Commit Graph

9808 Commits

Author SHA1 Message Date
Tim Graham 1285ca67eb Fixed #16919 -- Passed user to set_password_form in GET requests.
Thanks Jaime Irurzun for the report and initial patch and
ejucovy for the test.
2013-10-02 13:28:15 -04:00
Andrew Godwin a80d9ab0fe Initial version of MigrationOptimizer and tests 2013-10-02 17:34:22 +01:00
tschilling 5381317fe3 Fixed #21129 -- Prevented admin filter params modifications from throwing an exception.
Thanks Tuttle for the report.
2013-10-02 08:16:09 -04:00
Ramiro Morales 4b715fc05a Fixed #21209 -- .po file path comments on Windows.
Literals from source files with Django template language syntax don't
have a '.py' suffix anymore.

Also, the '.\' prefix is preserved to respect GNU gettext behavior on
that platform.

Refs #16903.
2013-10-01 20:37:43 -03:00
Ramiro Morales 1d0fc61b1c Fixed #15185 -- Allowed ModelAdmin.list_display_links=None to disable change list links.
Thanks rm_ for the suggestion.
2013-10-01 14:25:54 -04:00
Michael Manfre bf757a2f4d Fixed #21147 -- Avoided time.time precision issue with cache backends.
The precision of time.time() is OS specific and it is possible for the
resolution to be low enough to allow reading a cache key previously set
with a timeout of 0.
2013-10-01 13:42:59 -04:00
Anssi Kääriäinen bf13c75c0d Fixed #21203 -- resolve_columns fields misalignment
In queries using .defer() together with .select_related() the values
and fields arguments didn't align properly for resolve_columns().
2013-10-01 20:29:23 +03:00
Tim Graham 0d02c54299 Fixed #21207 -- Fixed test failure on Oracle: test_cursor_contextmanager
refs #17671
2013-10-01 12:34:25 -04:00
Claude Paroz c1c44b2506 Factorized requires_tz_support decorator in test utils
Thanks Aymeric Augustin for the suggestion. Refs #21165.
2013-10-01 13:20:41 +02:00
Anssi Kääriäinen d64060a736 OrderedDict creation avoidance for .values() queries
Avoid accessing query.extra and query.aggregates directly for .values()
queries. Refs #20950.
2013-10-01 10:56:13 +03:00
Adam Haney d9bbda7149 * Fixing improper grammar 2013-09-30 16:59:45 -04:00
Loic Bistuer d847ddfe1d Fixed #3871 -- Fixed regression introduced by 04a2a6b.
Added do_not_call_in_templates=True attribute to RelatedManagers
to prevent them from being called.

Thanks jbg@ for the report.
2013-09-30 15:43:44 -04:00
Tim Graham 4745ea1d27 Added hints argument to GeoQuerySet; refs #13724. 2013-09-30 14:16:17 -04:00
Aymeric Augustin 728548e483 Fixed #21134 -- Prevented queries in broken transactions.
Squashed commit of the following:

commit 63ddb271a44df389b2c302e421fc17b7f0529755
Author: Aymeric Augustin <aymeric.augustin@m4x.org>
Date:   Sun Sep 29 22:51:00 2013 +0200

    Clarified interactions between atomic and exceptions.

commit 2899ec299228217c876ba3aa4024e523a41c8504
Author: Aymeric Augustin <aymeric.augustin@m4x.org>
Date:   Sun Sep 22 22:45:32 2013 +0200

    Fixed TransactionManagementError in tests.

    Previous commit introduced an additional check to prevent running
    queries in transactions that will be rolled back, which triggered a few
    failures in the tests. In practice using transaction.atomic instead of
    the low-level savepoint APIs was enough to fix the problems.

commit 4a639b059ea80aeb78f7f160a7d4b9f609b9c238
Author: Aymeric Augustin <aymeric.augustin@m4x.org>
Date:   Tue Sep 24 22:24:17 2013 +0200

    Allowed nesting constraint_checks_disabled inside atomic.

