zeyneloz
00035672a4
Fixed #30449 -- Fixed RelatedFieldListFilter/RelatedOnlyFieldListFilter to respect model's Meta.ordering.
...
Regression in 6d4e5feb79
.
Co-Authored-By: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2019-08-15 10:29:05 +02:00
Mariusz Felisiak
1f8382d34d
Fixed #30672 -- Fixed crash of JSONField/HStoreField key transforms on expressions with params.
...
Regression in 4f5b58f5cd
.
Thanks Florian Apolloner for the report and helping with tests.
2019-08-14 15:25:35 +02:00
Mads Jensen
0b8d911d28
Optimized Field.deconstruct() by using elif.
2019-08-14 10:50:31 +02:00
Claude Paroz
eed2e740f7
Fixed #30461 -- Made GeoIP2 and GEOIP_PATH setting accept pathlib.Path as library path.
...
Thanks Nikita Krokosh for the initial patch.
2019-08-13 19:44:10 +02:00
Claude Paroz
88c0b907e7
Refs #30461 -- Added django.utils._os.to_path().
2019-08-13 17:17:39 +02:00
Mariusz Felisiak
c19ad2da4b
Fixed #30704 -- Fixed crash of JSONField nested key and index transforms on expressions with params.
...
Thanks Florian Apolloner for the report and helping with tests.
2019-08-13 08:42:17 +02:00
Simon Charette
efa1908f66
Refs #25367 -- Moved Oracle Exists() handling to contextual methods.
...
Oracle requires the EXISTS expression to be wrapped in a CASE WHEN in
the following cases.
1. When part of a SELECT clause.
2. When part of a ORDER BY clause.
3. When compared against another expression in the WHERE clause.
This commit moves the systematic CASE WHEN wrapping of Exists.as_oracle
to contextual .select_format, Lookup.as_oracle, and OrderBy.as_oracle
methods in order to avoid unnecessary wrapping.
2019-08-13 06:48:14 +02:00
Simon Charette
fff5186d32
Refs #25367 -- Moved select_format hook to BaseExpression.
...
This will expose an intermediary hook for expressions that need special
formatting when used in a SELECT clause.
2019-08-13 06:48:14 +02:00
Min ho Kim
4f7328ce8a
Corrected multiple typos.
2019-08-12 12:53:36 +02:00
Simon Charette
088a6fab1c
Refs #24793 -- Removed bogus connection argument from SQLCompiler.compile() calls.
...
The method doesn't expect a connection object to be passed as its second
argument.
2019-08-12 07:47:55 +02:00
Simon Charette
8b3e1b6e9e
Refs #11964 -- Made constraint support check respect required_db_features.
...
This will notably silence the warnings issued when running the test
suite on MySQL.
2019-08-12 06:44:37 +02:00
Simon Charette
2fb872e56f
Refs #23879 -- Made introspection respect required_db_features.
2019-08-12 06:33:46 +02:00
swatantra
73ac9e3f04
Fixed #30677 -- Improved error message for urlencode() and Client when None is passed as data.
2019-08-11 20:15:23 +02:00
Ngalim Siregar
503f60ff57
Fixed #29008 -- Fixed crash of 404 debug page when URL path converter raises Http404.
2019-08-09 22:48:08 +02:00
Jon Dufresne
5b57798513
Removed unnecessary StatAggregate.resolve_expression().
...
This method only calls the parent method, but without the for_save
argument. The parent class, Aggregate, already ignores the for_save
argument so there is no need for special handling.
Unnecessary since its introduction in e4cf8c8420
.
2019-08-08 22:34:25 +02:00
Adnan Umer
8d3519071e
Fixed #30673 -- Relaxed system check for db_table collision when database routers are installed by turning the error into a warning.
2019-08-08 21:14:06 +02:00
Min ho Kim
65e86948b8
Corrected several typos in string literals and test names.
2019-08-07 11:23:14 +02:00
Andrew Godwin
052388aba4
Fixed #30676 -- Added --pdb option to test runner.
