Russell Keith-Magee
b5b5ba6cd9
Fixed #10918 -- Ensure that the search widget on a raw_id_admin uses the right field name when the ForeignKey has a to_field definition. Thanks to David Cramer for the report, Collin Anderson for the fix, and Julien Phalip for the test.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15657 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-02-26 12:44:25 +00:00
Jacob Kaplan-Moss
174d8db57c
Prevented non-admin users from accessing the admin redirect shortcut.
...
If the admin shortcut view (e.g. /admin/r/<content-type>/<pk>/) is
publically-accessible, and if a public users can guess a content-type ID
(which isn't hard given that they're sequential), then the redirect view could
possibly leak data by redirecting to pages a user shouldn't "know about." So
the redirect view needs the same protection as the rest of the admin site.
Thanks to Jason Royes for pointing this out.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15639 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-02-24 13:34:51 +00:00
Ramiro Morales
4b13e76deb
Fixed #14012 (again) -- Admin app: Don't show the full user edition view after adding a user in a FK popup. Thanks dburke for reporting this regression introduced in r14628.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15637 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-02-24 01:00:57 +00:00
Ramiro Morales
52fc61e0cf
Fixed #14529 -- Fixed representation of model names in admin messages after model object changes when the ModelAdmin queryset() uses defer() or only(). Thanks rlaager for report and initial patch, to rasca an julien for help in tracking the problem.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15596 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-02-20 23:09:25 +00:00
Russell Keith-Magee
75a1aaa1f9
Fixed #11513 -- Ensure that the redirect at the end of an object change won't redirect to a page for which the user doesn't have permission. Thanks to rlaager for the report and draft patch, and to Julien Phalip for the final patch.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15584 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-02-19 14:05:07 +00:00
Russell Keith-Magee
fe3c9ad551
Fixed #14355 -- Ensure that help_text is displayed for readonly fields in the admin. Thanks to jester for the report, and to alexbmeng, subsume, wamberg and Julien Phalip for ther work on the patch.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15582 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-02-19 12:55:09 +00:00
Russell Keith-Magee
791ecb4be4
Fixed #13126 -- Ensured that individual form errors are displayed when errors occur on a list-editable changelist. Thanks to slafs for the report, and to Julien Phalip for the patch.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15580 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-02-19 11:48:42 +00:00
Ramiro Morales
d5042109b8
Corrected small error when preserving an I18N-related setting value in an admin views test setup.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15550 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-02-16 03:30:27 +00:00
Russell Keith-Magee
c2666c9a45
Ensure that L10N formats aren't cached between tests.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15461 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-02-09 00:09:54 +00:00
Russell Keith-Magee
4e7c2ba1d7
Cleaned up the tests from r15451 to avoid the need to retrieve a URL twice.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15453 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-02-08 12:20:18 +00:00
Russell Keith-Magee
74ffca17e2
Fixed #10573 -- Corrected autofocus problem in admin when the first widget displayed is a multiwidget. Thanks to rduffield for the report, and to Ramiro and Julien Phalip for the patch.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15452 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-02-08 12:00:21 +00:00
Russell Keith-Magee
a105ca5d7a
Fixed #15234 -- Ensure that years in a date heirarchy don't use commas for thousand separators, regardless of the value of USE_THOUSAND_SEPARATOR. Thanks to Julien Phalip for the report and patch.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15451 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-02-08 12:00:01 +00:00
Russell Keith-Magee
5582ad149c
Fixed #14895 -- Ensure that USE_THOUSAND_SEPARATOR doesn't break the delete confirmation page. Thanks to Tuttle for the report, and Julien Phalip for the patch.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15435 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-02-06 06:16:03 +00:00
Russell Keith-Magee
d44fb0557a
Fixed #14824 -- Corrected the handling of formats when USE_L10N is disabled. Thanks to nullie for the report and initial patch, and to idle for the separate report with helpful debug info.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15404 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-02-04 13:52:36 +00:00
Luke Plant
655d5afea9
Fixed #14880 - raw_id_fields in admin does not work when limit_choices_to dictionary has value=False
...
Thanks to smallming for the report.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15348 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-01-28 14:08:42 +00:00
Luke Plant
c24bdf044b
Fixed #15103 - SuspiciousOperation with limit_choices_to and raw_id_fields
...
Thanks to natrius for the report.