    Since MySQL handles transactions loosely, this isn't a problem.

commit 2a4ab1cb6e83391ff7e25d08479e230ca564bfef
Author: Aymeric Augustin <aymeric.augustin@m4x.org>
Date:   Sat Sep 21 18:43:12 2013 +0200

    Prevented running queries in transactions that will be rolled back.

    This avoids a counter-intuitive behavior in an edge case on databases
    with non-atomic transaction semantics.

    It prevents using savepoint_rollback() inside an atomic block without
    calling set_rollback(False) first, which is backwards-incompatible in
    tests.

    Refs #21134.

commit 8e3db393853c7ac64a445b66e57f3620a3fde7b0
Author: Aymeric Augustin <aymeric.augustin@m4x.org>
Date:   Sun Sep 22 22:14:17 2013 +0200

    Replaced manual savepoints by atomic blocks.

    This ensures the rollback flag is handled consistently in internal APIs.
2013-09-30 09:42:27 +02:00
Russell Keith-Magee 9595183d03 Fixed #13724: Corrected routing of write queries involving managers.
Previously, if a database request spanned a related object manager, the
first manager encountered would cause a request to the router, and this
would bind all subsequent queries to the same database returned by the
router. Unfortunately, the first router query would be performed using
a read request to the router, resulting in bad routing information being
used if the subsequent query was actually a write.

This change defers the call to the router until the final query is acutally
made.

It includes a small *BACKWARDS INCOMPATIBILITY* on an edge case - see the
release notes for details.

Thanks to Paul Collins (@paulcollinsiii) for the excellent debugging
work and patch.
2013-09-30 13:05:43 +08:00
Christopher Babiak a834bc84d8 Fixed #20931 -- Fixed select widgets nested choice rendering
ChoiceFieldRenderer was not rendering nested choices. Added recursion
to ChoiceFieldRenderer to take nested choices and render them as
<ul>'s.
2013-09-28 17:25:32 -07:00
Ramiro Morales 783620ccc8 Fixed #21162 -- Better emulation of staticfiles middleware.
Code had been added in e909ceae9b. Solves test suite failures observed
on Windows.

Thanks Michael Manfre for the report. Refs #20739.
2013-09-28 17:32:23 -03:00
Erik Romijn 1a63092981 Fixed #20439 -- Started deprecation of IPAddressField 2013-09-28 10:55:32 +02:00
Baptiste Mispelon 8f51ba669a Fixed #21186: Fixed regression when using date fields in the admin's list_filter.
Thanks to onlygoldi2201 for the report and to ramiro and apollo13
for the reviews.
2013-09-28 00:40:43 +02:00
Baptiste Mispelon 3754f4ad41 Fix #21185: Added tests for unescape_entities.
Also fixed a py3 incompatibility.
Thanks to brutasse for the report.
2013-09-27 17:00:42 +02:00
Andrew Godwin 59582a8119 Enforce ordering on PostgreSQL get_constraints cols (refs #21134) 2013-09-26 14:55:19 +01:00
Michael Manfre d5606b5763 Fixed #21146 - DatabaseCache converts expires to python value
DatabaseCache uses raw cursors to bypass the ORM. This prevents it from
being used by database backends that require special handling of datetime
values.

There is no easy way to test this, so no tests added.
2013-09-26 13:11:43 +03:00
Giles Richard Greenway 6c06adad1d Fixed #20364 -- Changed urlize regexes to include quotation marks as punctation.
Thanks to EmilStenstrom for raising this, and to Chris Piwoński for all of the fixes and most of the tests.
2013-09-25 22:17:22 +02:00
Michael Manfre 99c87f1410 Fixed #17671 - Cursors are now context managers. 2013-09-25 21:47:26 +03:00
Loic Bistuer 04a2a6b0f9 Fixed #3871 -- Custom managers when traversing reverse relations. 2013-09-25 21:15:59 +03:00
Anssi Kääriäinen 83554b018e Fixed #21126 -- QuerySet value conversion failure
A .annotate().select_related() query resulted in misaligned rows vs
columns for compiler.resolve_columns() method.

