Loic Bistuer
6983a1a540
Fixed #15363 -- Renamed and normalized to `get_queryset` the methods that return a QuerySet.
2013-03-08 10:11:45 -05:00
Ramiro Morales
03e40140ff
Merge pull request #871 from matiasb/ticket_19945
...
Fixed #19945 -- Fixed default User model Meta inheritance.
2013-03-03 14:30:36 -08:00
Claude Paroz
8e8c9b908a
Fixed getting default encoding in get_system_username
...
Refs #19933 .
2013-03-02 22:41:08 +01:00
matiasb
f39fead1c3
Fixed #19945 -- Fixed default User model Meta inheritance.
...
Updated default User model Meta class to extend AbstractUser Meta
where translated verbose_name and verbose_name_plural are
defined.
2013-03-01 19:32:20 -03:00
Aymeric Augustin
2ee21d9f0d
Implemented persistent database connections.
...
Thanks Anssi Kääriäinen and Karen Tracey for their inputs.
2013-02-28 15:28:13 +01:00
Claude Paroz
87cc3da814
Merged contrib translations from 1.5 branch
2013-02-26 21:51:06 +01:00
Aymeric Augustin
f1255a3c09
Fixed #18144 -- Restored compatibility with SHA1 hashes with empty salt.
...
Thanks dahool for the report and initial version of the patch.
2013-02-25 20:21:58 +01:00
Florian Apolloner
f56ca3f0e6
Fixed the usage of the deprecated assertEquals.
2013-02-24 11:15:17 +01:00
Preston Holmes
22d82a7742
Fixed #15198 -- pass request to AuthenticationForm
...
Thanks to Ciantic for the report, claudep and slurms for initial work
2013-02-23 15:28:49 -08:00
Preston Holmes
9d2c0a0ae6
Removed superfluous cookie check from auth login.
...
This is ensured through the CSRF protection of the view
2013-02-23 15:28:49 -08:00
Horst Gutmann
2f4a4703e1
Fixed #19758 -- Avoided leaking email existence through the password reset form.
2013-02-23 14:31:21 +01:00
Carl Meyer
d51fb74360
Added a new required ALLOWED_HOSTS setting for HTTP host header validation.
...
This is a security fix; disclosure and advisory coming shortly.
2013-02-19 11:23:29 -07:00
Claude Paroz
5ec0405a09
Fixed #19839 -- Isolated auth tests from customized TEMPLATE_LOADERS
...
Thanks limscoder for the report.
2013-02-18 09:22:25 +01:00
Claude Paroz
a8d1421dd9
Avoided unneeded assertion on Python 3
...
Fixes failure introduced in 02e5909f7a
.
2013-02-15 16:09:31 +01:00
Claude Paroz
02e5909f7a
Fixed #19807 -- Sanitized getpass input in createsuperuser
...
Python 2 getpass on Windows doesn't accept unicode, even when
containing only ascii chars.
Thanks Semmel for the report and tests.
2013-02-15 15:44:27 +01:00
Russell Keith-Magee
f5e4a699ca
Fixed #19822 -- Added validation for uniqueness on USERNAME_FIELD on custom User models.
...
Thanks to Claude Peroz for the draft patch.
2013-02-15 09:00:55 +08:00
Claude Paroz
f1029b308f
Fixed a misnamed variable introduced in commit 142ec8b283
...
Refs #8404 .
2013-02-14 08:33:10 +01:00
Claude Paroz
142ec8b283
Fixed #8404 -- Isolated auth password-related tests from custom templates
2013-02-13 23:11:49 +01:00
Hiroki Kiyohara
e94f405d94
Fixed #18558 -- Added url property to HttpResponseRedirect*
...
Thanks coolRR for the report.
2013-02-13 10:29:32 +01:00
Preston Holmes
0e18fb04ba
Made modwsgi groups_for_user consistent with check_password
...
2b5f848207
based its changes on #19061
that made the is_active attribute mandatory for user models.
The try/except was not removed for the groups_for_user function.
refs #19780
2013-02-09 09:31:04 -08:00
Preston Holmes
c44d748272
Fixed #19662 -- alter auth modelbackend to accept custom username fields
...
Thanks to Aymeric and Carl for the review.
2013-02-07 16:07:56 -08:00
Florian Apolloner
2b916895a1
Updated createsuperuser to use unicode_literals. Refs #19757 .
2013-02-07 14:33:36 +01:00
Claude Paroz
2390fe3f4f
Fixed #19745 -- Forced resolution of verbose names in createsupersuser
...
Thanks Baptiste Mispelon for the report and Preston Holmes for the review.
2013-02-06 10:06:21 +01:00
Simon Charette
ec469ade2b
Fixed #19689 -- Renamed `Model._meta.module_name` to `model_name`.
2013-02-05 04:16:07 -05:00
Claude Paroz
7c5b244826
Fixed #17061 -- Factored out importing object from a dotted path
...
Thanks Carl Meyer for the report.
2013-02-04 16:38:25 +01:00
Claude Paroz
55c585f1c7
Fixed #19725 -- Made createsuperuser handle non-ascii prompts
...
Thanks Michisu for the report.
2013-02-04 10:09:10 +01:00
Claude Paroz
1f8e7bb075
Added missing parentheses in if clause
2013-02-02 12:13:47 +01:00
Claude Paroz
63d6a50dd8
Fixed #18144 -- Added backwards compatibility with old unsalted MD5 passwords
...