2019-08-07 08:16:31 +02:00
Adnan Umer
c5075360c5
Fixed #30680 -- Removed obsolete system check for SECURE_BROWSER_XSS_FILTER setting.
2019-08-05 18:44:08 +02:00
Mariusz Felisiak
05964b2198
Moved indexes in ArrayField's Index and Slice transforms to SQL params.
...
Follow up to 7deeabc7c7
.
These lookups aren't vulnerable to SQL injection because both accept
only integer indexes. It is a part of good practices.
2019-08-05 14:16:35 +02:00
Diederik van der Boor
25f21bd237
Fixed #28393 -- Added helpful error messages for invalid AutoField/FloatField/IntegerField values.
...
Co-authored-by: Diederik van der Boor <vdboor@edoburu.nl>
Co-authored-by: Nick Pope <nick.pope@flightdataservices.com>
2019-08-05 08:41:29 +02:00
Nick Pope
4cf1f2f13e
Simplified AlterModelTable by making it subclass ModelOptionOperation.
2019-08-02 18:19:55 +02:00
aaktsipetrov
4edad1ddf6
Fixed #30668 -- Made QuerySet.filter() raise NotSupportedError if any of source expressions is not filterable.
2019-08-02 15:06:00 +02:00
Nick Pope
194d1dfc18
Fixed #30661 -- Added models.SmallAutoField.
2019-08-02 11:39:01 +02:00
zeyneloz
955b382600
Fixed #30599 -- Prevented ManifestFilesMixin.read_manifest() from silencing errors other than FileNotFoundError.
2019-08-02 08:35:28 +02:00
Mariusz Felisiak
d14fa04ab3
Removed obsolete mentions of a check constraint in BaseDatabaseSchemaEditor.add_constraint()/remove_constraint() docstrings.
2019-08-02 07:09:37 +02:00
Jon Dufresne
e8d0d2a5ef
Removed unneeded ValueError catching in django.utils.text._replace_entity().
...
The html.entities.name2codepoint dict contains only valid Unicode
codepoints. Either the key exists and chr() will succeed or the key does
not exist.
2019-08-01 14:30:20 +02:00
Mariusz Felisiak
ff111ea5e3
Refs #30664 -- Fixed migrations crash when altering AutoField/BigAutoField with quoted db_column on PostgreSQL.
2019-08-01 12:06:32 +02:00
Ngalim Siregar
e4684220af
Fixed #30664 -- Fixed migrations crash when altering table on SQLite or altering AutoField/BigAutoField on PostgreSQL for models with quoted db_table.
2019-08-01 12:06:32 +02:00
Florian Apolloner
76ed1c49f8
Fixed CVE-2019-14235 -- Fixed potential memory exhaustion in django.utils.encoding.uri_to_iri().
...
Thanks to Guido Vranken for initial report.
2019-08-01 09:24:54 +02:00
Mariusz Felisiak
7deeabc7c7
Fixed CVE-2019-14234 -- Protected JSONField/HStoreField key and index lookups against SQL injection.
...
Thanks to Sage M. Abdullah for the report and initial patch.
Thanks Florian Apolloner for reviews.
2019-08-01 09:24:54 +02:00
Florian Apolloner
4b78420d25
Fixed CVE-2019-14233 -- Prevented excessive HTMLParser recursion in strip_tags() when handling incomplete HTML entities.
...
Thanks to Guido Vranken for initial report.
2019-08-01 09:24:54 +02:00
Florian Apolloner
7f65974f82
Fixed CVE-2019-14232 -- Adjusted regex to avoid backtracking issues when truncating HTML.
...
Thanks to Guido Vranken for initial report.
2019-08-01 09:24:54 +02:00
Carlton Gibson
eea0bf7bd5
Refs #30669 -- Removed incorrect branch in ASGIHander.read_body().
...
None is not valid for settings.FILE_UPLOAD_MAX_MEMORY_SIZE.
Always use SpooledTemporaryFile.
2019-07-31 13:33:01 +02:00
Étienne Beaulé
5f24e7158e
Fixed #30665 -- Added support for distinct argument to Avg() and Sum().
