innov
/
django1
1
0
Fork 0
Code Issues Pull Requests 1 Projects Releases Wiki Activity
30,960 Commits 25 Branches 361 Tags 501 MiB
Commit Graph

95 Commits

Author SHA1 Message Date
Mateo Radman 884b4c27f5 Fixed #32604 -- Made file upload respect group id when uploading to a temporary file. 2022-04-11 13:32:27 +02:00
Carlton Gibson bb61f0186d Refs #32365 -- Removed internal uses of utils.timezone.utc alias. 
Remaining test case ensures that uses of the alias are mapped
canonically by the migration writer.
 2022-03-24 06:29:50 +01:00
Mariusz Felisiak 7119f40c98 Refs #33476 -- Refactored code to strictly match 88 characters line length. 2022-02-07 20:37:05 +01:00
django-bot 9c19aff7c7 Refs #33476 -- Reformatted code with Black. 2022-02-07 20:37:05 +01:00
Florian Apolloner 6d343d01c5 Fixed CVE-2021-45452 -- Fixed potential path traversal in storage subsystem. 
Thanks to Dennis Brinkrolf for the report.
 2022-01-04 10:04:12 +01:00
David Smith 1024b5e74a Fixed 32956 -- Lowercased spelling of "web" and "web framework" where appropriate. 2021-07-29 06:24:12 +02:00
Chris Jerdonek 7272e1963f Fixed #32821 -- Updated os.scandir() uses to use a context manager. 2021-06-07 06:52:42 +02:00
Jacob Walls ec2727efef Fixed #28154 -- Prevented infinite loop in FileSystemStorage.save() when a broken symlink with the same name exists. 2021-06-02 12:20:22 +02:00
Nick Pope d06c5b3581 Fixed #32366 -- Updated datetime module usage to recommended approach. 
- Replaced datetime.utcnow() with datetime.now().
- Replaced datetime.utcfromtimestamp() with datetime.fromtimestamp().
- Replaced datetime.utctimetuple() with datetime.timetuple().
- Replaced calendar.timegm() and datetime.utctimetuple() with datetime.timestamp().
 2021-05-12 11:08:41 +02:00
Florian Apolloner 0b79eb3691 Fixed CVE-2021-31542 -- Tightened path & file name sanitation in file uploads. 2021-05-04 08:44:42 +02:00
Daniyal 474cc420bf Refs #32508 -- Raised Type/ValueError instead of using "assert" in django.core. 2021-03-19 08:04:37 +01:00
Mariusz Felisiak 8d7271578d Fixed CVE-2020-24583, #31921 -- Fixed permissions on intermediate-level static and storage directories on Python 3.7+. 
Thanks WhiteSage for the report.
 2020-09-01 09:17:23 +02:00
Hasan Ramezani 17752003a8 Refs #28428 -- Made FileSystemStorage.save() to support pathlib.Path. 2019-10-31 09:06:05 +01:00
yukihira1992 0545781764 Fixed #30736 -- Added Storage.get_alternative_name() to allow customization. 2019-08-30 11:32:19 +02:00
Jon Dufresne 290d8471bb Fixed #30147 -- Simplified directory creation with os.makedirs(..., exist_ok=True). 2019-01-31 12:53:36 -05:00
Jon Dufresne 7785e03ba8 Fixed #30137 -- Replaced OSError aliases with the canonical OSError. 
Used more specific errors (e.g. FileExistsError) as appropriate.
 2019-01-28 11:15:06 -05:00
Tim Graham 98ef3829e9 Fixed #29890 -- Fixed FileSystemStorage crash if concurrent saves try to create the same directory. 
Regression in 632c4ffd9c.
 2018-10-31 19:28:11 -04:00
Tim Graham 4268d275b8 Fixed #29857 -- Added get_storage_class to django.core.files.storage.__all__. 2018-10-17 09:03:51 -04:00
Jon Dufresne e90af8bad4 Capitalized "Python" in docs and comments. 2018-10-09 09:26:07 -04:00
Federico Bond a0ca4b5694 Fixed #29689 -- Improved performance of FileSystemStorage.listdir() and FilePathField with os.scandir(). 2018-08-20 17:58:00 -04:00
Jon Prindiville b4cba4ed62 Fixed #28144 -- Added FileSystemStorage.OS_OPEN_FLAGS to allow customization. 2018-06-29 15:51:59 -04:00
Tim Graham 2ec151e35d Fixed #29514 -- Reverted "Used datetime.timezone.utc instead of pytz.utc for better performance." 
This reverts commit 27ca5ce19f due to a
regression.
 2018-06-28 11:14:26 -04:00
Sergey Fedoseev 27ca5ce19f Used datetime.timezone.utc instead of pytz.utc for better performance. 2018-03-20 15:24:16 -04:00
Tim Graham 6e4c6281db Reverted "Fixed #27818 -- Replaced try/except/pass with contextlib.suppress()." 
This reverts commit 550cb3a365
because try/except performs better.
 2017-09-07 08:16:21 -04:00
Mads Jensen 550cb3a365 Fixed #27818 -- Replaced try/except/pass with contextlib.suppress(). 2017-06-28 14:07:55 -04:00
Claude Paroz 8346680e1c Refs #27795 -- Removed unneeded force_text calls 
Thanks Tim Graham for the review.
 2017-03-04 18:18:21 +01:00
chillaranand e4025563ea Fixed #27836 -- Allowed FileSystemStorage.delete() to remove directories. 2017-02-24 16:02:33 -05:00
Anton Samarchyan 5a6f70b428 Refs #27656 -- Updated django.core docstring verbs according to PEP 257. 2017-02-21 11:58:42 -05:00
Tim Graham 632c4ffd9c Refs #23919 -- Replaced errno checking with PEP 3151 exceptions. 2017-01-25 10:13:08 -05:00
Tim Graham 4e729feaa6 Refs #23919 -- Removed django.utils._os.upath()/npath()/abspathu() usage. 
These functions do nothing on Python 3.
 2017-01-20 08:01:02 -05:00
Simon Charette cecc079168 Refs #23919 -- Stopped inheriting from object to define new style classes. 2017-01-19 08:39:46 +01:00
Claude Paroz 2b281cc35e Refs #23919 -- Removed most of remaining six usage 
Thanks Tim Graham for the review.
 2017-01-18 21:33:28 +01:00
Tim Graham 2d7fb77987 Refs #23832 -- Removed deprecated non-timezone aware Storage API. 2017-01-17 20:52:03 -05:00
Ramin Farajpour Cami 967be82443 Fixed E305 flake8 warnings. 2016-11-14 12:30:46 -05:00
Tomas Pazderka b820b6108a Fixed #26896 -- Allowed a lazy base_url for FileSystemStorage. 2016-07-29 14:13:54 -04:00
Jon Dufresne 359be1c870 Fixed #26691 -- Removed checking for a file's existence before deleting. 
File operations always raise a ENOENT error when a file doesn't exist.
Checking the file exists before the operation adds a race condition
condition where the file could be removed between operations. As the
operation already raises an error on a missing file, avoid this race and
avoid checking the file exists twice. Instead only check a file exists
by catching the ENOENT error.
 2016-05-31 12:03:27 -04:00
Cristiano 914c72be2a Fixed #26058 -- Delegated os.path bits of FileField's filename generation to the Storage. 2016-04-30 17:22:40 -04:00
Maxim Novikov 4d1c229ee5 Fixed #26495 -- Added name arg to Storage.save()'s File wrapping. 2016-04-21 10:40:48 -04:00
rixx fdf5cd3429 Fixed #25905 -- Prevented leading slashes in urljoin() calls 
Leading slashes in the second urljoin argument will return exactly that