Report & patch by Michael Manfre.
2013-09-25 20:47:57 +03:00
Andrew Godwin 6d3faba2d2 Add reverse_code optional argument to RunPython 2013-09-25 17:21:20 +01:00
Andrew Godwin fe9f342d8c Allow callables as the argument to RunPython 2013-09-25 16:10:43 +01:00
Andrew Godwin 8a3e543f26 Make sqlmigrate ignore the RunPython operation 2013-09-25 14:37:44 +01:00
Andrew Godwin 3b810c5656 Add RunPython migration operation and tests 2013-09-25 13:58:07 +01:00
Andrew Godwin 05656f2388 Add equality support for Project/ModelState 2013-09-25 13:47:46 +01:00
Anssi Kääriäinen 9027da65d3 Added '*' to quote_cache
The commit for #18333 missed quote_cache default value for *.
Refs #18333.
2013-09-24 23:00:31 +03:00
Florian Apolloner 68540fe4df Fixed #21138 -- Increased the performance of our PBKDF2 implementation.
Thanks go to Michael Gebetsroither for pointing out this issue and help on
the patch.
2013-09-24 21:06:26 +02:00
Florian Apolloner 5d74853e15 Revert "Ensure that passwords are never long enough for a DoS."
This reverts commit aae5a96d57.

This fix is no longer necessary, our pbkdf2 (see next commit) implementation
no longer rehashes the password every iteration.
2013-09-24 21:01:21 +02:00
Michael Manfre 9a041807fc Fixed #18333 - Quoted annotated column names 2013-09-24 10:10:08 -04:00
Andrei Picus 8e737cf282 Fix small grammatical error in comment.
Changed 'there are no filtering' to 'there is no filtering'.
2013-09-24 14:55:05 +03:00
Michał Lech 53c7d66869 Marked PermissionsMixin.user_permissions help_text for translation 2013-09-24 07:36:24 -04:00
Claude Paroz 18fb713e7b Properly marked skipped GIS tests as skipped 2013-09-24 12:23:42 +02:00
Claude Paroz 45403d330a Reformatted some GIS distance tests 2013-09-24 12:23:42 +02:00
Claude Paroz 4c5bc1ac30 Removed double import in mysql base.py 2013-09-24 10:25:39 +02:00
Helen ST 41167645b1 Fixed #14028 - Added validation for clashing db_columns.
Thanks akaariai for the suggestion.
2013-09-23 11:51:58 -04:00
Florian Apolloner 2ca00faa91 Fixed "Address already in use" from liveserver.
Our WSGIServer rewrapped the socket errors from server_bind into
WSGIServerExceptions, which is used later on to provide nicer
error messages in runserver and used by the liveserver to see if
the port is already in use. But wrapping server_bind isn't enough since
it only binds to the socket, socket.listen (which is called from
server_activate) could also raise "Address already in use".

Instead of overriding server_activate too I chose to just catch socket
errors, which seems to make more sense anyways and should be more robust
against changes in wsgiref.
2013-09-22 22:02:59 +02:00
Aymeric Augustin 51ed1ef1d5 Fixed a mistake in my previous commit. 2013-09-22 14:36:53 +02:00
Aymeric Augustin a5b062576b Removed a few trailing backslashes.
We have always been at war with trailing backslashes.
2013-09-22 14:04:10 +02:00
Aymeric Augustin ee0ef1b094 Partial revert of 165f44aa.
That commit didn't always improve readability.

See discussion on django-developers for details.
2013-09-22 14:04:10 +02:00
Florian Apolloner 56743cf9e3 Ensured that BoundField.as_widget always returns properly localized fields.
This is a follow-up to #18777 which improperly converted to strings in
prepare_value and as such caused regressions like #21074.