2019-07-31 11:22:50 +02:00
Nick Pope
f618e033ac
Fixed #30160 -- Added support for LZMA and XZ templates to startapp/startproject management commands.
2019-07-31 10:02:13 +02:00
Nick Pope
69a30f620e
Refs #30160 -- Simplified archive extension map and added other aliases.
2019-07-31 09:46:17 +02:00
Hasan Ramezani
e3fc9af4ab
Refs #30593 -- Fixed introspection of check constraints columns on MariaDB.
2019-07-30 16:32:13 +02:00
Hasan Ramezani
b2aad9ad4d
Refs #30593 -- Added _parse_constraint_columns() hook to introspection on MariaDB.
2019-07-30 16:32:13 +02:00
Nick Pope
0509148c24
Refs #30160 -- Made destination path a required argument of extract().
2019-07-30 11:27:56 +02:00
Jerrod Martin
c7bef16a74
Fixed #30411 -- Improved formatting of text tracebacks in technical 500 templates.
...
Co-Authored-By: Daniel Hahler <git@thequod.de>
2019-07-29 11:09:54 +02:00
Claude Paroz
3c6d32e0b2
Fixed #30552 -- Fixed loss of SRID when calling reverse() on LineString/Point.
...
Thanks Mariusz Felisiak for contributing the Point part.
2019-07-27 20:12:46 +02:00
Jon Dufresne
4122d9d3f1
Refs #28147 -- Fixed setting of OneToOne and Foreign Key fields to None when using attnames.
...
Regression in 519016e5f2
.
2019-07-27 12:04:56 +02:00
Piotr Domanski
4b4e68a7a6
Fixed #30567 -- Made WSGIHandler pass FileResponse.block_size to wsgi.file_wrapper.
2019-07-26 07:31:51 +02:00
Mariusz Felisiak
806ba19bbf
Added Query.is_sliced property.
...
Previously, we used Query.can_filter() mainly to check if a query is
sliced what was confusing.
2019-07-25 20:45:55 +02:00
Hasan Ramezani
1853383969
Fixed #27995 -- Added error messages on unsupported operations following union(), intersection(), and difference().
2019-07-25 12:39:55 +02:00
Jon Dufresne
5ed20b3aa3
Fixed #30657 -- Allowed customizing Field's descriptors with a descriptor_class attribute.
...
Allows model fields to override the descriptor class used on the model
instance attribute.
2019-07-25 08:15:20 +02:00
Jon Dufresne
93ffa81bc5
Refs #30657 -- Made DeferredAttribute.__init__() to take a field instance instead of a field name.
2019-07-25 07:24:52 +02:00
Tom Forbes
fc75694257
Fixed #30647 -- Fixed crash of autoreloader when extra directory cannot be resolved.
2019-07-24 14:08:37 +02:00
Mariusz Felisiak
fed5e19369
Removed unused BaseReloader.watch_file().
...
Unused since its introduction in c8720e7696
.
2019-07-24 13:32:02 +02:00
Jon Dufresne
d89053585e
Improved error message when index in __getitem__() is invalid.
2019-07-23 20:12:08 +02:00
Mariusz Felisiak
8d52a525c8
Refs #29548 -- Fixed DatabaseWrapper.display_name on MariaDB.
2019-07-23 13:34:06 +02:00
Tom Forbes
2ff517ccb6
Fixed #30506 -- Fixed crash of autoreloader when path contains null characters.
2019-07-23 10:03:23 +02:00
Jon Dufresne
60dc957a82
Removed unnecessary code in Model.__init__().
...
As is_related_object is True, the val variable is unused for the
remainder of the method.
Unnecessary since 53da1e4794
.
2019-07-23 07:45:07 +02:00
Georgi Yanchev
c6581a40be
Fixed #30644 -- Made introspection use pg_table_is_visible() instead of filtering by public schema on PostgreSQL.
2019-07-22 08:14:53 +02:00
Mariusz Felisiak
842fd620ff
Simplified get_key_columns()/get_relations() introspection methods for PostgreSQL.
2019-07-20 15:15:41 +02:00
Min ho Kim
9f11939dd1
Fixed typos in comments and a test name.
