Commit Graph

16864 Commits

Author SHA1 Message Date
Johannes Hoppe 249a6190ae Fixed #30975 -- Replaced custom get_select_option with Selenium's select_by_value. 2019-11-27 16:34:07 +01:00
Johannes Hoppe 69dbb6b708 Fixed #30973 -- Converted selenium tests wait_page_loaded to context manager. 2019-11-27 14:36:26 +01:00
Hasan Ramezani 8d32290279 Fixed #30425 -- Handled jinja2.TemplateSyntaxError when rendering a template.
Jinja raises jinja2.TemplateSyntaxError in render() not in
get_template() when it's in an included template.
2019-11-27 12:48:07 +01:00
Farhaan Bukhsh 1f817daa20 Fixed #30803 -- Allowed comma separators for milliseconds in django.utils.dateparse functions.
Co-Authored-By: Ben Wilber <benwilber@gmail.com>
2019-11-27 09:43:12 +01:00
Farhaan Bukhsh 42b23d1e79 Refs #30803 -- Allowed comma separators for decimal fractions in parse_duration(). 2019-11-27 09:43:12 +01:00
Jon Dufresne cab3661832 Fixed #31027 -- Replaced .getAttribute()/.setAttribute() usage with DOM properties. 2019-11-27 07:53:04 +01:00
Baptiste Mispelon 52936eface Fixed #31031 -- Fixed data loss in admin changelist view when formset's prefix contains regex special chars.
Regression in b18650a263.
2019-11-26 08:48:10 +01:00
Johannes Hoppe ef93fd4683 Fixed #31013 -- Removed jQuery usage in SelectBox.js. 2019-11-25 13:35:20 +01:00
Simon Charette 0290e01d5a Fixed #31002 -- Fixed GIS lookups crash against a subquery annotation.
Thanks Vasileios Bouzas for the report.
2019-11-25 12:30:33 +01:00
John Bowen 29d8198841 Fixed #27914 -- Fixed serialization of nested classes in migrations. 2019-11-25 11:12:44 +01:00
Baptiste Mispelon 824981b2dc Removed unused unencoded_ampersands_re regex.
Unused since 8b81dee60c.
2019-11-25 09:01:31 +01:00
Sergey Fedoseev a5855c8f0f Fixed #30996 -- Added AsWKB and AsWKT GIS functions. 2019-11-22 13:40:48 +01:00
Baptiste Mispelon 8929afb8ec Fixed #9762 -- Made DateFormat.r() locale-independent.
Thanks to Antonio Melé for the original report all those years ago
and to all the contributors who helped along the way.
2019-11-22 12:41:53 +01:00
Baptiste Mispelon 76ec032712 Refs #26281 -- Added a helpful error message for an invalid "r" specifier to dateformat.format(). 2019-11-22 12:32:30 +01:00
Simon Charette 379bf1a2d4 Fixed #8467 -- Prevented crash when adding existent m2m relation with an invalid type.
This was an issue anymore on backends that allows conflicts to be
ignored (Refs #19544) as long the provided values were coercible to the
expected type. However on the remaining backends that don't support
this feature, namely Oracle, this could still result in an
IntegrityError.

By attempting to coerce the provided values to the expected types in
Python beforehand we allow the existing value set intersection in
ManyRelatedManager._get_missing_target_ids to prevent the problematic
insertion attempts.

Thanks Baptiste Mispelon for triaging this old ticket against the
current state of the master branch.
2019-11-22 09:08:10 +01:00
Carlton Gibson ee4a19053a Fixed #31012 -- Reverted "Fixed #29056 -- Fixed HTML5 validation of required SelectDateWidget."
This reverts commit f038214d91.

The initial issue was incorrect. Django 2.2, and before, did not
generate invalid HTML as reported. With f03821 in place invalid HTML
was generated.

Thanks to Kevin Brown for follow-up report and investigation.
2019-11-21 20:53:31 +01:00
Farhaan Bukhsh 664c98f1f8 Fixed #30413 -- Fixed test database signature on SQLite when test database name is provided.
Previously, the same signature was created for multiple in-memory
databases on SQLite when they had tests databases names
DATABASES['TEST']['NAME'].
2019-11-21 19:50:24 +01:00
Jon Dufresne 62254c5202 Simplified TemplateDetailView with pathlib.Path.read_text(). 2019-11-21 15:14:03 +01:00
Simon Charette f97a6123c0 Refs #25367 -- Made Query.build_filter() raise TypeError on non-conditional expressions. 2019-11-21 11:56:35 +01:00
Simon Charette e9a0e1d4f6 Fixed #30484 -- Added conditional expressions support to CheckConstraint. 2019-11-21 11:56:35 +01:00
Simon Charette 37e6c5b79b Refs #25367 -- Moved conditional expression wrapping to the Exact lookup. 2019-11-21 11:56:35 +01:00
Simon Charette 306b687520 Refs #11964 -- Removed SimpleCol in favor of Query(alias_cols).
This prevent having to pass simple_col through multiple function calls
by defining whether or not references should be resolved with aliases
at the Query level.
2019-11-21 11:56:35 +01:00
Jon Dufresne f5ebdfce5c Fixed #25388 -- Added an option to allow disabling of migrations during test database creation. 2019-11-20 20:42:38 +01:00
Hasan Ramezani 0284a26af9 Fixed #30981 -- Fixed admin changelist crash when using F() or OrderBy() expressions in admin_order_field. 2019-11-19 15:40:04 +01:00
Daniel Izquierdo 89abecc75d Fixed #27272 -- Added an on_delete RESTRICT handler to allow cascading deletions while protecting direct ones. 2019-11-19 10:55:05 +01:00
Daniel Izquierdo 4e1d809aa5 Refs #27272 -- Added Collector.add_dependency(). 2019-11-19 10:49:47 +01:00
Caio Ariede 555bebe774 Fixed #30987 -- Added models.PositiveBigIntegerField. 2019-11-19 09:34:11 +01:00
Jon Dufresne aa12cf07c9 Removed unnecessary numeric indexes in format strings. 2019-11-19 08:29:47 +01:00
Sergey Fedoseev f95b59a1b3 Fixed #30994 -- Added Oracle support for AsGeoJSON GIS function. 2019-11-18 15:32:44 +01:00
Jon Dufresne 57a3d96ff5 Replaced unnecessary str()/bytes() calls with literals. 2019-11-18 15:30:10 +01:00
Jon Dufresne e649d691f8 Removed unnecessary parentheses in various code. 2019-11-18 15:25:59 +01:00
Simon Charette 11e327a3ff Fixed #30988 -- Deprecated the InvalidQuery exception.
It was barely documented without pointers at its defining location and
was abused to prevent misuse of the QuerySet field deferring feature.
2019-11-18 14:06:51 +01:00
Baptiste Mispelon cbe4d6203f Fixed #30989 -- Removed unimplemented B time format.
It's never been documented and has always raised a NotImplementedError.
2019-11-18 12:50:41 +01:00
Baptiste Mispelon 5e2839f320 Simplified DateFormat.W() and z(). 2019-11-18 11:30:23 +01:00
Baptiste Mispelon 1185c6172b Fixed #30990 -- Fixed example output in 'z' date format docs. 2019-11-18 11:30:20 +01:00
Simon Charette 3ca77e2b84 Replaced QueryWrapper single usage with RawSQL. 2019-11-18 10:45:24 +01:00
Mariusz Felisiak 8685e764ef Fixed #30986 -- Fixed queryset crash when filtering against boolean RawSQL expressions on Oracle. 2019-11-18 08:50:09 +01:00
Hasan Ramezani 530dd193f2 Fixed #29808 -- Fixed initial migration detection when identifiers are case-insensitive.
Thanks Simon Charette for the review.
2019-11-15 09:01:30 +01:00
Hasan Ramezani d0c86a1df4 Refs #29808 -- Optimized MigrationExecutor.detect_soft_applied().
Use set() for iterables used only for containment checks. Simplify
column checks O(n) instead of O(2n).

