innov
/
django1
1
0
Fork 0
Code Issues Pull Requests 1 Projects Releases Wiki Activity
19,749 Commits 25 Branches 361 Tags 501 MiB
Commit Graph

346 Commits

Author SHA1 Message Date
Tim Graham c51258882b Increased the default PBKDF2 iterations. 2015-01-16 19:27:10 -05:00
Claude Paroz b4ac232907 Fixed #24099 -- Removed contenttype.name deprecated field 
This finsishes the work started on #16803.
Thanks Simon Charette, Tim Graham and Collin Anderson for the
reviews.
 2015-01-16 20:21:34 +01:00
Markus Holtermann 51dc617b21 Refs #24075 -- Silenced needless call_command output while running tests 
Thanks Tim Graham for the report
 2015-01-15 21:07:39 +01:00
Markus Holtermann 737d24923a Fixed #24075 -- Prevented running post_migrate signals when unapplying initial migrations of contenttypes and auth 
Thanks Florian Apolloner for the report and Claude Paroz and Tim Graham for the review and help on the patch.
 2015-01-14 19:59:39 +01:00
Aymeric Augustin 5f7230e12f Fixed #24124 (again) -- Updated tests with new default context_processors. 
Thanks Collin for the review.
 2015-01-12 22:31:44 +01:00
Claude Paroz d7bc37d611 Fixed #24097 -- Prevented AttributeError in redirect_to_login 
Thanks Peter Schmidt for the report and the initial patch.
Thanks to ​Oktay Sancak for writing the original failing test and
Alvin Savoy for supporting contributing back to the community.
 2015-01-10 10:05:02 +01:00
Tim Graham 4986653d9d Fixed a typo in contrib/auth/tests/custom_user.py docstring. 2015-01-09 14:33:04 -05:00
Tim Graham 40a8504357 Fixed #23891 -- Moved deprecation of IPAddressField to system check framework. 
Thanks Markus Holtermann for review.
 2015-01-01 13:30:52 -05:00
Claude Paroz 51890ce889 Applied ignore_warnings to Django tests 2014-12-30 18:16:25 +01:00
Aymeric Augustin cf0fd65ed4 Deprecated TEMPLATE_LOADERS. 2014-12-28 17:02:30 +01:00
Aymeric Augustin fdbfc98003 Deprecated some arguments of django.shortcuts.render(_to_response). 
dictionary and context_instance and superseded by context.

Refactored tests that relied context_instance with more modern idioms.
 2014-12-28 17:02:29 +01:00
Tim Graham 0d5ca7b560 Moved an import in an auth test; refs #23925. 
This keeps tests/__init__.py from importing other modules and may fix a problem
with test discovery revealed in formtools tests on Travis CI.
 2014-12-15 10:09:18 -05:00
Tim Graham b06dfad88f Fixed #23939 -- Moved session verification out of SessionAuthenticationMiddleware. 
Thanks andrewbadr for the report and Carl Meyer for the review.
 2014-12-03 13:11:47 -05:00
sdeprez 9e80c5f457 Fixed #23925 -- Allowed settings.AUTHENTICATION_BACKENDS to reference import aliases 2014-11-28 10:47:33 -05:00
Diego Guimarães f39b0421b4 Fixed #23338 -- Added warning when unique=True on ForeigKey 
Thanks Jonathan Lindén for the initial patch, and Tim Graham
and Gabe Jackson for the suggestions.
 2014-11-27 19:42:30 -05:00
Aymeric Augustin 7331788300 Avoided rewrapping Contexts in render_to_response. 
This change preserves backwards-compatibility for a very common misuse
of render_to_response which even occurred in the official documentation.

It fixes that misuse wherever it happened in the code base and docs.