Thanks apreobrazhensky at gmail.com for the report.
2013-02-02 12:02:36 +01:00
Claude Paroz
1686e0d184
Fixed #18460 -- Fixed change detection of ReadOnlyPasswordHashField
...
Thanks jose.sanchez et ezeep.com for the report and Vladimir Ulupov
for the initial patch.
2013-01-25 21:27:49 +01:00
Florian Apolloner
cc4de61a2b
Fixed #19596 -- Use `_default_manager` instead of `objects` in the auth app.
...
This is needed to support custom user models which don't define a manager
named `objects`.
2013-01-22 12:47:34 +01:00
Nick Sandford
cdad0b28d4
Fixed #19573 -- Allow override of username field label in AuthenticationForm
2013-01-10 09:06:04 +01:00
Claude Paroz
34ee7d9875
Updated deprecated test assertions
2013-01-08 19:08:15 +01:00
Anssi Kääriäinen
a2396a4c8f
Fixed #19173 -- Made EmptyQuerySet a marker class only
...
The guarantee that no queries will be made when accessing results is
done by new EmptyWhere class which is used for query.where and having.
Thanks to Simon Charette for reviewing and valuable suggestions.
2013-01-06 19:18:28 +02:00
Aymeric Augustin
4e5369a596
Silenced warnings in the tests of deprecated features.
2012-12-29 22:32:07 +01:00
Aymeric Augustin
ef017a5f00
Advanced pending deprecation warnings.
...
Also added stacklevel argument, fixed #18127 .
2012-12-29 21:59:07 +01:00
Julien Phalip
35d1cd0b28
Fixed #19505 -- A more flexible implementation for customizable admin redirect urls.
...
Work by Julien Phalip.
Refs #8001 , #18310 , #19505 . See also 0b908b92a2
.
2012-12-24 15:44:19 -03:00
Claude Paroz
0dc3fc954f
Fixed #19509 -- Fixed crypt/bcrypt non-ascii password encoding
...
Also systematically added non-ascii passwords in hashers test suite.
Thanks Vaal for the report.
2012-12-22 16:04:10 +01:00
Russell Keith-Magee
9facca28b6
Corrected tests depending on the error message on the AuthenticationForm.
...
Refs #19368 , and the fix introduced in 27f8129d64
.
2012-12-16 07:18:45 +08:00
Russell Keith-Magee
27f8129d64
Fixed #19368 -- Ensured that login error messages adapt to changes in the User model.
...
Thanks to un33k for the report.
2012-12-15 22:44:47 +08:00
Russell Keith-Magee
47e1df896b
Fixed #19412 -- Added PermissionsMixin to the auth.User heirarchy.
...
This makes it easier to make a ModelBackend-compliant (with regards to
permissions) User model.
Thanks to cdestigter for the report about the relationship between
ModelBackend and permissions, and to the many users on django-dev that
contributed to the discussion about mixins.
2012-12-15 22:44:47 +08:00
Florian Apolloner
a2f2a39956
Fixed #18856 -- Ensured that redirects can't be poisoned by malicious users.
2012-12-10 22:11:39 +01:00
Claude Paroz
c91667338a
Fixed #19357 -- Allow non-ASCII chars in filesystem paths
...
Thanks kujiu for the report and Aymeric Augustin for the review.
2012-12-08 11:13:52 +01:00
Ramiro Morales
b64d30405a
Fixed #18697 -- Made values accepted for two customizable admin templates consistent.
...
Thanks and at cloverfastfood dot com for the report.
2012-12-04 01:13:01 -03:00
Claude Paroz
a0cd6dd11e
Fixed #19349 -- Fixed re-rendering of ReadOnlyPasswordHashWidget
...
Thanks tim.bowden at mapforge.com.au for the report, Andreas Hug
for the patch and Anton Baklanov for the review.
2012-12-01 12:22:43 +01:00
Preston Holmes
84a5294788
Added missing custom user skip decorator
...
PermissionDeniedBackendTest references User model.
2012-11-30 22:54:42 -08:00
Claude Paroz
0eeae15056
Fixed #19354 -- Do not assume usermodel.pk == usermodel.id
...
Thanks markteisman at hotmail.com for the report.
2012-11-29 21:45:43 +01:00
Claude Paroz
a962bc7c45
Updated User manager when testing custom AUTH_USER_MODEL
...
This is giving more real test conditions when AUTH_USER_MODEL is
set with override_settings.
2012-11-24 16:00:00 +01:00
Aymeric Augustin
a026e480da
Fixed #16039 -- Made post_syncdb handlers multi-db aware.
...
Also reverted 8fb7a90026
. Refs #17055 .
2012-11-22 20:53:59 +01:00
Aymeric Augustin
9e11253497
Merge pull request #511 from ryankask/username-password-admin
...
Allowed custom User models to use the UserAdmin's change password view.
Fix #19056 (again).
2012-11-22 06:50:37 -08:00
Jannis Leidel
1520748dac
Fixed #2550 -- Allow the auth backends to raise the PermissionDenied exception to completely stop the authentication chain. Many thanks to namn, danielr, Dan Julius, Łukasz Rekucki, Aashu Dwivedi and umbrae for working this over the years.
2012-11-17 20:24:54 +01:00