Thanks Simon Charette for an idea.
2019-11-15 08:05:26 +01:00
Dulmandakh 24b9f50823 Fixed #29916 -- Added lower_inc, lower_inf, upper_inc, and upper_inf lookups for RangeFields.
Co-Authored-By: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2019-11-14 22:27:29 +01:00
daniel a rios efc3e32d6d Fixed #30759 -- Made cache.delete() return whether it succeeded.
Thanks Simon Charette for the review.
2019-11-14 11:14:11 +01:00
Mariusz Felisiak 6e99585c19 Fixed #30941 -- Reverted "Simplified AuthenticationMiddleware a bit."
This reverts commit 2f010795e6.
2019-11-13 16:33:25 +01:00
George Marshall 8be79984dc Fixed #30971 -- Prevented Query.resolve_lookup_value() from coercing list values to tuples.
Regression in 8a281aa7fe.
2019-11-13 08:27:26 +01:00
Hasan Ramezani 4b78546ef1 Fixed #30405 -- Fixed source code mismatch crash in ExceptionReporter. 2019-11-12 11:31:12 +01:00
Hasan Ramezani e8de188c06 Refs #30405 -- Added ExceptionReporter._get_source(). 2019-11-12 09:44:23 +01:00
Hasan Ramezani 4cec3cc82a Fixed #30977 -- Optimized PasswordResetForm.save() a bit.
Moved site variables assignment outside of the loop.
2019-11-11 10:40:04 +01:00
Hasan Ramezani 153c7956f8 Fixed #24858 -- Added support for get_FOO_display() to ArrayField and RangeFields.
_get_FIELD_display() crashed when Field.choices was unhashable.
2019-11-08 10:59:24 +01:00
Hannes Ljungberg 6d590bcf1f Fixed #30961 -- Fixed spaces in columns list SQL generated for indexes. 2019-11-08 08:52:47 +01:00
Nick Pope 02983c5242 Fixed #30943 -- Added BloomIndex to django.contrib.postgres. 2019-11-07 11:23:53 +01:00
Jon Dufresne 26554cf5d1 Fixed #29983 -- Replaced os.path() with pathlib.Path in project template and docs.
Thanks Curtis Maloney for the original patch.
2019-11-07 11:11:27 +01:00
Jon Dufresne 77aa74cb70 Refs #29983 -- Added support for using pathlib.Path in all settings. 2019-11-07 10:26:22 +01:00
Mariusz Felisiak 4c45b627f8 Removed unused import of ACTION_CHECKBOX_NAME in django.contrib.admin.
Unused since e651b3095c.
2019-11-06 12:49:42 +01:00
Jon Dufresne fbbff7f808 Refs #29983 -- Added pathlib.Path support to the file email backend. 2019-11-06 09:33:07 +01:00
Jon Dufresne edeec1247e Passed strict=True to Path.resolve() to enforce that the path must exist. 2019-11-05 14:22:20 +01:00
Hasan Ramezani 47379d027b Fixed #30095 -- Fixed system check for RangeField/ArrayField.choices with lists and tuples. 2019-11-05 11:48:44 +01:00
Hasan Ramezani dc60597eb6 Refs #30095 -- Added Field._choices_is_value().
This allows fields classes to override the validation of choices'
values.
2019-11-05 11:48:44 +01:00
Mariusz Felisiak a20ea33ca6
Fixed DatabaseFeatures.has_select_for_update_nowait on MariaDB 10.3+.
Thanks Kola Erinoso for the report.
2019-11-05 10:18:47 +01:00
Jon Dufresne b9fe7f9294 Fixed #30947 -- Changed tuples to lists in model Meta options in django.contrib modules.
The Django "Model Meta options" docs provide examples and generally
point the reader to use lists for the unique_together and ordering
options. Follow our own advice for contrib models.

More generally, lists should be used for homogeneous sequences of
arbitrary lengths of which both unique_together and ordering are.
2019-11-05 08:16:31 +01:00
bedilbek 09a00c60bd Added Uzbek locale formats. 2019-11-04 14:50:55 +01:00
Claude Paroz 6ccb1b68bc Added Uzbek language. 2019-11-04 14:50:00 +01:00
Nick Pope 7286eaf681 Refs #13312 -- Simplified handling of nulls ordering on MySQL.
MySQL & MariaDB support the standard IS NULL and IS NOT NULL so
the same workaround used for NULLS FIRST and NULLS LAST that is
used for SQLite < 3.30.0 can be used.

Thanks Simon Charette for the discussion.
2019-11-04 14:47:58 +01:00
Jon Dufresne 607004f81a Simplified consecutive calls to pathlib.Path.parent. 2019-11-04 09:59:34 +01:00
Carlton Gibson 2d38eb0ab9 Fixed #30931 -- Restored ability to override Model.get_FIELD_display().
Thanks Sergey Fedoseev for the implementation idea.

