Commit Graph

9704 Commits

Author SHA1 Message Date
Brian Holdefehr 98514849dc Fixed #19414 -- Added admin registration decorator
Thanks stavros for the suggestion.
2013-09-18 11:44:10 -04:00
Tim Graham 2daada800f Fixed #21098 -- Applied sensitive_post_parameters to MultiValueDict
Thanks simonpercivall for the report and bmispelon for the review.
2013-09-18 09:48:36 -04:00
Berker Peksag 2f0566fa61 Fixed #4278 -- Added a dirs parameter to a few functions to override TEMPLATE_DIRS.
* django.template.loader.get_template()
* django.template.loader.select_template()
* django.shortcuts.render()
* django.shortcuts.render_to_response()

Thanks amcnabb for the suggestion.
2013-09-18 07:37:08 -04:00
Tim Graham 893198509e Fixed #15625 -- Made message in MultiValueDictKeyError less verbose.
Thanks margieroginski for the suggestion.
2013-09-18 06:44:38 -04:00
Anssi Kääriäinen 50633e7353 Fixed #12568 -- no error when accessing custom field's descriptor
The SubfieldBase's descriptor caused an AttributeError when accessed
from the class. Introspection didn't like that.

Patch by Trac alias supervacuo.
2013-09-18 10:03:52 +03:00
Markus Holtermann a772ea8117 Fixed #21115 -- Fixed NameError in migrate --list command 2013-09-17 12:53:59 -04:00
Florian Apolloner 2c6079775e Destroy selenium before live server threads.
Ensure that selenium quits before the live server thread to
prevent occasional hangs when killing the live server.
2013-09-17 18:39:25 +02:00
Markus Holtermann 5a424c2393 Fixed #21114 -- Migrations must not have a dependency to themselves. 2013-09-17 11:47:19 -04:00
Florian Apolloner 73a610d2a8 Final attempt to solve sporadic test failures.
tearDownClass is not called if setUpClass throws an exception, in our case
this means that LiveServerTestCase leaks LiveServerThread sockets if the
test happens to be skipped later on, and AdminSeleniumWebDriverTestCase
doesn't close it's already open browser window. To prevent this leakage
we catch errors where needed and manually call _tearDownClassInternal.
_tearDownClassInternal should be written as defensively as possible since
it is not allowed to make any assumptions on how far setUpClass got.

This patch should fix the sporadic "Address already in use"-errors on jenkins
and also the "This code isn't under transaction management"-error for sqlite
(also just on jenkins).

After discussion with koniiiik, jezdez, kmtracey, tos9, lifeless, nedbat and
voidspace it was decided that this is the safest approach (thanks to everyone
for their comments and help). Manually calling tearDownClass was shut down
cause we don't know how our users override our classes.

This is a private and very specialized API on purpose and should not be used
without a strong reason!

This patch partially reverts the earlier attempts to fix those issues,
namely:
	2fa0dd73b1 and
	3c5775d36f

Final note: If this patch breaks in a later version of Django, please be
very careful on how you fix it, you might not see test failures locally.
That said, this patch hopefully doesn't produce even more failures.
2013-09-17 16:41:01 +02:00
Beshr Kayali 8e04ad9fc2 Added Arabic mapping to contrib/admin/static/admin/js/urlify.js 2013-09-17 10:34:12 -04:00
Simon Charette f5f662fa5f Fixed #21112 -- Make sure sitemaps with no lastmod date work correctly.
Thanks to Matthias Kestenholz for the report and patch.
2013-09-17 10:21:11 -04:00
Anssi Kääriäinen 9400142132 Fixed #21109 -- made db cursor error wrapping faster 2013-09-17 12:18:55 +03:00
Tim Graham f40c82213f Added backwards compatability shims for util modules.
refs #17627
2013-09-16 12:53:42 -04:00
Tim Graham 18ffdb1772 Fixed #17627 -- Renamed util.py files to utils.py
Thanks PaulM for the suggestion and Luke Granger-Brown and
Wiktor Kołodziej for the initial patch.
2013-09-16 12:52:05 -04:00
Russell Keith-Magee aae5a96d57 Ensure that passwords are never long enough for a DoS.
* Limit the password length to 4096 bytes
  * Password hashers will raise a ValueError
  * django.contrib.auth forms will fail validation
* Document in release notes that this is a backwards incompatible change

Thanks to Josh Wright for the report, and Donald Stufft for the patch.