2019-07-19 18:24:06 +02:00
Hasan Ramezani
1fc2c70f76
Fixed #30593 -- Added support for check constraints on MariaDB 10.2+.
2019-07-19 11:05:06 +02:00
Mads Jensen
a3417282ac
Fixed #29824 -- Added support for database exclusion constraints on PostgreSQL.
...
Thanks to Nick Pope and Mariusz Felisiak for review.
Co-Authored-By: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2019-07-16 18:04:41 +02:00
Mads Jensen
7174cf0b00
Refs #29824 -- Added RangeOperators helper class.
2019-07-16 16:57:46 +02:00
Yann Sionneau
e47b8293a7
Fixed #30636 -- Fixed options ordering when cloning test database on MySQL.
...
--defaults-file must be given before other options.
2019-07-16 07:25:43 +02:00
Mariusz Felisiak
858cfd74e9
Simplified RangeContainedBy by making it subclass PostgresSimpleLookup.
2019-07-13 10:55:19 +02:00
Mariusz Felisiak
70c2b90d95
Simplified DateTimeRangeContains by making it subclass PostgresSimpleLookup.
2019-07-12 17:27:49 +02:00
Hasan Ramezani
402e6d292f
Fixed #30602 -- Made Extract raise ValueError when using unsupported lookups for DurationField.
2019-07-12 08:08:35 +02:00
Mariusz Felisiak
7a42cfcfdc
Refs #30557 -- Fixed crash of ordering by ptr fields when Meta.ordering contains F() expressions.
...
Thanks Can Sarıgöl for the report.
Follow up to 8c5f9906c5
.
2019-07-11 13:40:36 +02:00
Hasan Ramezani
8c5f9906c5
Fixed #30557 -- Fixed crash of ordering by ptr fields when Meta.ordering contains expressions.
2019-07-11 11:24:59 +02:00
can
52545e788d
Fixed #28289 -- Fixed crash of RawSQL annotations on inherited model fields.
2019-07-11 08:27:15 +02:00
atsuo ishimoto
a9c6ab0356
Fixed #30619 -- Made runserver --nothreading use single threaded WSGIServer.
...
Browsers often use multiple connections with Connection: keep-alive.
If --nothreading is specified, the WSGI server cannot accept new
connections until the old connection is closed, causing hangs.
Force Connection: close when --nothreading option is used.
2019-07-10 13:22:17 +02:00
Johannes Hoppe
00d4e6f8b5
Updated Select2 to version 4.0.7.
2019-07-10 12:31:16 +02:00
Hasan Ramezani
ed668796f6
Fixed #30543 -- Fixed checks of ModelAdmin.list_display for fields accessible only via instance.
...
Co-Authored-By: Andrew Simons <andrewsimons@bubblegroup.com>
2019-07-10 10:37:34 +02:00
Mariusz Felisiak
7991111af1
Fixed #30621 -- Fixed crash of __contains lookup for Date/DateTimeRangeField when the right hand side is the same type.
...
Thanks Tilman Koschnick for the report and initial patch.
Thanks Carlton Gibson the review.
Regression in 6b048b364c
.
2019-07-10 10:33:36 +02:00
Simon Charette
ee6e93ec87
Fixed #30628 -- Adjusted expression identity to differentiate bound fields.
...
Expressions referring to different bound fields should not be
considered equal.
Thanks Julien Enselme for the detailed report.
Regression in bc7e288ca9
.
2019-07-10 07:46:08 +02:00
can
febe136d4c
Fixed #30397 -- Added app_label/class interpolation for names of indexes and constraints.
2019-07-08 14:57:56 +02:00
Johannes Hoppe
bc91f27a86
Refs #29444 -- Added support for fetching a returned non-integer insert values on Oracle.
...
This is currently not actively used, since the ORM will ask the
SQL compiler to only return auto fields.
2019-07-08 08:53:08 +02:00
can
53209f7830
Fixed #30613 -- Moved index name validation to system checks.