Regression in a68ea23101.
2019-11-04 07:55:34 +01:00
Simon Charette a699595fce Refs #13312 -- Removed unnecessary IF wrapping in nulls_last handling on MySQL.
ISNULL function already returns 0 and 1 on MySQL.
2019-10-31 20:17:04 +01:00
Mariusz Felisiak a9bd01d363
Refs #30095 -- Simplified Field._check_choices() a bit.
Using an internal is_value() hook to check whether Field.choices
is iterable is misleading.
2019-10-31 20:04:47 +01:00
Sky 3cf907c20c Fixed #30761 -- Prevented floatformat filter from returning a negative zero. 2019-10-31 10:48:35 +01:00
Hasan Ramezani 17752003a8 Refs #28428 -- Made FileSystemStorage.save() to support pathlib.Path. 2019-10-31 09:06:05 +01:00
Simon Charette 377c7cb2f7 Refs #23576 -- Disabled MySQL multi-alias deletion path on MariaDB 10.3.2+. 2019-10-31 08:14:30 +01:00
Felipe Lee c2c27867ef Refs #20456 -- Moved initialization of HEAD method based on GET to the View.setup() for generic views.
This will ease unit testing of views since setup will essentially do
everything needed to set the view instance up (other than instantiating
it). Credit for idea goes to Vincent Prouillet.
2019-10-30 14:43:52 +01:00
Hasan Ramezani 6315a272c5 Refs #28428 -- Made filepath_to_uri() support pathlib.Path. 2019-10-30 13:13:15 +01:00
Sergey Fedoseev 2f010795e6 Simplified AuthenticationMiddleware a bit.
SimpleLazyObject already caches value in _wrapped.
2019-10-29 13:20:13 +01:00
Erwin Junge a6cb8ec389 Fixed #30922 -- Fixed ModelAdmin.date_hierarchy queries with DST changes.
There was an issue where admin date_hierarchy didn't render last day of
a month in DST-switch month.
2019-10-29 11:21:03 +01:00
Hasan Ramezani e3d0b4d550 Fixed #30899 -- Lazily compiled import time regular expressions. 2019-10-29 09:22:26 +01:00
Hasan Ramezani 39a34d4bf9 Refs #30899 -- Made _lazy_re_compile() support bytes. 2019-10-29 09:14:24 +01:00
Hasan Ramezani c4cba148d8 Refs #30899 -- Moved _lazy_re_compile() to the django.utils.regex_helper. 2019-10-29 09:14:24 +01:00
Hasan Ramezani 52cb419072 Fixed #30918 -- Made timesince()/timeuntil() respect custom time strings for future and the same datetimes. 2019-10-28 12:28:18 +01:00
Pavel Dedik 711a7d4d50 Fixed #30907 -- Fixed SplitArrayField.has_changed() with removal of empty trailing values. 2019-10-28 10:32:34 +01:00
Pavel Dedik bcfbb71c63 Refs #30907 -- Added SplitArrayField._remove_trailing_nulls() hook. 2019-10-28 10:32:09 +01:00
Sergey Fedoseev 6bbf9a20e2 Fixed #29770 -- Added LinearRing.is_counterclockwise property. 2019-10-25 14:28:26 +02:00
Carlton Gibson 24e540fbd7 Fixed #29087 -- Added delete buttons for unsaved admin inlines on validation error. 2019-10-25 13:28:08 +02:00
Carlton Gibson 6ea3aadd17 Refs #29087 -- Refactored admin inlines.js.
Split logic into separate functions to clarify and allow reuse.
2019-10-25 13:28:08 +02:00
Carlton Gibson dbcd7b064e Fixed #30902 -- Added __str__() for model choice enums.
Allows expected behavior when cast to str, also matching behaviour of
created instances with those fetched from the DB.

Thanks to Simon Charette, Nick Pope, and Shai Berger for reviews.
2019-10-25 09:19:56 +02:00
Nick Pope 55df1750be Refs #30897 -- Added support for ANALYZE option to Queryset.explain() on MariaDB and MySQL 8.0.18+. 2019-10-24 15:13:26 +02:00
Nick Pope 742961332e Refs #30897 -- Added support for TREE format to Queryset.explain() on MySQL 8.0.16+. 2019-10-24 15:13:23 +02:00
Simon Charette 7acef095d7 Fixed #23576 -- Implemented multi-alias fast-path deletion in MySQL backend.
This required moving the entirety of DELETE SQL generation to the
compiler where it should have been in the first place and implementing
a specialized compiler on MySQL/MariaDB.

The MySQL compiler relies on the "DELETE table FROM table JOIN" syntax
for queries spanning over multiple tables.
2019-10-24 12:24:53 +02:00
Mariusz Felisiak e645f27907
Fixed DatabaseFeatures.update_can_self_select on MariaDB 10.3.2+. 2019-10-24 12:18:13 +02:00
Hannes Ljungberg fa5f3291e7 Fixed #30903 -- Fixed migrations crash on PostgreSQL when adding Index with opclasses and ordering. 2019-10-24 09:33:14 +02:00
Nick Pope 6e9189c080 Refs #30897 -- Added test for SETTINGS option to Queryset.explain() on PostgreSQL 12+. 2019-10-23 14:07:18 +02:00
Dan Moore bc94e3c1a2 Fixed #29919 -- Fixed RelatedOnlyFieldListFilter crash with reverse relationships. 2019-10-23 10:50:31 +02:00
Sergey Fedoseev 0315c18fe1 Refs #26601 -- Removed obsolete workarounds for MIDDLEWARE_CLASSES setting. 2019-10-23 08:18:48 +02:00
Sergey Fedoseev 909c59f290 Fixed typo in XViewMiddleware.process_view() docstring. 2019-10-22 14:30:52 +02:00
Sergey Fedoseev af8dbbe0d5 Updated link to GEOS C API header. 2019-10-21 15:25:49 +02:00
Alex Aktsipetrov 681f7e2b13 Fixed #20577 -- Deferred filtering of prefetched related querysets.
Added internal interface to QuerySet that allows to defer next filter
call till .query is accessed. Used it to optimize prefetch_related().

Thanks Simon Charette for the review.
2019-10-21 13:21:54 +02:00
Alex Aktsipetrov 70d8146986 Adjusted QuerySet._filter_or_exclude() call to use negated=False, rather than None.
None was a remnant from the times _filter_or_exclude accepted
qtype/mapper as the first arg.
2019-10-21 12:45:17 +02:00
Ahmet Kucuk 09578f6dfb Fixed #30827 -- Made batch_size arg of QuerySet.bulk_create() respect DatabaseOperations.bulk_batch_size().
Thanks Chetan Khanna for tests.
2019-10-21 11:46:44 +02:00
André Ericson 3120490912 Fixed #30876 -- Moved classproperty() decorator to the django.utils.functional. 2019-10-21 09:57:39 +02:00
André Ericson 31174031f1 Fixed #30841 -- Deprecated using non-boolean values for isnull lookup. 2019-10-21 08:44:20 +02:00
Pavel Savchenko 1711c509fa Fixed #27391 -- Implemented SimpleTestCase.debug().
debug() should bubbled up exceptions if occurring in test, but behave
the same as run() when no exceptions occurred.
2019-10-18 12:22:51 +02:00
Patrick Jenkins 46e74a5256 Fixed #28337 -- Preserved extra headers of requests made with django.test.Client in assertRedirects().
Co-Authored-By: Hasan Ramezani <hasan.r67@gmail.com>
2019-10-18 08:42:51 +02:00
Mariusz Felisiak 3a8af298b9 Fixed #30890 -- Added MariaDB support for the relate lookup. 2019-10-18 07:46:31 +02:00
Hasan Ramezani ef4beafa2c Refs #28816 -- Prevented silencing data loss when decreasing CharField.max_length for ArrayField.base_field on PostgreSQL. 2019-10-17 12:50:53 +02:00
sage 6f82df69ef Refs #12990 -- Moved CheckFieldDefaultMixin to the django.db.models.fields.mixins. 2019-10-17 12:30:29 +02:00
Mariusz Felisiak 187a64608d Fixed #30885 -- Dropped support for MariaDB 10.1. 2019-10-16 18:40:48 +02:00
Mariusz Felisiak 4a849b6701
Fixed #30859 -- Fixed DatabaseFeatures.supports_aggregate_filter_clause on SQLite 3.30.1+. 2019-10-15 20:55:49 +02:00
Carlton Gibson 1de9a92295 Fixed #30872 -- Improved unknown command message when settings are manually configured. 2019-10-15 13:04:32 +02:00
Mariusz Felisiak 06d34aab7c Fixed #30870 -- Fixed showing that RunPython operations are irreversible by migrate --plan.
Thanks Hasan Ramezani for the initial patch and Kyle Dickerson for the
report.
2019-10-14 11:13:27 +02:00
Simon Charette 2839659b42 Fixed #30868 -- Prevented unnecessary AlterField when renaming a referenced pk.
Regression introduced by dcdd219ee1, refs #25817.