This is a security fix; disclosure to follow shortly.
2013-09-15 13:42:23 +08:00
Florian Apolloner 2fa0dd73b1 Fixed error handling in 3c5775d36f for non-operational webdrivers. 2013-09-14 23:24:48 +02:00
Florian Apolloner 3c5775d36f Delayed initialization of Selenium webdrivers.
If setUpClass throws an exception (in this case "Address already in use" if the
super call can't find any open port to bind too) tearDownClass is not called.
This results in open browser windows from the webdriver, hence we only construct
it once we are sure there is no code afterwards which could error out.
2013-09-14 22:58:30 +02:00
Alex Gaynor bac86ad1a3 REmoved some unused imports 2013-09-14 12:34:57 -07:00
Alex Gaynor 5c645ec81a Merge branch 'master' of https://github.com/django/django 2013-09-14 12:32:45 -07:00
Alex Gaynor 496b4d0331 Removed an import * that was masking importing stuff from the wrong location 2013-09-14 12:32:25 -07:00
Anssi Kääriäinen ff723d894d Fixed #20950 -- Instantiate OrderedDict() only when needed
The use of OrderedDict (even an empty one) was surprisingly slow. By
initializing OrderedDict only when needed it is possible to save
non-trivial amount of computing time (Model.save() is around 30% faster
for example).

This commit targetted sql.Query only, there are likely other places
which could use similar optimizations.
2013-09-14 20:52:17 +03:00
Tim Graham 886bb9d878 Revert "Fixed #12288 -- Validated that app names in INSTALLED_APPS are unique"
This reverts commit c1ec08998d.

There are backwards compatability concerns with this.
2013-09-14 07:19:32 -04:00
Michael Manfre c89d80e2cc Fixed #21097 - Added DatabaseFeature.can_introspect_autofield 2013-09-14 09:48:59 +03:00
Juan Catalano 6feb75129f Fixed #21060 -- Refactored admin's autodiscover method to make it reusable.
We want to be able to use it for instance for discovering `tasks.py` modules
inside the INSTALLED_APPS.

This commit therefore moves the logic to `autodiscover_modules` method in
django.utils.module_loading.
2013-09-13 20:09:41 -04:00
e0ne c1ec08998d Fixed #12288 -- Validated that app names in INSTALLED_APPS are unique 2013-09-13 08:09:21 -04:00
Daniel Sokolowski ad6fcdb8d2 Fixed #20844 -- Made AdminEmailHandler respect LOGGING 'formatter' setting. 2013-09-13 07:27:54 -04:00
Claude Paroz 4c5641dd92 Fixed inspectdb test for spatialite >=4 2013-09-12 11:14:16 +02:00
Claude Paroz c82f6c2227 Add a test for the geo-enabled inspectdb command 2013-09-12 10:30:45 +02:00
Michael Manfre e61cc87129 Fixed #21090 -- Allowed backends to provide dotted field path to inspectdb. 2013-09-11 13:35:26 -04:00
Baptiste Mispelon abb10db06f Fixed #21089 -- Allow TransactionTestcase subclasses to define an empty list of fixtures.
Thanks to lgs for the report and initial patch.
2013-09-11 15:28:04 +02:00
Keryn Knight 170f721367 Fixed #21056 -- AdminSite.app_index no longer blindly accepts any app-labelish input. 2013-09-11 08:48:32 -04:00
Tim Graham 7fe5b656c9 Prevented arbitrary file inclusion with {% ssi %} tag and relative paths.
Thanks Rainer Koirikivi for the report and draft patch.