2019-07-05 09:30:21 +02:00
Chason Chaffin
c238e65e29
Fixed #30596 -- Fixed SplitArrayField.has_changed() for non-string base fields.
...
Thanks to Evgeniy Krysanov for the report and the idea to use to_python.
Thanks to Mariusz Felisiak for the test case.
2019-07-03 13:35:51 +02:00
Benjamin Woodruff
54dcfbc367
Fixed #29744 -- Fixed caching of URLResolver for a default URLconf.
...
get_resolver() for a default URLconf (passing no argument) and for
settings.ROOT_URLCONF should return the same cached object.
2019-07-03 11:37:28 +02:00
Chason Chaffin
55b68de643
Fixed #30608 -- Fixed non-unicode EmailMessage crash when domain name for localhost is non-ASCII.
...
Assisted by felixxm.
2019-07-03 10:49:03 +02:00
Mariusz Felisiak
f226bdbf4e
Refs #30608 -- Added django.utils.encoding.punycode().
2019-07-03 10:48:02 +02:00
Hasan Ramezani
a5308514fb
Fixed #27801 -- Made createsuperuser fall back to environment variables for password and required fields.
2019-07-02 12:55:09 +02:00
Min ho Kim
fbb83fefd4
Fixed typos in comments and docs.
2019-07-02 09:36:17 +02:00
Hasan Ramezani
090ca6512f
Fixed #30604 -- Made mail_admins()/mail_managers() raise ValueError if ADMINS/MANAGERS is set incorrectly.
2019-07-02 07:34:07 +02:00
PatOnTheBack
29240a9952
Removed unnecessary import in django/utils/autoreload.py.
2019-07-01 14:50:00 +02:00
Hasan Ramezani
5d03f2bc01
Fixed #30595 -- Added error message when no objects found to sql* management commands.
2019-07-01 13:47:54 +02:00
Carlton Gibson
54d0f5e62f
Fixed CVE-2019-12781 -- Made HttpRequest always trust SECURE_PROXY_SSL_HEADER if set.
...
An HTTP request would not be redirected to HTTPS when the
SECURE_PROXY_SSL_HEADER and SECURE_SSL_REDIRECT settings were used if
the proxy connected to Django via HTTPS.
HttpRequest.scheme will now always trust the SECURE_PROXY_SSL_HEADER if
set, rather than falling back to the request scheme when the
SECURE_PROXY_SSL_HEADER did not have the secure value.
Thanks to Gavin Wahl for the report and initial patch suggestion, and
Shai Berger for review.
2019-07-01 07:48:04 +02:00
Claude Paroz
d54baf6970
Updated translations from Transifex
...
Forward port of b3f7262e6e
from stable/2.2.x
2019-06-29 16:17:16 +02:00
Jon Dufresne
42b9a23267
Fixed #30400 -- Improved typography of user facing strings.
...
Thanks Claude Paroz for assistance with translations.
2019-06-28 16:46:18 +02:00
Hasan Ramezani
2b03e8e9e8
Fixed #30584 -- Fixed management command when using subparsers with dest parameter.
2019-06-28 12:51:26 +02:00
can
f03b7bd114
Fixed #28408 -- Added error message when updating with annotated expressions on joined fields.
...
Co-Authored-By: Simon Charette <charette.s@gmail.com>
2019-06-28 07:55:32 +02:00
Nadège Michel
895b15771e
Fixed #28725 -- Prevented serializing inherited ManyToManyFields in child model.
2019-06-27 15:10:22 +02:00
Shubham Bhagat
26d16c07fd
Fixed #30578 - Made SelectDateWidget respect a custom date format when USE_L10N is disabled.
2019-06-26 11:07:11 +02:00
nsasaki128
a289e79679
Fixed #30594 -- Added 'private' Cache-Control directive to never_cache() decorator.
2019-06-26 09:25:24 +02:00
Tom Forbes
8454f6dea4
Fixed #30588 -- Fixed crash of autoreloader when __main__ module doesn't have __file__ attribute.
2019-06-26 06:44:10 +02:00
can
325d5d6445
Fixed #30477 -- Made reverse lookup use Field.get_db_prep_value() from the target field.