Thanks Carlos E. C. Leite for the report and Mariusz for the bisect.
2019-10-14 08:02:26 +02:00
Etienne Chové e7cdb0cd7e Fixed #30014 -- Fixed ModelChoiceField validation when initial value is a model instance.
Thanks Carlton Gibson for reviews.
2019-10-11 13:28:09 +02:00
Louise Grandjonc 7d1bf29977 Fixed #30826 -- Fixed crash of many JSONField lookups when one hand side is key transform.
Regression in 6c3dfba892.
2019-10-11 10:55:22 +02:00
Hasan Ramezani 6a75cea76a Fixed #30854 -- Fixed QuerySet.select_related() with multiple FilteredRelations. 2019-10-11 08:10:48 +02:00
Hasan Ramezani e1ae2b0050 Refs #30854 -- Moved local_setter() outside the loop in SQLCompiler.get_related_selections(). 2019-10-11 08:07:07 +02:00
Flavio Curella ed112fadc1 Fixed #23755 -- Added support for multiple field names in the no-cache Cache-Control directive to patch_cache_control().
https://tools.ietf.org/html/rfc7234#section-5.2.2.2
2019-10-10 19:30:51 +02:00
Viktor Lomakin ee6b17187f Fixed #30812 -- Made ConditionalGetMiddleware set ETag only for responses with non-empty content. 2019-10-10 09:51:05 +02:00
Benjy Weinberger 3cd3bebe89 Fixed #30300 -- Allowed migrations to be loaded from directories without __init__.py file. 2019-10-10 08:31:41 +02:00
Mariusz Felisiak 02c63b8f2f
Refs #26608 -- Fixed DatabaseFeatures.supports_frame_range_fixed_distance on SQLite 3.28+, MariaDB 10.2+, and MySQL 8.0.2+. 2019-10-09 13:07:50 +02:00
Simon Charette 8b10357854 Fixed #30860 -- Disabled unneeded NULLS FIRST/LAST workaround on SQLite 3.30+. 2019-10-09 10:47:49 +02:00
Simon Charette 26c66f4519 Fixed #30856 -- Combined fast-delete queries by model during cascade deletion.
Reduced the number of queries required when performing cascade deletion
for a model referenced multiple time by another one by performing an
union of reference lookups.
2019-10-09 09:49:53 +02:00
Simon Charette 44522d1036 Made Collector.collect() return immediately for disabled related collection. 2019-10-09 09:49:53 +02:00
Simon Charette 832aa08afe Used defaultdict in deletion.Collector. 2019-10-09 09:49:27 +02:00
Alex Gaynor 04ac9b45a3 Improved performance of django.template.base.Parser.
pop(0), which is used to fetch each token, is O(n) in the length of the
list. By reversing the list and operating off the end, we can perform
next_token(), prepend_token(), and delete_first_token() in constant
time.
2019-10-09 08:33:16 +02:00
Hasan Ramezani a28d1b38e5 Fixed #30839 -- Fixed Field.__deepcopy__() so forms don't share error messages. 2019-10-08 10:07:05 +02:00
Hasan Ramezani 6452112640 Refs #27914 -- Fixed serialization of nested enum.Enum classes in migrations. 2019-10-03 08:39:30 +02:00
Min ho Kim 103a6f4307 Fixed some typos in comments and docs.
Thanks to Mads Jenson for review.
2019-10-02 15:50:46 +02:00
Mariusz Felisiak 02ba48bc23 Removed redundant names in django.db.models.functions.__all__. 2019-10-02 13:07:14 +02:00
Anatol Ulrich 8ed6788aa4 Fixed #30821 -- Added ExtractIsoWeekYear database function and iso_week_day lookup. 2019-10-02 10:41:34 +02:00
Tanner Stirrat 17595407ca Fixed #14218 -- Added Paginator.__iter__(). 2019-10-02 09:49:31 +02:00
ElizabethU 54ea290e5b Fixed #30651 -- Made __eq__() methods return NotImplemented for not implemented comparisons.
Changed __eq__ to return NotImplemented instead of False if compared to
an object of the same type, as is recommended by the Python data model
reference. Now these models can be compared to ANY (or other objects
with __eq__ overwritten) without returning False automatically.
2019-10-01 17:58:19 +02:00
Mariusz Felisiak 67e7dffe95 Fixed typo in BulkInsertMapper constant name. 2019-10-01 14:46:10 +02:00
Ahmet Kucuk dc890bef5a Fixed #30510 -- Fixed crash of QuerySet.bulk_create() with mixed-length texts on Oracle.
Text with more than 4000 characters must be set to as a CLOB on Oracle
what caused a mixed datatype error (ORA-01790) when shorter text
appeared in the same operation.
2019-10-01 12:38:58 +02:00
Ad Timmering 7b5f8acb9e Fixed #28690 -- Fixed handling of two-digit years in parse_http_date().
Due to RFC7231 ayear that appears to be more than 50 years in the
future are interpreted as representing the past.
2019-09-30 14:42:56 +02:00
Hasan Ramezani f0adf3b9b7 Fixed #30774 -- Made serialization in migrations use members names for Enums. 2019-09-30 10:28:05 +02:00
pablo fa8fe09e4e Fixed #30802 -- Prevented manifest creation when running collectstatic in dry run mode. 2019-09-27 23:01:41 +02:00
Hasan Ramezani 95a11578ce Fixed #30798 -- Fixed Meta.ordering validation for pk of related fields.
Regression in 440505cb2c.
2019-09-27 14:22:31 +02:00
Hasan Ramezani c7944628a1 Refs #30798 -- Prevented chaining fields from the same related model multiple times in model Meta.ordering. 2019-09-27 13:57:22 +02:00
Oleg Kainov c574bec092 Fixed #25598 -- Added SCRIPT_NAME prefix to STATIC_URL and MEDIA_URL set to relative paths.
Thanks Florian Apolloner for reviews.