This is a security fix; disclosure to follow shortly.
2013-09-10 21:02:48 -04:00
Tim Graham 8165c2cfd1 Improved deprecation warning for change in form boolean values.
refs #20684

Thanks jacob, jcd, and shai for the suggestions.
2013-09-10 14:24:34 -04:00
Tim Graham 4e96dac450 Fixed #19298 -- Added MultiValueField.__deepcopy__
Thanks nick.phillips at otago.ac.nz for the report.
2013-09-10 13:56:49 -04:00
e0ne 053de6131a Fixed #5749 -- Added field_name as a key in the _html_output dict
Thanks SmileyChris for the suggestion.
2013-09-10 13:00:10 -04:00
Juan Catalano 4840fd9cbc Fixed #20919 -- Extended assertRedirects to be able to avoid fetching redirect's response.
Thanks mjtamlyn for the suggestion.
2013-09-10 12:22:55 -04:00
Gregor MacGregor b2b763448f Fixed #20841 -- Added messages to NotImplementedErrors
Thanks joseph at vertstudios.com for the suggestion.
2013-09-10 11:09:59 -04:00
Loic Bistuer d59f1993f1 Made MigrationWriter look for a "deconstruct" attribute on functions.
Refs #20978.
2013-09-10 10:12:23 -04:00
Loic Bistuer 5df8f749e6 Fixed #20978 -- Made deletion.SET_NULL more friendly for MigrationWriter.serialize. 2013-09-10 10:12:23 -04:00
Tim Graham 4ba373840a Fixed #16534 -- Improved ability to customize DiscoverRunner
Added DiscoverRunner.test_suite and .test_runner attributes.

Thanks tomchristie for the suggestion and jcd for the patch.
2013-09-10 09:49:39 -04:00
Roberto Aguilar af67ce5e18 Fixed #4574 -- Added CSS classes to the admin calendar widget for better control over styling. 2013-09-10 08:07:17 -05:00
Tim Graham 2bc5143866 Fixed #7467 -- Added a template block to override the admin welcome message.
Thanks Jeff Kowalczyk for the suggestion and rctay for the patch.
2013-09-10 08:48:03 -04:00
John Hensley 30fc49a7ca Fixed #21057 -- Prevented FileSystemStorage from leaving temporary files. 2013-09-10 08:33:53 -04:00
e0ne f2a4452882 Fixed #18403 -- Initialized bad_cookies in SimpleCookie
Thanks Stefano Crosta for the report.
2013-09-10 08:26:54 -04:00
homm 7008ed61c5 Fixed #21033 -- Fixed uploaded filenames not always being truncated to 255 characters 2013-09-10 01:55:16 +02:00
Aymeric Augustin d9413d33b2 Refactored code and tests that relied on django.utils.tzinfo.
Refs #17262.
2013-09-09 22:32:52 +02:00
Aymeric Augustin ec2778b445 Fixed #17262 -- Refactored tzinfo implementations.
This commit deprecates django.utils.tzinfo in favor of the more recent
django.utils.timezone which was introduced when Django gained support
for time zones.
2013-09-09 22:32:51 +02:00
Kevin Christopher Henry 9d700322b3 Fixed #19885 -- cleaned up the django.test namespace
* override_settings may now be imported from django.test
* removed Approximate from django.test
* updated documentation for things importable from django.test

Thanks akaariai for the suggestion.
2013-09-09 16:03:13 -04:00
Josh Mize a52cc1c088 Fixed #21078 -- Handled additional bad Accept-Language header 2013-09-09 15:19:09 -04:00
Keryn Knight 0d74f9553c Fixed #21063 -- AdminSite app_index should be fail early if the user has no permissions. 2013-09-09 12:51:03 -04:00