inconsistent with django.urls.reverse() and
caused that translate_url() created an incorrect URL when an optional
parameter was missing.
2019-06-24 11:47:56 +02:00
Tom Forbes e286711879 Simplified handling of non-existent paths in autoreloader with Path.resolve(strict=True). 2019-06-24 09:48:59 +02:00
Markus Holtermann ad7b438002 Bumped minimum ESLint version to 4.18.2. 2019-06-21 17:57:35 +02:00
Nadège Michel 87b1ad6e73 Fixed #30421 -- Allowed symmetrical intermediate table for self-referential ManyToManyField. 2019-06-21 15:03:17 +02:00
Tobias Kunze a387ef1117 Added missing form argument in modelform_factory() docstring. 2019-06-20 15:13:22 +02:00
Mariusz Felisiak 7f19e37135 Refs #30451 -- Added more tests for ASGIRequest and ASGIHandler. 2019-06-20 12:29:58 +02:00
Andrew Godwin a415ce70be Fixed #30451 -- Added ASGI handler and coroutine-safety.
This adds an ASGI handler, asgi.py file for the default project layout,
a few async utilities and adds async-safety to many parts of Django.
2019-06-20 12:29:43 +02:00
Chris Jerdonek cce47ff65a Fixed #30565 -- Closed HttpResponse when wsgi.file_wrapper closes file-like object. 2019-06-20 11:48:49 +02:00
can 2cbd3967e0 Fixed #29834 -- Fixed column mismatch crash with QuerySet.values()/values_list() and order_by() on combined querysets. 2019-06-19 12:11:28 +02:00
Mariusz Felisiak 14d026cccb
Fixed #30572 -- Prevented values()/values_list() on combined queryset from mutating the list of columns in querysets. 2019-06-19 10:44:53 +02:00
Min ho Kim 6e8303d49b Fixed typos in FakePayload docstring and SimplifiedURLTests test name. 2019-06-17 12:38:04 +02:00
Mariusz Felisiak 415e899dc4 Refs #30451 -- Added HttpRequest._set_content_type_params() hook. 2019-06-15 10:29:02 -07:00
Sanyam Khurana 87f5d07eed Fixed #12952 -- Adjusted admin log change messages to use form labels instead of field names. 2019-06-14 18:20:29 +02:00
Joachim Jablon 2628ea9515 Fixed #30512 -- Used email.headerregistry.parser for parsing emails in sanitize_address(). 2019-06-13 16:22:15 +02:00
can fde9b7d35e Fixed #30128 -- Fixed handling timedelta timezone in database functions. 2019-06-13 09:29:43 +02:00
Sergey Fedoseev 6fa71872ae Simplified django.urls.reverse() a bit. 2019-06-12 12:15:40 +02:00
Mariusz Felisiak b616f65855
Added missing support for PointOnSurface function on MariaDB. 2019-06-12 10:51:43 +02:00
Jon Dufresne 9e38ed0536 Fixed #27486 -- Fixed Python 3.7 DeprecationWarning in intword and filesizeformat filters.
intword and filesizeformat passed floats to ngettext() which is
deprecated in Python 3.7. The rationale for this warning is documented
in BPO-28692: https://bugs.python.org/issue28692.

For filesizeformat, the filesize value is expected to be an int -- it
fills %d string formatting placeholders. It was likely coerced to a
float to ensure floating point division on Python 2. Python 3 always
does floating point division, so coerce to an int instead of a float to
fix the warning.

For intword, the number may contain a decimal component. In English, a
decimal component makes the noun plural. A helper function,
round_away_from_one(), was added to convert the float to an integer that
is appropriate for ngettext().
2019-06-11 20:34:59 +02:00
CruxBox 34f8eeea4a Fixed #30548 -- Improved exception when expression contains mixed types. 2019-06-10 19:48:53 +02:00
Aymeric Augustin 3ee0834a46 Fixed #30556 -- Avoided useless query and hasher call in ModelBackend.authenticate() when credentials aren't provided.
There's no need to fetch a user instance from the database unless
a username and a password are provided as credentials.
2019-06-10 11:12:31 +02:00
Hasan Ramezani dcb8f00d06 Fixed #29379 -- Added autocomplete attribute to contrib.auth.forms fields.
Thank you to Nick Pope for review.