Co-authored-by: Joel Dunham <Joel.Dunham@technicalsafetybc.ca>
2019-09-25 19:47:03 +02:00
Mariusz Felisiak 580e644f24
Fixed #30800 -- Fixed migrations crash when altering a field with custom db_type().
Regression in 1378d665a1.
2019-09-25 12:32:24 +02:00
Mads Jensen 129583a0d3 Removed some outdated backwards compatibility imports and misleading comments.
EmptyResultSet moved in 46509cf13d.
FieldDoesNotExist moved in 8958170755.
BoundField and pretty_name moved in 8550161e53.
EMPTY_VALUES moved in 471596fc1a.
BaseRunserverCommand moved in 5c53e30607.
2019-09-24 15:18:53 +02:00
Mariusz Felisiak 01104368ff Refs #29444 -- Removed redundant DatabaseFeatures.can_return_multiple_columns_from_insert.
Unnecessary since b31e63879e.
2019-09-24 10:37:22 +02:00
Johannes Hoppe b31e63879e Fixed #29444 -- Allowed returning multiple fields from INSERT statements on Oracle. 2019-09-24 10:22:43 +02:00
Simon Charette 37f8f29377 Fixed #30796 -- Prevented select_related() from mutating a queryset on chaining.
Thanks Darren Maki for the report.
2019-09-24 09:17:45 +02:00
Hasan Ramezani f97bbad908 Fixed #13296 -- Fixed ordering by Options.order_with_respect_to after deleting objects.
Thanks Simon Meers for the original patch.
2019-09-23 11:20:37 +02:00
Ian Foote d9881a025c Fixed #29915 -- Added support for values with hyphens to pattern lookups for UUIDField on backends without UUID datatype.
Support hyphens in iexact, contains, icontains, startswith, istartswith,
endswith and iendswith UUIDField filters on backends without UUID
datatype.
2019-09-23 08:24:08 +02:00
Hasan Ramezani 226ebb1729 Fixed #28622 -- Allowed specifying password reset link expiration in seconds and deprecated PASSWORD_RESET_TIMEOUT_DAYS. 2019-09-20 13:52:04 +02:00
James Timmins 0719edcd5f Fixed #30771 -- Fixed exact lookup against queries with selected columns.
Use pre-existing select fields (and thereby GROUP BY fields) from
subquery if they were specified, instead of always defaulting to pk.

Thanks Aur Saraf for the report and Simon Charette for guidance.
2019-09-20 10:42:14 +02:00
Andrew 3346b78a8a Fixed #30786 -- Used CONVERT_TZ to check if the time zone definitions are installed on MySQL.
Replaced a timezone check in the MySQL backend with one that doesn't
require access to the mysql.time_zone database.
2019-09-20 08:17:27 +02:00
Daniel Fairhead 5cb3ed187b Fixed #30772 -- Optimized make_template_fragment_key().
Removed usage of urllib.quote(), unnecessary since cbbe60c7fc.
Used hasher's .update() on key fragments.
2019-09-18 14:53:05 +02:00
Sam Reynolds 6c9778a58e Fixed #30776 -- Restored max length validation on AuthenticationForm.UsernameField.
Regression in 5ceaf14686.

Thanks gopackgo90 for the report and Mariusz Felisiak for tests.
2019-09-18 11:37:38 +02:00
Min ho Kim b1d6b35e14 Fixed #30725 -- Fixed width of DateTimeField inputs in admin tabular inline.
"width" of DateTimeField inputs in admin tabular inline wasn't set
correctly what caused displaying too small inputs with responsive CSS
when timezone warning wasn't present.
2019-09-17 14:30:33 +02:00
Nasir Hussain faf4b988fe Fixed #30758 -- Made RangeFields use multiple hidden inputs for initial data. 2019-09-17 12:08:49 +02:00
Hasan Ramezani b9db423d3c Fixed #29376 -- Allowed hiding "Save and Add Another" button in admin. 2019-09-16 11:37:09 +02:00
Simon Charette 6c3dfba892 Fixed #30769 -- Fixed a crash when filtering against a subquery JSON/HStoreField annotation.
This was a regression introduced by 7deeabc7c7
to address CVE-2019-14234.

Thanks Tim Kleinschmidt for the report and Mariusz for the tests.
2019-09-16 08:24:40 +02:00
Carlton Gibson b5db65c4fb Increased the default PBKDF2 iterations for Django 3.1. 2019-09-12 17:24:01 +02:00
Adnan Umer 241deed259 Fixed #30591 -- Fixed recreation of foreign key constraints on MySQL when altering type of referenced unique field.
Thanks Mariusz Felisiak for tests and Matthijs Kooijman for
investigation and initial patch.
2019-09-11 11:21:08 +02:00
Mads Jensen b616908ce1 Used Statement in PostGISSchemaEditor._create_index_sql(). 2019-09-11 07:51:31 +02:00
Mariusz Felisiak 9a2a12d415 Advanced deprecation warnings for Django 3.1. 2019-09-10 12:01:00 +02:00
Mariusz Felisiak 0ddb4ebf7b Refs #14357 -- Made Meta.ordering not affect GROUP BY queries.
Per deprecation timeline.
2019-09-10 12:01:00 +02:00
Mariusz Felisiak d17be88afd Refs #30037 -- Required the RemoteUserBackend.configure_user() to have request as the first positional argument.
Per deprecation timeline.
2019-09-10 12:01:00 +02:00
Mariusz Felisiak b61ea56789 Refs #28478 -- Removed support for TestCase's allow_database_queries and multi_db per deprecation timeline. 2019-09-10 12:01:00 +02:00
Mariusz Felisiak f1894bae30 Refs #28606 -- Removed CachedStaticFilesStorage per deprecation timeline. 2019-09-10 12:01:00 +02:00
Mariusz Felisiak 81993b47ea Refs #29703 -- Removed QuerySetPaginator alias per deprecation timeline. 2019-09-10 12:01:00 +02:00
Mariusz Felisiak cb2be9d5d5 Refs #29546 -- Removed django.utils.timezone.FixedOffset per deprecation timeline. 2019-09-10 12:01:00 +02:00
Mariusz Felisiak 3d716467a9 Refs #29817 -- Removed settings.FILE_CHARSET per deprecation timeline. 2019-09-10 12:01:00 +02:00
Mariusz Felisiak b47bb4c4a7 Refs #29598 -- Removed FloatRangeField per deprecation timeline. 2019-09-10 12:01:00 +02:00
Mariusz Felisiak 0f2f517298 Bumped version; master is now 3.1 pre-alpha. 2019-09-10 11:54:25 +02:00
Simon Charette 34decdebf1 Fixed #30754 -- Prevented inclusion of aliases in partial index conditions.
SQLite doesn't repoint table aliases in partial index conditions on table
rename which breaks the documented table alteration procedure.