Refs #18777, #21074
2013-09-21 22:54:00 +02:00
tschilling 0d1ba84d13 Fixed #20702 -- Deprecated get_formsets in favor of get_formsets_with_inlines.
Thanks stanislas.guerra at gmail.com for the report.
2013-09-20 07:47:24 -04:00
Paul McMillan f8f47718ab Merge pull request #1644 from PaulMcMillan/bump_hash_iterations
Increase default PBKDF2 iterations
2013-09-19 12:17:56 -07:00
yokomizor df27803a55 Fixed #9532 -- Added min_num and validate_min on formsets.
Thanks gsf for the suggestion.
2013-09-19 13:11:49 -04:00
Paul McMillan a075e2ad0d Increase default PBKDF2 iterations
Increases the default PBKDF2 iterations, since computers have gotten
faster since 2011. In the future, we plan to increment by 10% per
major version.
2013-09-19 18:02:25 +01:00
Kevin Christopher Henry 59a34c43a8 Fixed #18744 -- Updated docstring to highlight limitations of NamedTemporaryFile
- Noted that this does not allow for reading and writing the same open
file in different processes under Windows.
- Noted that the keyword arguments to NamedTemporaryFile no longer
match the Python version.
2013-09-19 10:12:03 -04:00
Curtis Maloney 4e9f800742 Fixed #21125 -- Removed support for cache URI syntax 2013-09-19 10:01:39 -04:00
Tim Graham 7fec5a2240 Fixed #7557 -- Added type checking to Variable initialization.
Thanks tobias for the suggestion and boblefrag and saz for work on the
patch.
2013-09-19 09:27:19 -04:00
Tim Graham e23de9e350 Fixed typo in exception message; refs #19414
Thanks Alexey Boriskin for the report.
2013-09-19 06:24:12 -04:00
Brian Holdefehr 98514849dc Fixed #19414 -- Added admin registration decorator
Thanks stavros for the suggestion.
2013-09-18 11:44:10 -04:00
Tim Graham 2daada800f Fixed #21098 -- Applied sensitive_post_parameters to MultiValueDict
Thanks simonpercivall for the report and bmispelon for the review.
2013-09-18 09:48:36 -04:00
Berker Peksag 2f0566fa61 Fixed #4278 -- Added a dirs parameter to a few functions to override TEMPLATE_DIRS.
* django.template.loader.get_template()
* django.template.loader.select_template()
* django.shortcuts.render()
* django.shortcuts.render_to_response()

Thanks amcnabb for the suggestion.
2013-09-18 07:37:08 -04:00
Tim Graham 893198509e Fixed #15625 -- Made message in MultiValueDictKeyError less verbose.
Thanks margieroginski for the suggestion.
2013-09-18 06:44:38 -04:00
Anssi Kääriäinen 50633e7353 Fixed #12568 -- no error when accessing custom field's descriptor
The SubfieldBase's descriptor caused an AttributeError when accessed
from the class. Introspection didn't like that.

Patch by Trac alias supervacuo.
2013-09-18 10:03:52 +03:00
Markus Holtermann a772ea8117 Fixed #21115 -- Fixed NameError in migrate --list command 2013-09-17 12:53:59 -04:00
Florian Apolloner 2c6079775e Destroy selenium before live server threads.
Ensure that selenium quits before the live server thread to
prevent occasional hangs when killing the live server.
2013-09-17 18:39:25 +02:00
Markus Holtermann 5a424c2393 Fixed #21114 -- Migrations must not have a dependency to themselves. 2013-09-17 11:47:19 -04:00
Florian Apolloner 73a610d2a8 Final attempt to solve sporadic test failures.
tearDownClass is not called if setUpClass throws an exception, in our case
this means that LiveServerTestCase leaks LiveServerThread sockets if the
test happens to be skipped later on, and AdminSeleniumWebDriverTestCase
doesn't close it's already open browser window. To prevent this leakage
we catch errors where needed and manually call _tearDownClassInternal.
_tearDownClassInternal should be written as defensively as possible since
it is not allowed to make any assumptions on how far setUpClass got.

This patch should fix the sporadic "Address already in use"-errors on jenkins
and also the "This code isn't under transaction management"-error for sqlite
(also just on jenkins).

After discussion with koniiiik, jezdez, kmtracey, tos9, lifeless, nedbat and
voidspace it was decided that this is the safest approach (thanks to everyone
for their comments and help). Manually calling tearDownClass was shut down
cause we don't know how our users override our classes.