Co-authored-by: CHI Cheng <cloudream@gmail.com>
2019-06-07 12:44:39 +02:00
Alexandre Varas c498f088c5 Fixed #30521 -- Fixed invalid HTML in default error pages. 2019-06-07 07:51:45 +02:00
Jon Dufresne d6ea4898c4 Fixed #30550 -- Fixed decoding of non-UTF-8 bytes objects in response.json(). 2019-06-07 06:40:15 +02:00
Hasan Ramezani 661e6cc2c9 Fixed #29706 -- Made RenameContentType._rename() save to the correct database. 2019-06-06 12:09:01 +02:00
Arpana Mehta 4b45b6c8e4 Updated Hindi language name. 2019-06-06 11:16:19 +02:00
Tobias Bengfort 581a0f4545 Refs #30226 -- Added User.get_user_permissions() method.
Added to mirror the existing User.get_group_permissions().
2019-06-05 13:56:37 +02:00
Tobias Bengfort 75337a6050 Fixed #30226 -- Added BaseBackend for authentication. 2019-06-05 13:39:46 +02:00
Étienne Beaulé 4b6dfe1622 Fixed #30542 -- Fixed crash of numerical aggregations with filter.
Filters in annotations crashed when used with numerical-type
aggregations (i.e. Avg, StdDev, and Variance). This was caused as the
source expressions no not necessarily have an output_field (such as the
filter field), which lead to an AttributeError: 'WhereNode' object has
no attribute output_field.

Thanks to Chuan-Zheng Lee for the report.

Regression in c690afb873 and two following
commits.
2019-06-05 08:06:26 +02:00
Jones Ambrosi f9561144d7 Fixed #30520 -- Fixed crash of admin model inlines on custom fields without labels. 2019-06-04 10:27:12 +02:00
RobertAKARobin aa94f7c899 Fixed #30534 -- Fixed overriding a field's default in ModelForm.cleaned_data(). 2019-06-04 08:28:49 +02:00
Nathan Gaberel b27c9c953b Fixed #28604 -- Prevented ManifestStaticFilesStorage from leaving intermediate files. 2019-06-03 13:11:55 +02:00
Carlton Gibson 34ec52269a Applied jQuery patch for CVE-2019-11358. 2019-06-03 11:36:12 +02:00
Carlton Gibson deeba6d920 Fixed CVE-2019-12308 -- Made AdminURLFieldWidget validate URL before rendering clickable link. 2019-06-03 11:36:12 +02:00
can dffa3e1992 Fixed #30493 -- Fixed prefetch_related() for GenericRelation with different content types.
Co-Authored-By: Mariusz Felisiak <felisiak.mariusz@gmail.com>

Thanks Simon Charette for the review.
2019-05-31 18:11:55 +02:00
Mariusz Felisiak f66021f3f7 Refs #30493 -- Added GenericRelatedObjectManager.get_content_type() hook. 2019-05-31 18:11:51 +02:00
Mariusz Felisiak f6075fb333 Fixed #26192 -- Fixed crash of ordering by constants on PostgreSQL.
Thanks Simon Charette for the review.
2019-05-31 07:38:48 +02:00
Daniel Hahler 59f04d6b8f Simplified SessionMiddleware.process_response() a bit. 2019-05-29 14:10:11 +02:00
Tom Forbes 480492fe70 Fixed #30523 -- Fixed updating file modification times on seen files in auto-reloader when using StatReloader.
Previously we updated the file mtimes if the file has not been seen
before - i.e on the first iteration of the loop.

If the mtime has been changed we triggered the notify_file_changed()
method which in all cases except the translations will result in the
process being terminated. To be strictly correct we need to update the
mtime for either branch of the conditional.

Regression in 6754bffa2b.
2019-05-29 09:41:24 +02:00
Tom Forbes 0344565179 Fixed #30516 -- Fixed crash of autoreloader when re-raising exceptions with custom signature.
Regression in c8720e7696.
2019-05-29 08:08:50 +02:00
葛汉斌 fcbc502af9 Simplified Model.save() a bit. 2019-05-28 15:40:31 +02:00
Caio Ariede a3f91891d2 Fixed #30315 -- Fixed crash of ArrayAgg and StringAgg with ordering when used in Subquery. 2019-05-28 10:05:50 +02:00
Tom Forbes b2790f74d4 Fixed #30479 -- Fixed detecting changes in manage.py by autoreloader when using StatReloader.
Regression in c8720e7696.
2019-05-28 08:31:33 +02:00
Simon Charette df46b329e0 Refs #30485 -- Avoided unnecessary instance checks in urlencode.
Given doseq defaults to False it should avoid an unnecessary instance
check in most cases.
2019-05-27 22:00:14 +02:00
Mariusz Felisiak b6c4766f53
Refs #29548 -- Updated docs for MariaDB support. 2019-05-27 19:59:49 +02:00
Johan Lübcke 0670b1b403 Fixed #30485 -- Adjusted django.utils.http.urlencode for doseq=False case. 2019-05-24 17:15:34 +02:00
Rob 58df8aa40f Fixed #28780 -- Allowed specyfing a token parameter displayed in password reset URLs.
Co-authored-by: Tim Givois <tim.givois.mendez@gmail.com>
2019-05-24 08:40:25 +02:00
Caio Ariede 753b67c58d Fixed #30497 -- Ignored document type in assertXMLEqual()/assertXMLNotEqual(). 2019-05-24 07:29:42 +02:00
Mariusz Felisiak f8b8b00f01
Fixed #30501 -- Preventing QuerySet.reverse() from mutating expressions in QuerySet.order_by and Meta.ordering. 2019-05-23 20:33:37 +02:00
Mariusz Felisiak 2007e11d70
Forced utf-8 encoding when loading common passwords in CommonPasswordValidator.
Previously we used `decode()` which defaults to utf-8. This change
restores previous behavior.