2019-06-25 10:20:33 +02:00
daniel a rios
76b993a117
Fixed #26431 -- Prevented django.urls.resolve() from returning missing optional parameters.
...
Previous behavior was inconsistent with django.urls.reverse() and
caused that translate_url() created an incorrect URL when an optional
parameter was missing.
2019-06-24 11:47:56 +02:00
Tom Forbes
e286711879
Simplified handling of non-existent paths in autoreloader with Path.resolve(strict=True).
2019-06-24 09:48:59 +02:00
Markus Holtermann
ad7b438002
Bumped minimum ESLint version to 4.18.2.
2019-06-21 17:57:35 +02:00
Nadège Michel
87b1ad6e73
Fixed #30421 -- Allowed symmetrical intermediate table for self-referential ManyToManyField.
2019-06-21 15:03:17 +02:00
Tobias Kunze
a387ef1117
Added missing form argument in modelform_factory() docstring.
2019-06-20 15:13:22 +02:00
Mariusz Felisiak
7f19e37135
Refs #30451 -- Added more tests for ASGIRequest and ASGIHandler.
2019-06-20 12:29:58 +02:00
Andrew Godwin
a415ce70be
Fixed #30451 -- Added ASGI handler and coroutine-safety.
...
This adds an ASGI handler, asgi.py file for the default project layout,
a few async utilities and adds async-safety to many parts of Django.
2019-06-20 12:29:43 +02:00
Chris Jerdonek
cce47ff65a
Fixed #30565 -- Closed HttpResponse when wsgi.file_wrapper closes file-like object.
2019-06-20 11:48:49 +02:00
can
2cbd3967e0
Fixed #29834 -- Fixed column mismatch crash with QuerySet.values()/values_list() and order_by() on combined querysets.
2019-06-19 12:11:28 +02:00
Mariusz Felisiak
14d026cccb
Fixed #30572 -- Prevented values()/values_list() on combined queryset from mutating the list of columns in querysets.
2019-06-19 10:44:53 +02:00
Min ho Kim
6e8303d49b
Fixed typos in FakePayload docstring and SimplifiedURLTests test name.
2019-06-17 12:38:04 +02:00
Mariusz Felisiak
415e899dc4
Refs #30451 -- Added HttpRequest._set_content_type_params() hook.
2019-06-15 10:29:02 -07:00
Sanyam Khurana
87f5d07eed
Fixed #12952 -- Adjusted admin log change messages to use form labels instead of field names.
2019-06-14 18:20:29 +02:00
Joachim Jablon
2628ea9515
Fixed #30512 -- Used email.headerregistry.parser for parsing emails in sanitize_address().
2019-06-13 16:22:15 +02:00
can
fde9b7d35e
Fixed #30128 -- Fixed handling timedelta timezone in database functions.
2019-06-13 09:29:43 +02:00
Sergey Fedoseev
6fa71872ae
Simplified django.urls.reverse() a bit.
2019-06-12 12:15:40 +02:00
Mariusz Felisiak
b616f65855
Added missing support for PointOnSurface function on MariaDB.
2019-06-12 10:51:43 +02:00
Jon Dufresne
9e38ed0536
Fixed #27486 -- Fixed Python 3.7 DeprecationWarning in intword and filesizeformat filters.
...
intword and filesizeformat passed floats to ngettext() which is
deprecated in Python 3.7. The rationale for this warning is documented
in BPO-28692: https://bugs.python.org/issue28692 .
For filesizeformat, the filesize value is expected to be an int -- it
fills %d string formatting placeholders. It was likely coerced to a
float to ensure floating point division on Python 2. Python 3 always
does floating point division, so coerce to an int instead of a float to
fix the warning.
For intword, the number may contain a decimal component. In English, a
decimal component makes the noun plural. A helper function,
round_away_from_one(), was added to convert the float to an integer that
is appropriate for ngettext().
2019-06-11 20:34:59 +02:00
CruxBox
34f8eeea4a
Fixed #30548 -- Improved exception when expression contains mixed types.