Thanks Pēteris Caune for the report.
2019-09-10 10:03:16 +02:00
Vojtech Bocek b1d37fea8f Fixed #28107 -- Added DatabaseFeatures.allows_group_by_selected_pks_on_model() to allow enabling optimization for unmanaged models. 2019-09-09 14:04:46 +02:00
Nick Pope 406dba04e1 Fixed #29406 -- Added support for Referrer-Policy header.
Thanks to James Bennett for the initial implementation.
2019-09-09 13:35:41 +02:00
Johannes Hoppe 7254f1138d Refs #29444 -- Allowed returning multiple fields from INSERT statements on PostgreSQL.
Thanks Florian Apolloner, Tim Graham, Simon Charette, Nick Pope, and
Mariusz Felisiak for reviews.
2019-09-09 10:51:14 +02:00
Johannes Hoppe 736e7d44de Refs #29444 -- Fixed DateField constructor in db.backends.oracle.utils.InsertVar. 2019-09-09 10:51:07 +02:00
Nick Pope b6251956b6 Fixed #30757 -- Added a system check to ensure max_length fits the longest choice. 2019-09-09 10:28:18 +02:00
Claude Paroz 05d0eca635 Fixed #30426 -- Changed X_FRAME_OPTIONS setting default to DENY. 2019-09-09 08:15:26 +02:00
Claude Paroz 5495ea3ae0 Updated translation catalogs 2019-09-08 17:35:32 +02:00
Mariusz Felisiak addabc492b
Fixed DatabaseFeatures.can_introspect_check_constraints on MariaDB < 10.2.22, 10.3.0 - 10.3.9.
Regression in e2c6a0858d.
2019-09-06 11:53:54 +02:00
Hasan Ramezani 6c379f1a18 Fixed #30763 -- Fixed management commands when using required mutually exclusive groups. 2019-09-06 10:55:24 +02:00
Mariusz Felisiak e2c6a0858d Fixed #30750 -- Added support for check constraints on MySQL 8.0.16+. 2019-09-05 09:18:34 +02:00
Shai Berger 72ebe85a26 Fixed #27910 -- Added enumeration helpers for use in Field.choices.
These classes can serve as a base class for user enums, supporting
translatable human-readable names, or names automatically inferred
from the enum member name.

Additional properties make it easy to access the list of names, values
and display labels.

Thanks to the following for ideas and reviews:

Carlton Gibson, Fran Hrženjak, Ian Foote, Mariusz Felisiak, Shai Berger.

Co-authored-by: Shai Berger <shai@platonix.com>
Co-authored-by: Nick Pope <nick.pope@flightdataservices.com>
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2019-09-04 14:42:49 +02:00
Nasir Hussain 25706d7285 Fixed #29714 -- Allowed using ExceptionReporter subclass with AdminEmailHandler. 2019-09-04 08:40:46 +02:00
Viktor Lomakin 5931d2e96a Fixed #30691 -- Made migrations autodetector find dependencies for foreign keys altering. 2019-09-03 14:45:49 +02:00
Johannes Hoppe 003bb34b21 Refs #29444 -- Made db.backends.oracle.utils.InsertVar use str as default. 2019-09-03 10:34:55 +02:00
Carlton Gibson 4f61810751 Fixed #30747 -- Renamed is_safe_url() to url_has_allowed_host_and_scheme(). 2019-09-02 15:32:23 +02:00
Simon Charette 13a8884a08 Fixed #30739 -- Fixed exclusion of multi-valued lookup against outer rhs.
OuterRef right hand sides have to be nested, just like F rhs have to,
during the subquery pushdown split_exclude performs to ensure they are
resolved against the outer query aliases.
2019-09-02 10:52:36 +02:00
Simon Charette 600628f8f0 Refs #28442 -- Adjusted related lookups handling of expression rhs.
Expressions should never be prepared as other Lookup.get_prep_lookup
implementations hint at by returning early on the presence of the
resolve_expression attribute.

The previous solution was only handling lookups against related fields
pointing at AutoFields and would break for foreign keys to other fields.

It was also causing bidirectional coupling between model fields and
expressions which the method level import of OuterRef was a symptom of.
2019-09-02 10:52:36 +02:00
Nick Pope 999891bd80 Refs #29379 -- Moved autocomplete attribute to UsernameField.
Moving the autocomplete attribute into UsernameField allows this to work
for custom forms making use of UsernameField, removes some duplication
in the code, and keeps consistency with the autocapitalize attribute
that is already defined on UsernameField.
2019-09-02 10:50:56 +02:00
Alan Crosswell 03fa846c6a Fixed #30731 -- Fixed handling trailing groups in simplify_regex().
Previously simplify_regex() didn't handle trailing groups for regexp
without the end of string character ("$").
2019-08-30 12:43:39 +02:00
yukihira1992 0545781764 Fixed #30736 -- Added Storage.get_alternative_name() to allow customization. 2019-08-30 11:32:19 +02:00
Berker Peksag 400ec5125e Fixed #18763 -- Added ModelBackend/UserManager.with_perm() methods.
Co-authored-by: Nick Pope <nick.pope@flightdataservices.com>
2019-08-29 19:32:12 +02:00
daniel a rios b5a5c92c72 Fixed #30066 -- Enabled super user creation without email and password 2019-08-29 12:49:16 +02:00
Mariusz Felisiak d275fd04f3
Refs #25367 -- Simplified OrderBy and Lookup by using Case() instead of RawSQL() on Oracle.
Follow up to efa1908f66.
2019-08-29 11:56:12 +02:00
Matthew Schinckel 4137fc2efc Fixed #25367 -- Allowed boolean expressions in QuerySet.filter() and exclude().
This allows using expressions that have an output_field that is a
BooleanField to be used directly in a queryset filters, or in the
When() clauses of a Case() expression.

Thanks Josh Smeaton, Tim Graham, Simon Charette, Mariusz Felisiak, and
Adam Johnson for reviews.

Co-Authored-By: NyanKiyoshi <hello@vanille.bid>
2019-08-29 09:45:29 +02:00
Jon Dufresne a44d80f88e Adjusted subprocess.run() calls to use arg list, rather than string.
The Python docs recommend passing a sequence to subprocess.run() when
possible. Doing so allows for automatic escaping and quoting of
arguments.

https://docs.python.org/3/library/subprocess.html#frequently-used-arguments

> args is required for all calls and should be a string, or a sequence
> of program arguments. Providing a sequence of arguments is generally
> preferred, as it allows the module to take care of any required
> escaping and quoting of arguments (e.g. to permit spaces in file
> names).