Follow up to 28eac41510.
2019-05-23 08:39:16 +02:00
Ran Benita a2c31e12da Fixed #30498 -- Fixed proxy class caching in lazy().
lazy() should prepare the proxy class only once (the first time it's
used) not on every call.

Regression in b4e76f30d1.
2019-05-22 20:41:52 +02:00
Jon Dufresne b711eafd2a Refs #30116 -- Removed unnecessary str() calls in CommonPasswordValidator.
open() and gzip.open() supports path-like objects since Python 3.6.
2019-05-22 19:47:28 +02:00
Brad Solomon 28eac41510 Improved performance of loading common passwords in CommonPasswordValidator.
CommonPasswordValidator.__init__ previously called either splitlines or
readlines, creating an unneeded intermediate list in memory. For large
custom password files, this could be burdensome.
2019-05-22 06:55:21 +02:00
Hasan Ramezani 1378d665a1 Fixed #28816 -- Prevented silencing data loss when decreasing CharField.max_length on PostgreSQL. 2019-05-21 14:15:43 +02:00
Rob 519016e5f2 Fixed #28147 -- Fixed loss of assigned parent when saving child after parent.
Thanks Erwin Junge for the initial patch.
2019-05-21 10:11:22 +02:00
Hasan Ramezani 9d6f981a66 Fixed #28763 -- Allowed overriding the session cookie age with SessionStore.get_session_cookie_age(). 2019-05-21 08:50:09 +02:00
Simon Charette 514104cf23 Refs #29396, #30494 -- Reduced code duplication in year lookups. 2019-05-21 07:25:09 +02:00
Simon Charette 2b582a7b84 Fixed #29396 -- Added indirect values support to __year lookups.
Thanks Windson Yang for the initial patch.
2019-05-21 07:12:33 +02:00
Simon Charette 4d1420947e Fixed #30494 -- Disabled __year lookup optimization for indirect values.
The previous heuristics were naively enabling the BETWEEN optimization on
successful cast of the first rhs SQL params to an integer while it was
not appropriate for a lot of database resolved expressions.

Thanks Alexey Chernov for the report.
2019-05-21 07:11:26 +02:00
Nick Pope 1d0bab0bfd Fixed #27635 -- Used secrets module in django.utils.crypto. 2019-05-20 11:21:22 +02:00
Nick Pope 068005a349 Refs #27635 -- Removed fallback when SystemRandom() isn't available that doesn't work.
Fallback was untested and likely never triggered.
2019-05-20 11:21:22 +02:00
Thomasina Lee c38e7a79f4 Fixed #30488 -- Removed redundant Coalesce call in SQL generated by SearchVector.
Regression in 405c836336.
2019-05-20 08:34:06 +02:00
ruchit2801 04042b2b44 Fixed #30463 -- Fixed crash of deprecation message when Meta.ordering contains expressions.
Regression in 1b1f64ee5a.
2019-05-18 19:29:00 +02:00
ShingenPizza de4832c49b Fixed #30196 -- Made FileResponse set Content-Disposition inline if filename is available. 2019-05-17 12:07:27 +02:00
Batuhan Taşkaya 5c19274643 Fixed #30453 -- Fixed crash of simple_tag() and inclusion_tag() when function is wrapped.
getfullargspec() doesn't work with wrapped functions.
2019-05-17 09:53:24 +02:00
Johannes Hoppe 8d010f3986 Fixed #30220 -- Added support for headless mode in selenium tests. 2019-05-17 08:14:54 +02:00