2019-06-10 19:48:53 +02:00
Aymeric Augustin
3ee0834a46
Fixed #30556 -- Avoided useless query and hasher call in ModelBackend.authenticate() when credentials aren't provided.
...
There's no need to fetch a user instance from the database unless
a username and a password are provided as credentials.
2019-06-10 11:12:31 +02:00
Hasan Ramezani
dcb8f00d06
Fixed #29379 -- Added autocomplete attribute to contrib.auth.forms fields.
...
Thank you to Nick Pope for review.
Co-authored-by: CHI Cheng <cloudream@gmail.com>
2019-06-07 12:44:39 +02:00
Alexandre Varas
c498f088c5
Fixed #30521 -- Fixed invalid HTML in default error pages.
2019-06-07 07:51:45 +02:00
Jon Dufresne
d6ea4898c4
Fixed #30550 -- Fixed decoding of non-UTF-8 bytes objects in response.json().
2019-06-07 06:40:15 +02:00
Hasan Ramezani
661e6cc2c9
Fixed #29706 -- Made RenameContentType._rename() save to the correct database.
2019-06-06 12:09:01 +02:00
Arpana Mehta
4b45b6c8e4
Updated Hindi language name.
2019-06-06 11:16:19 +02:00
Tobias Bengfort
581a0f4545
Refs #30226 -- Added User.get_user_permissions() method.
...
Added to mirror the existing User.get_group_permissions().
2019-06-05 13:56:37 +02:00
Tobias Bengfort
75337a6050
Fixed #30226 -- Added BaseBackend for authentication.
2019-06-05 13:39:46 +02:00
Étienne Beaulé
4b6dfe1622
Fixed #30542 -- Fixed crash of numerical aggregations with filter.
...
Filters in annotations crashed when used with numerical-type
aggregations (i.e. Avg, StdDev, and Variance). This was caused as the
source expressions no not necessarily have an output_field (such as the
filter field), which lead to an AttributeError: 'WhereNode' object has
no attribute output_field.
Thanks to Chuan-Zheng Lee for the report.
Regression in c690afb873
and two following
commits.
2019-06-05 08:06:26 +02:00
Jones Ambrosi
f9561144d7
Fixed #30520 -- Fixed crash of admin model inlines on custom fields without labels.
2019-06-04 10:27:12 +02:00
RobertAKARobin
aa94f7c899
Fixed #30534 -- Fixed overriding a field's default in ModelForm.cleaned_data().
2019-06-04 08:28:49 +02:00
Nathan Gaberel
b27c9c953b
Fixed #28604 -- Prevented ManifestStaticFilesStorage from leaving intermediate files.
2019-06-03 13:11:55 +02:00
Carlton Gibson
34ec52269a
Applied jQuery patch for CVE-2019-11358.
2019-06-03 11:36:12 +02:00
Carlton Gibson
deeba6d920
Fixed CVE-2019-12308 -- Made AdminURLFieldWidget validate URL before rendering clickable link.
2019-06-03 11:36:12 +02:00
can
dffa3e1992
Fixed #30493 -- Fixed prefetch_related() for GenericRelation with different content types.
...
Co-Authored-By: Mariusz Felisiak <felisiak.mariusz@gmail.com>
Thanks Simon Charette for the review.
2019-05-31 18:11:55 +02:00
Mariusz Felisiak
f66021f3f7
Refs #30493 -- Added GenericRelatedObjectManager.get_content_type() hook.
2019-05-31 18:11:51 +02:00
Mariusz Felisiak
f6075fb333
Fixed #26192 -- Fixed crash of ordering by constants on PostgreSQL.
...
Thanks Simon Charette for the review.
2019-05-31 07:38:48 +02:00
Daniel Hahler
59f04d6b8f
Simplified SessionMiddleware.process_response() a bit.
2019-05-29 14:10:11 +02:00
Tom Forbes
480492fe70
Fixed #30523 -- Fixed updating file modification times on seen files in auto-reloader when using StatReloader.
...
Previously we updated the file mtimes if the file has not been seen
before - i.e on the first iteration of the loop.