Also removed `shell=True` where unnecessary.
2019-08-28 10:19:30 +02:00
Jon Dufresne 1e6b9e29e6 Refs #27795 -- Removed an unnecessary force_bytes() call in uri_to_iri().
The value returned from urllib.parse.quote() is always a string, so can
safely call .encode().
2019-08-28 09:20:46 +02:00
Federico Jaramillo Martínez 8f6860863e Fixed #30722 -- Added default rate-limiting requests to admin's Select2 widget. 2019-08-27 13:47:36 +02:00
Andrew Brown 691def10a0 Fixed #30727 -- Made Subquery pickle without evaluating their QuerySet.
Subquery expression objects, when pickled, were evaluating the QuerySet
objects saved in its _constructor_args attribute.
2019-08-27 13:05:20 +02:00
Hasan Ramezani 03dbdfd9bb Fixed #29019 -- Added ManyToManyField support to REQUIRED_FIELDS. 2019-08-26 14:48:40 +02:00
Mariusz Felisiak 579909a13f
Refs #30591 -- Fixed introspection of check and unique column constraints on MariaDB.
Unnamed unique and check columns constraints have the same name as
a column. Ensure uniqueness by using custom names.

Thanks Adnan Umer for the report.
2019-08-26 09:15:37 +02:00
Jon Dufresne d0861fcb2d Refs #23919 -- Replaced super(ASGIHandler, self) with super(). 2019-08-26 08:36:56 +02:00
Simon Charette bb9e82f274 Fixed #29955 -- Added support for distance expression to the dwithin lookup.
This was missed when adding support to other distance lookups in
refs #25499.

Thanks Peter Bex for the report and Mariusz for testcases.
2019-08-23 21:28:28 +02:00
Dulmandakh 06372a8d27 Fixed #30507 -- Updated admin's jQuery to 3.4.1. 2019-08-23 11:00:16 +02:00
Claude Paroz 9386586f31 Replaced subprocess commands by run() wherever possible. 2019-08-23 10:53:36 +02:00
Mariusz Felisiak 521308e575 Fixed #30715 -- Fixed crash of ArrayField lookups on ArrayAgg annotations over AutoField. 2019-08-23 10:43:08 +02:00
Mariusz Felisiak b1f669406f Reduced code duplication in ArrayField's lookups. 2019-08-23 10:43:08 +02:00
Carlton Gibson 5b4c6b58a0
Fixed #30064 -- Added form to validate admin search fields query input. 2019-08-22 14:09:49 +02:00
Nasir Hussain 6b16c91157 Fixed #30712 -- Allowed BLOB/TEXT defaults on MySQL 8.0.13+. 2019-08-22 12:23:10 +02:00
Mads Jensen 85ac838d9e Fixed #21039 -- Added AddIndexConcurrently/RemoveIndexConcurrently operations for PostgreSQL.
Thanks to Simon Charettes for review.

Co-Authored-By: Daniel Tao <daniel.tao@gmail.com>
2019-08-21 13:10:06 +02:00
Hasan Ramezani 22394bd3a1 Fixed #29667 -- Prohibited whitespaces in path() URLs. 2019-08-20 11:53:10 +02:00
Nick Pope 21e559495b Fixed #29979, Refs #17337 -- Extracted AutoField field logic into a mixin and refactored AutoFields.
This reduces duplication by allowing AutoField, BigAutoField and
SmallAutoField to inherit from IntegerField, BigIntegerField and
SmallIntegerField respectively. Doing so also allows for enabling the
max_length warning check and minimum/maximum value validation for auto
fields, as well as providing a mixin that can be used for other possible
future auto field types such as a theoretical UUIDAutoField.
2019-08-20 09:22:25 +02:00
Hasan Ramezani 85458e94e3 Fixed #29260 -- Skipped an UPDATE when adding a model instance with primary key that has a default. 2019-08-19 13:28:35 +02:00
Maaz Bin Tahir Saeed e9f74f53cc Fixed #30693 -- Removed separate import of os.path in django.core.management.templates. 2019-08-19 13:27:13 +02:00
Claude Paroz d1c2e6dd04 Refs #28428 -- Made FileField.upload_to support pathlib.Path. 2019-08-18 20:34:58 +02:00
Claude Paroz 0468159763 Refs #30426 -- Changed default SECURE_CONTENT_TYPE_NOSNIFF to True. 2019-08-18 13:17:49 +02:00
Simon Charette 8b4a43dda7 Fixed #29545 -- Fixed using filter lookups againts nested subquery expressions.
Made sql.Where resolve lhs of its child nodes. This is necessary to
allow filter lookups against nested subquery expressions to properly
resolve their OuterRefs to Cols.

Thanks Oskar Persson for the simplified test case.
2019-08-17 11:24:35 +02:00
Adnan Umer 6805c0f99f Fixed #30701 -- Updated patch_vary_headers() to handle an asterisk according to RFC 7231. 2019-08-16 15:25:42 +02:00
Adam Johnson 7da6a28a44 Fixed #27676 -- Allowed BLOB/TEXT defaults on MariaDB 10.2.1+. 2019-08-16 11:39:37 +02:00
Andrew Brown 8a281aa7fe Fixed #30687 -- Fixed using of OuterRef() expressions in distance lookups. 2019-08-16 06:50:33 +02:00
zeyneloz 8289fc55ff Refs #30449 -- Made RelatedOnlyFieldListFilter respect ModelAdmin.ordering. 2019-08-15 10:29:10 +02:00
zeyneloz 00035672a4 Fixed #30449 -- Fixed RelatedFieldListFilter/RelatedOnlyFieldListFilter to respect model's Meta.ordering.
Regression in 6d4e5feb79.

Co-Authored-By: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2019-08-15 10:29:05 +02:00
Mariusz Felisiak 1f8382d34d
Fixed #30672 -- Fixed crash of JSONField/HStoreField key transforms on expressions with params.
Regression in 4f5b58f5cd.

Thanks Florian Apolloner for the report and helping with tests.
2019-08-14 15:25:35 +02:00
Mads Jensen 0b8d911d28 Optimized Field.deconstruct() by using elif. 2019-08-14 10:50:31 +02:00
Claude Paroz eed2e740f7 Fixed #30461 -- Made GeoIP2 and GEOIP_PATH setting accept pathlib.Path as library path.
Thanks Nikita Krokosh for the initial patch.
2019-08-13 19:44:10 +02:00
Claude Paroz 88c0b907e7 Refs #30461 -- Added django.utils._os.to_path(). 2019-08-13 17:17:39 +02:00
Mariusz Felisiak c19ad2da4b
Fixed #30704 -- Fixed crash of JSONField nested key and index transforms on expressions with params.
Thanks Florian Apolloner for the report and helping with tests.
2019-08-13 08:42:17 +02:00
Simon Charette efa1908f66 Refs #25367 -- Moved Oracle Exists() handling to contextual methods.
Oracle requires the EXISTS expression to be wrapped in a CASE WHEN in
the following cases.