This is a private and very specialized API on purpose and should not be used
without a strong reason!

This patch partially reverts the earlier attempts to fix those issues,
namely:
	2fa0dd73b1 and
	3c5775d36f

Final note: If this patch breaks in a later version of Django, please be
very careful on how you fix it, you might not see test failures locally.
That said, this patch hopefully doesn't produce even more failures.
2013-09-17 16:41:01 +02:00
Beshr Kayali 8e04ad9fc2 Added Arabic mapping to contrib/admin/static/admin/js/urlify.js 2013-09-17 10:34:12 -04:00
Simon Charette f5f662fa5f Fixed #21112 -- Make sure sitemaps with no lastmod date work correctly.
Thanks to Matthias Kestenholz for the report and patch.
2013-09-17 10:21:11 -04:00
Anssi Kääriäinen 9400142132 Fixed #21109 -- made db cursor error wrapping faster 2013-09-17 12:18:55 +03:00
Tim Graham f40c82213f Added backwards compatability shims for util modules.
refs #17627
2013-09-16 12:53:42 -04:00
Tim Graham 18ffdb1772 Fixed #17627 -- Renamed util.py files to utils.py
Thanks PaulM for the suggestion and Luke Granger-Brown and
Wiktor Kołodziej for the initial patch.
2013-09-16 12:52:05 -04:00
Russell Keith-Magee aae5a96d57 Ensure that passwords are never long enough for a DoS.
* Limit the password length to 4096 bytes
  * Password hashers will raise a ValueError
  * django.contrib.auth forms will fail validation
* Document in release notes that this is a backwards incompatible change

Thanks to Josh Wright for the report, and Donald Stufft for the patch.

This is a security fix; disclosure to follow shortly.
2013-09-15 13:42:23 +08:00
Florian Apolloner 2fa0dd73b1 Fixed error handling in 3c5775d36f for non-operational webdrivers. 2013-09-14 23:24:48 +02:00
Florian Apolloner 3c5775d36f Delayed initialization of Selenium webdrivers.
If setUpClass throws an exception (in this case "Address already in use" if the
super call can't find any open port to bind too) tearDownClass is not called.
This results in open browser windows from the webdriver, hence we only construct
it once we are sure there is no code afterwards which could error out.
2013-09-14 22:58:30 +02:00
Alex Gaynor bac86ad1a3 REmoved some unused imports 2013-09-14 12:34:57 -07:00
Alex Gaynor 5c645ec81a Merge branch 'master' of https://github.com/django/django 2013-09-14 12:32:45 -07:00
Alex Gaynor 496b4d0331 Removed an import * that was masking importing stuff from the wrong location 2013-09-14 12:32:25 -07:00
Anssi Kääriäinen ff723d894d Fixed #20950 -- Instantiate OrderedDict() only when needed
The use of OrderedDict (even an empty one) was surprisingly slow. By
initializing OrderedDict only when needed it is possible to save
non-trivial amount of computing time (Model.save() is around 30% faster
for example).

This commit targetted sql.Query only, there are likely other places
which could use similar optimizations.
2013-09-14 20:52:17 +03:00
Tim Graham 886bb9d878 Revert "Fixed #12288 -- Validated that app names in INSTALLED_APPS are unique"
This reverts commit c1ec08998d.

There are backwards compatability concerns with this.
2013-09-14 07:19:32 -04:00
Michael Manfre c89d80e2cc Fixed #21097 - Added DatabaseFeature.can_introspect_autofield 2013-09-14 09:48:59 +03:00
Juan Catalano 6feb75129f Fixed #21060 -- Refactored admin's autodiscover method to make it reusable.
We want to be able to use it for instance for discovering `tasks.py` modules
inside the INSTALLED_APPS.