If the mtime has been changed we triggered the notify_file_changed()
method which in all cases except the translations will result in the
process being terminated. To be strictly correct we need to update the
mtime for either branch of the conditional.
Regression in 6754bffa2b
.
2019-05-29 09:41:24 +02:00
Tom Forbes
0344565179
Fixed #30516 -- Fixed crash of autoreloader when re-raising exceptions with custom signature.
...
Regression in c8720e7696
.
2019-05-29 08:08:50 +02:00
葛汉斌
fcbc502af9
Simplified Model.save() a bit.
2019-05-28 15:40:31 +02:00
Caio Ariede
a3f91891d2
Fixed #30315 -- Fixed crash of ArrayAgg and StringAgg with ordering when used in Subquery.
2019-05-28 10:05:50 +02:00
Tom Forbes
b2790f74d4
Fixed #30479 -- Fixed detecting changes in manage.py by autoreloader when using StatReloader.
...
Regression in c8720e7696
.
2019-05-28 08:31:33 +02:00
Simon Charette
df46b329e0
Refs #30485 -- Avoided unnecessary instance checks in urlencode.
...
Given doseq defaults to False it should avoid an unnecessary instance
check in most cases.
2019-05-27 22:00:14 +02:00
Mariusz Felisiak
b6c4766f53
Refs #29548 -- Updated docs for MariaDB support.
2019-05-27 19:59:49 +02:00
Johan Lübcke
0670b1b403
Fixed #30485 -- Adjusted django.utils.http.urlencode for doseq=False case.
2019-05-24 17:15:34 +02:00
Rob
58df8aa40f
Fixed #28780 -- Allowed specyfing a token parameter displayed in password reset URLs.
...
Co-authored-by: Tim Givois <tim.givois.mendez@gmail.com>
2019-05-24 08:40:25 +02:00
Caio Ariede
753b67c58d
Fixed #30497 -- Ignored document type in assertXMLEqual()/assertXMLNotEqual().
2019-05-24 07:29:42 +02:00
Mariusz Felisiak
f8b8b00f01
Fixed #30501 -- Preventing QuerySet.reverse() from mutating expressions in QuerySet.order_by and Meta.ordering.
2019-05-23 20:33:37 +02:00
Mariusz Felisiak
2007e11d70
Forced utf-8 encoding when loading common passwords in CommonPasswordValidator.
...
Previously we used `decode()` which defaults to utf-8. This change
restores previous behavior.
Follow up to 28eac41510
.
2019-05-23 08:39:16 +02:00
Ran Benita
a2c31e12da
Fixed #30498 -- Fixed proxy class caching in lazy().
...
lazy() should prepare the proxy class only once (the first time it's
used) not on every call.
Regression in b4e76f30d1
.
2019-05-22 20:41:52 +02:00
Jon Dufresne
b711eafd2a
Refs #30116 -- Removed unnecessary str() calls in CommonPasswordValidator.
...
open() and gzip.open() supports path-like objects since Python 3.6.
2019-05-22 19:47:28 +02:00
Brad Solomon
28eac41510
Improved performance of loading common passwords in CommonPasswordValidator.
...
CommonPasswordValidator.__init__ previously called either splitlines or
readlines, creating an unneeded intermediate list in memory. For large
custom password files, this could be burdensome.
2019-05-22 06:55:21 +02:00
Hasan Ramezani
1378d665a1
Fixed #28816 -- Prevented silencing data loss when decreasing CharField.max_length on PostgreSQL.
2019-05-21 14:15:43 +02:00
Rob
519016e5f2
Fixed #28147 -- Fixed loss of assigned parent when saving child after parent.
...
Thanks Erwin Junge for the initial patch.
2019-05-21 10:11:22 +02:00
Hasan Ramezani
9d6f981a66
Fixed #28763 -- Allowed overriding the session cookie age with SessionStore.get_session_cookie_age().
2019-05-21 08:50:09 +02:00
Simon Charette
514104cf23
Refs #29396 , #30494 -- Reduced code duplication in year lookups.
2019-05-21 07:25:09 +02:00