argument, breaking FileSystemStorage.url behavior if called with a

parameter with leading slashes.

Also added test cases for null bytes and None. Thanks to Markus for

help and review.
 2016-04-03 17:21:56 +02:00
James Aylett 1ff6e37de4 Fixed #23832 -- Added timezone aware Storage API. 
New Storage.get_{accessed,created,modified}_time() methods convert the
naive time from now-deprecated {accessed,created_modified}_time()
methods into aware objects in UTC if USE_TZ=True.
 2016-02-23 18:51:43 -05:00
Simon Charette 56c461a0d7 Fixed #26038 -- Changed FileSystemStorage defaults on setting change. 
Thanks to Dave Voutila for the report and Tim for the review.
 2016-01-07 12:04:39 -05:00
Tim Graham 1bb6ecf6d3 Refs #9893 -- Removed shims for lack of max_length support in file storage per deprecation timeline. 2015-09-23 19:31:10 -04:00
Tim Graham aaacaeb096 Renamed RemovedInDjangoXYWarnings for new roadmap. 
Forwardport of ae1d663b79
from stable/1.8.x plus more.
 2015-06-24 16:08:20 -04:00
Tim Graham 3872a33132 Fixed #24979 -- Removed usage of inspect.getargspec(). 2015-06-15 13:43:22 -04:00
Tim Graham 0ed7d15563 Sorted imports with isort; refs #23860. 2015-02-06 08:16:28 -05:00
Pavel Shpilev a7c256cb54 Fixed #9893 -- Allowed using a field's max_length in the Storage. 2015-01-12 09:09:18 -05:00
Carl Meyer bcb693ebd4 Revert "Fixed #23892 -- Made deconstructible classes forwards compatible" 
This reverts commit f36151ed16.

Adding kwargs to deconstructed objects does not achieve useful
forward-compatibility in general, since additional arguments are silently
dropped rather than having their intended effect. In fact, it can make the
failure more difficult to diagnose. Thanks Shai Berger for discussion.
 2014-11-22 22:29:23 -07:00
Carl Meyer f36151ed16 Fixed #23892 -- Made deconstructible classes forwards compatible 2014-11-22 14:30:14 -07:00
Aymeric Augustin 95b8323ac2 Removed import forgotten in previous commit. 2014-11-11 22:54:26 +01:00
Aymeric Augustin b8ba73cd0c Raised SuspiciousFileOperation in safe_join. 
Added a test for the condition safe_join is designed to prevent.

Previously, a generic ValueError was raised. It was impossible to tell
an intentional exception raised to implement safe_join's contract from
an unintentional exception caused by incorrect inputs or unexpected
conditions. That resulted in bizarre exception catching patterns, which
this patch removes.

Since safe_join is a private API and since the change is unlikely to
create security issues for users who use it anyway -- at worst, an
uncaught SuspiciousFileOperation exception will bubble up -- it isn't
documented.
 2014-11-11 19:05:14 +01:00