This commit therefore moves the logic to `autodiscover_modules` method in
django.utils.module_loading.
2013-09-13 20:09:41 -04:00
e0ne c1ec08998d Fixed #12288 -- Validated that app names in INSTALLED_APPS are unique 2013-09-13 08:09:21 -04:00
Daniel Sokolowski ad6fcdb8d2 Fixed #20844 -- Made AdminEmailHandler respect LOGGING 'formatter' setting. 2013-09-13 07:27:54 -04:00
Claude Paroz 4c5641dd92 Fixed inspectdb test for spatialite >=4 2013-09-12 11:14:16 +02:00
Claude Paroz c82f6c2227 Add a test for the geo-enabled inspectdb command 2013-09-12 10:30:45 +02:00
Michael Manfre e61cc87129 Fixed #21090 -- Allowed backends to provide dotted field path to inspectdb. 2013-09-11 13:35:26 -04:00
Baptiste Mispelon abb10db06f Fixed #21089 -- Allow TransactionTestcase subclasses to define an empty list of fixtures.
Thanks to lgs for the report and initial patch.
2013-09-11 15:28:04 +02:00
Keryn Knight 170f721367 Fixed #21056 -- AdminSite.app_index no longer blindly accepts any app-labelish input. 2013-09-11 08:48:32 -04:00
Tim Graham 7fe5b656c9 Prevented arbitrary file inclusion with {% ssi %} tag and relative paths.
Thanks Rainer Koirikivi for the report and draft patch.

This is a security fix; disclosure to follow shortly.
2013-09-10 21:02:48 -04:00
Tim Graham 8165c2cfd1 Improved deprecation warning for change in form boolean values.
refs #20684

Thanks jacob, jcd, and shai for the suggestions.
2013-09-10 14:24:34 -04:00
Tim Graham 4e96dac450 Fixed #19298 -- Added MultiValueField.__deepcopy__
Thanks nick.phillips at otago.ac.nz for the report.
2013-09-10 13:56:49 -04:00
e0ne 053de6131a Fixed #5749 -- Added field_name as a key in the _html_output dict
Thanks SmileyChris for the suggestion.
2013-09-10 13:00:10 -04:00
Juan Catalano 4840fd9cbc Fixed #20919 -- Extended assertRedirects to be able to avoid fetching redirect's response.
Thanks mjtamlyn for the suggestion.
2013-09-10 12:22:55 -04:00
Gregor MacGregor b2b763448f Fixed #20841 -- Added messages to NotImplementedErrors
Thanks joseph at vertstudios.com for the suggestion.
2013-09-10 11:09:59 -04:00
Loic Bistuer d59f1993f1 Made MigrationWriter look for a "deconstruct" attribute on functions.
Refs #20978.
2013-09-10 10:12:23 -04:00
Loic Bistuer 5df8f749e6 Fixed #20978 -- Made deletion.SET_NULL more friendly for MigrationWriter.serialize. 2013-09-10 10:12:23 -04:00
Tim Graham 4ba373840a Fixed #16534 -- Improved ability to customize DiscoverRunner
Added DiscoverRunner.test_suite and .test_runner attributes.

Thanks tomchristie for the suggestion and jcd for the patch.
2013-09-10 09:49:39 -04:00
Roberto Aguilar af67ce5e18 Fixed #4574 -- Added CSS classes to the admin calendar widget for better control over styling. 2013-09-10 08:07:17 -05:00
Tim Graham 2bc5143866 Fixed #7467 -- Added a template block to override the admin welcome message.
Thanks Jeff Kowalczyk for the suggestion and rctay for the patch.
2013-09-10 08:48:03 -04:00
John Hensley 30fc49a7ca Fixed #21057 -- Prevented FileSystemStorage from leaving temporary files. 2013-09-10 08:33:53 -04:00
e0ne f2a4452882 Fixed #18403 -- Initialized bad_cookies in SimpleCookie
Thanks Stefano Crosta for the report.
2013-09-10 08:26:54 -04:00
homm 7008ed61c5 Fixed #21033 -- Fixed uploaded filenames not always being truncated to 255 characters 2013-09-10 01:55:16 +02:00
Aymeric Augustin d9413d33b2 Refactored code and tests that relied on django.utils.tzinfo.
Refs #17262.
2013-09-09 22:32:52 +02:00