Context.__init__ is documented as accepting a dict and nothing else.
Since Context is dict-like, Context(Context({})) could work to some
extent. However, things get complicated with RequestContext and that
gets in the way of refactoring the template engine. This is the real
rationale for this change.
 2014-11-22 17:58:38 +01:00
Aymeric Augustin dca33ac15d Simplified caching of password hashers. 
load_hashers cached its result regardless of its password_hashers
argument which required fragile cache invalidation. Remove that
argument in favor of @override_settings and triggering cache
invalidation with a signal.
 2014-11-19 21:35:39 +01:00
Erik Romijn c1584e1df4 Refs #23793 -- Fixed test failure after password reset messages clarification 2014-11-15 17:05:24 +01:00
Veres Lajos a71a2ea756 Fixed typos using https://github.com/vlajos/misspell_fixer 2014-11-03 20:59:30 -05:00
Berker Peksag f7969b0920 Fixed #23620 -- Used more specific assertions in the Django test suite. 2014-11-03 11:56:37 -05:00
Claude Paroz b8f2c972d0 Removed redundant skip_checks option for call_command 2014-10-20 17:26:00 +02:00
Thomas Chaumeny b2aad7b836 Replaced set([foo, ...]) by {foo, ...} literals. Refs PR 3282. 
Thanks Collin Anderson for the review.
 2014-09-29 00:01:38 +07:00
Damien Baty ad491ecc6e Fixed #23488 -- Added AnonymousUser.get_username(). 2014-09-18 10:48:28 -04:00
Tim Graham 1101467ce0 Limited lines to 119 characters in django/ 
refs #23395.
 2014-09-05 09:22:16 -04:00
Tim Graham e39af5ea59 Fixed #21648 -- Deprecated is_admin_site option to auth.views.password_reset(). 2014-08-23 19:32:58 -04:00
Preston Holmes 5307ce565f Fixed #23066 -- Modified RemoteUserMiddleware to logout on REMOTE_USER change. 
This is a security fix. Disclosure following shortly.
 2014-08-20 14:39:40 -04:00
Gabriel Muñumel deed00c0d8 Fixed #23162 -- Renamed forms.Field._has_changed() to has_changed(). 2014-08-15 08:14:45 -04:00
Trey Hunner 6868643063 Added newlines to the ends of CSS, HTML, and JavaScript files missing them. 2014-08-12 19:22:09 -04:00
Tim Graham a9fd740d22 Fixed #23276 -- Deprecated passing views as strings to url(). 2014-08-12 13:15:40 -04:00
Tim Graham a2479f46f3 Fixed #7220 -- Allowed AbstractBaseUser.last_login to be null. 
Thanks veena for the suggestion and Simon Charette and Kévin Etienne for reviews.
 2014-08-01 17:51:49 -04:00
Jürno Ader 76f2f58a18 Fixed #22956 -- Made PermissionManager.get_by_natural_key() use the correct database for content type lookup. 2014-07-31 13:35:27 -04:00
Alex Gaynor 6732566967 Bump the default iterations for PBKDF2. 
The rate at which we've increased this has not been keeping up with hardware (and software) improvements, and we're now considerably behind where we should be. The delta between our performance and an optimized implementation's performance prevents us from improving that further, but hopefully once Python 2.7.8 and 3.4+ get into more hands we can more aggressively increase this number.
 2014-07-11 22:43:26 -07:00
Yin Jifeng 849538d03d Fixed #13147 -- Moved User validation logic from form to model. 2014-07-10 09:36:43 -04:00
Anubhav Joshi 75ff7b8fb8 Fixed #21832 -- Updated prompt, tests, and docs to show that USERNAME_FIELD supports FK after 9bc2d76. 
Also added get_input_data() hook in createsuperuser.

Thanks Chris Jerdonek and Tim Graham for review.
 2014-07-08 08:21:41 -04:00
Anubhav Joshi 9bc2d766a0 Fixed #21755 -- Added ForeignKey support to REQUIRED_FIELDS. 
This allows specifying ForeignKeys in REQUIRED_FIELDS when using a
custom User model.

Thanks cjerdonek and bmispelon for suggestion and timgraham for review.
 2014-07-03 07:42:52 -04:00
Tim Graham cf252dbea6 Fixed #8162 -- Increased Permission.name max_length to 255 characters. 2014-06-30 14:20:51 -04:00
Tim Graham 150d88cc2c Restored is_anonymous() check in ModelBackend permission checking removed in refs #17903. 
Thanks Florian Apolloner for raising the issue.
 2014-06-24 07:09:38 -04:00
Jorge C. Leitão c33447a50c Fixed #17903 -- Modified ModelBackend to eliminate permissions on inactive users. 
Thanks to @SmileyChris for the report and @timgraham for review.
 2014-06-23 19:57:20 -04:00
Jorge C. Leitão 0a8c0eda2a Simplified test of contrib.auth.tests. 2014-06-23 19:30:06 -04:00
Claude Paroz f17b24e407 Converted remaining management commands to argparse 2014-06-14 13:43:44 +02:00
mlavin 4696cd9671 Fixed #22477 -- Removed contrib middleware from the global settings defaults. 
Also added a compatibility check for changed middleware defaults.

Forwardport of d94de802d3 from stable/1.7.x
 2014-06-13 12:45:56 -04:00
Jorge C. Leitão a00b78b1e2 Fixed #17431 -- Added send_mail() method to PasswordResetForm. 
Credits for the initial patch go to ejucovy;
big thanks to Tim Graham for the review.
 2014-06-10 14:00:52 -04:00
Alex Gaynor 1dcc603eff Fixed several typos in Django 2014-05-28 17:39:14 -07:00
Claude Paroz b8c480a12b Removed unused translations in auth tests 2014-05-20 12:21:05 +02:00
Jorge C. Leitão 2e364a0aac Fixed #15716 - Authentication backends can short-circuit authorization. 
Authorization backends can now raise PermissionDenied in "has_perm"
and "has_module_perms" to short-circuit authorization process.
 2014-05-16 12:57:38 -04:00
Erik Romijn 255449c1ee Added additional checks in is_safe_url to account for flexible parsing. 
This is a security fix. Disclosure following shortly.
 2014-05-14 10:19:48 +02:00
Alex Gaynor 2bcb8bfc8d Fix many many typos in comments throughout the codebase 2014-04-26 10:18:45 -07:00
Tim Graham 9e7f86b890 Fixed #22515 -- Fixed the object_id of the LogEntry that's created after a user password change in the admin. 
Thanks ross at servercode.co.uk for the report.
 2014-04-25 08:20:25 -04:00
Tim Graham 11e30b684d Fixed a KeyError on login with legacy sessions; refs #21649. 
Thanks Loic for the report.
 2014-04-17 19:57:20 -04:00
Aymeric Augustin 2791fbf59d Used more specific test assertions. 2014-04-09 22:20:22 +02:00