1. When part of a SELECT clause.
2. When part of a ORDER BY clause.
3. When compared against another expression in the WHERE clause.

This commit moves the systematic CASE WHEN wrapping of Exists.as_oracle
to contextual .select_format, Lookup.as_oracle, and OrderBy.as_oracle
methods in order to avoid unnecessary wrapping.
2019-08-13 06:48:14 +02:00
Simon Charette fff5186d32 Refs #25367 -- Moved select_format hook to BaseExpression.
This will expose an intermediary hook for expressions that need special
formatting when used in a SELECT clause.
2019-08-13 06:48:14 +02:00
Min ho Kim 4f7328ce8a Corrected multiple typos. 2019-08-12 12:53:36 +02:00
Simon Charette 088a6fab1c Refs #24793 -- Removed bogus connection argument from SQLCompiler.compile() calls.
The method doesn't expect a connection object to be passed as its second
argument.
2019-08-12 07:47:55 +02:00
Simon Charette 8b3e1b6e9e Refs #11964 -- Made constraint support check respect required_db_features.
This will notably silence the warnings issued when running the test
suite on MySQL.
2019-08-12 06:44:37 +02:00
Simon Charette 2fb872e56f Refs #23879 -- Made introspection respect required_db_features. 2019-08-12 06:33:46 +02:00
swatantra 73ac9e3f04 Fixed #30677 -- Improved error message for urlencode() and Client when None is passed as data. 2019-08-11 20:15:23 +02:00
Ngalim Siregar 503f60ff57 Fixed #29008 -- Fixed crash of 404 debug page when URL path converter raises Http404. 2019-08-09 22:48:08 +02:00
Jon Dufresne 5b57798513 Removed unnecessary StatAggregate.resolve_expression().
This method only calls the parent method, but without the for_save
argument. The parent class, Aggregate, already ignores the for_save
argument so there is no need for special handling.

Unnecessary since its introduction in e4cf8c8420.
2019-08-08 22:34:25 +02:00
Adnan Umer 8d3519071e Fixed #30673 -- Relaxed system check for db_table collision when database routers are installed by turning the error into a warning. 2019-08-08 21:14:06 +02:00
Min ho Kim 65e86948b8 Corrected several typos in string literals and test names. 2019-08-07 11:23:14 +02:00
Andrew Godwin 052388aba4 Fixed #30676 -- Added --pdb option to test runner. 2019-08-07 08:16:31 +02:00
Adnan Umer c5075360c5 Fixed #30680 -- Removed obsolete system check for SECURE_BROWSER_XSS_FILTER setting. 2019-08-05 18:44:08 +02:00
Mariusz Felisiak 05964b2198 Moved indexes in ArrayField's Index and Slice transforms to SQL params.
Follow up to 7deeabc7c7.

These lookups aren't vulnerable to SQL injection because both accept
only integer indexes. It is a part of good practices.
2019-08-05 14:16:35 +02:00
Diederik van der Boor 25f21bd237 Fixed #28393 -- Added helpful error messages for invalid AutoField/FloatField/IntegerField values.
Co-authored-by: Diederik van der Boor <vdboor@edoburu.nl>
Co-authored-by: Nick Pope <nick.pope@flightdataservices.com>
2019-08-05 08:41:29 +02:00
Nick Pope 4cf1f2f13e Simplified AlterModelTable by making it subclass ModelOptionOperation. 2019-08-02 18:19:55 +02:00
aaktsipetrov 4edad1ddf6 Fixed #30668 -- Made QuerySet.filter() raise NotSupportedError if any of source expressions is not filterable. 2019-08-02 15:06:00 +02:00
Nick Pope 194d1dfc18 Fixed #30661 -- Added models.SmallAutoField. 2019-08-02 11:39:01 +02:00
zeyneloz 955b382600 Fixed #30599 -- Prevented ManifestFilesMixin.read_manifest() from silencing errors other than FileNotFoundError. 2019-08-02 08:35:28 +02:00
Mariusz Felisiak d14fa04ab3 Removed obsolete mentions of a check constraint in BaseDatabaseSchemaEditor.add_constraint()/remove_constraint() docstrings. 2019-08-02 07:09:37 +02:00
Jon Dufresne e8d0d2a5ef Removed unneeded ValueError catching in django.utils.text._replace_entity().
The html.entities.name2codepoint dict contains only valid Unicode
codepoints. Either the key exists and chr() will succeed or the key does
not exist.
2019-08-01 14:30:20 +02:00
Mariusz Felisiak ff111ea5e3 Refs #30664 -- Fixed migrations crash when altering AutoField/BigAutoField with quoted db_column on PostgreSQL. 2019-08-01 12:06:32 +02:00
Ngalim Siregar e4684220af Fixed #30664 -- Fixed migrations crash when altering table on SQLite or altering AutoField/BigAutoField on PostgreSQL for models with quoted db_table. 2019-08-01 12:06:32 +02:00
Florian Apolloner 76ed1c49f8 Fixed CVE-2019-14235 -- Fixed potential memory exhaustion in django.utils.encoding.uri_to_iri().
Thanks to Guido Vranken for initial report.
2019-08-01 09:24:54 +02:00
Mariusz Felisiak 7deeabc7c7 Fixed CVE-2019-14234 -- Protected JSONField/HStoreField key and index lookups against SQL injection.
Thanks to Sage M. Abdullah for the report and initial patch.
Thanks Florian Apolloner for reviews.
2019-08-01 09:24:54 +02:00
Florian Apolloner 4b78420d25 Fixed CVE-2019-14233 -- Prevented excessive HTMLParser recursion in strip_tags() when handling incomplete HTML entities.
Thanks to Guido Vranken for initial report.
2019-08-01 09:24:54 +02:00
Florian Apolloner 7f65974f82 Fixed CVE-2019-14232 -- Adjusted regex to avoid backtracking issues when truncating HTML.
Thanks to Guido Vranken for initial report.
2019-08-01 09:24:54 +02:00
Carlton Gibson eea0bf7bd5 Refs #30669 -- Removed incorrect branch in ASGIHander.read_body().
None is not valid for settings.FILE_UPLOAD_MAX_MEMORY_SIZE.
Always use SpooledTemporaryFile.
2019-07-31 13:33:01 +02:00
Étienne Beaulé 5f24e7158e Fixed #30665 -- Added support for distinct argument to Avg() and Sum(). 2019-07-31 11:22:50 +02:00