This patch also fixes some unicode bugs in affected code.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15347 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-01-28 14:08:25 +00:00
Carl Meyer
53dac996ef
Poured a little more perfectionism into the delete-confirmation templates.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15250 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-01-20 01:00:47 +00:00
Carl Meyer
93a4d46184
Fixed #14672 - Added admin handling for on_delete=PROTECT. Thanks to jtiai for the report.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15249 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-01-20 00:33:32 +00:00
Ramiro Morales
1c56af676d
Added tests demonstrating that filtering lookup expression that involve model with inheritance schemes aren't incorrectly blacklisted by the r15031 security fix. Refs. #15032 .
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15178 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-01-12 23:30:47 +00:00
Russell Keith-Magee
6bd8c14be9
Fixed #14999 -- Ensure that filters on local fields are allowed, and aren't caught as a security problem. Thanks to medhat for the report.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15139 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-01-03 13:56:31 +00:00
Ramiro Morales
0f783b7f4e
Fixed #2986 -- Made the JavaScript code that drives related model instance addition in a popup window handle a model representation containing new lines. Also, moved the escapejs functionality yoo django.utils.html so it can be used from Python code. Thanks andrewwatts for the patch.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15131 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-01-02 17:34:52 +00:00
Jannis Leidel
7a89d3d503
Fixed #11700 -- Stopped admin actions and list_editable fields to show up in popups. Thanks to Simon Meers for the initial patch.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15129 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-01-02 01:32:40 +00:00
Alex Gaynor
732198ed5c
Fix a security issue in the admin. Disclosure and new release forthcoming.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15031 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-12-23 03:44:38 +00:00
Jannis Leidel
2c2209b473
Fixed #13607 -- Auto-initialize admin's date hierarchy links intelligently. Thanks, Simon Meers.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14879 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-12-12 22:54:50 +00:00
Alex Gaynor
5bc0ec4ec4
Removed all usages of deprecated TestCase methods (self.fail*). This removed most of the Warnings emitted (with -Wall) during the test suite.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14803 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-12-04 07:28:12 +00:00
Jannis Leidel
cc64fb5c4b
Fixed #8342 -- Removed code from the admin that assumed that you can't login with an email address (nixed by r12634). Also refactored login code slightly to be DRY by using more of auth app's forms and views.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14769 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-12-02 00:44:35 +00:00
Honza Král
dc334a2ba8
Fixed #3400 -- Support for lookup separator with list_filter admin option. Thanks to DrMeers and vitek_pliska for the patch!
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14674 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-11-21 19:29:15 +00:00
Alex Gaynor
274aba3b9b
Fixed #11108 -- added ModelAdmin.delete_model, a hook with which to perform custom pre-post delete behavior. Thanks to Florian Apolloner for the patch.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14673 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-11-21 19:00:40 +00:00
Ramiro Morales
0e26f58dae
Corrected change in behavior regarding the page shown after the 'Save' button is pressed when adding a user through the admin.
...
It had been introduced in trunk (r13503) and between 1.2.1 and 1.2.2 (r13504). The original fix intended to correct a similar problem introduced between 1.1 and 1.2 (r12218) this time in the 'Save and add another' button.
We have now tests for the three buttons present in the Add User admin form to avoid future regressions.
Thanks to Juan Pedro Fisanotti and Cesar H. Roldan for their work.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14628 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-11-19 22:45:51 +00:00
Russell Keith-Magee
121d2e3678
Fixed #12991 -- Added unittest2 support. Thanks to PaulM for the draft patch, and to Luke, Karen, Justin, Alex, Łukasz Rekucki, and Chuck Harmston for their help testing and reviewing the final patch.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14139 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-10-11 12:55:17 +00:00
Ramiro Morales
d084439c41
Fixed #12650 -- Don't generate invalid XHTML in the admin, databrowse apps when
...
the i18n context processor is active. Thanks to Rob Hudson for the report and
fix suggestion.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14104 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-10-10 01:57:56 +00:00
Karen Tracey
506d559876
Adjust AdminDocTests to run after r13728. Also match comments to tests and add test that was there in comment form only.Refs #3695 .
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13737 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-09-11 00:02:33 +00:00
Malcolm Tredinnick
30610719d5
Adding related objects in the admin (via popup) respects user
...
permissions. Patch from SmileyChris. Fixed #1035 .
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13708 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-09-10 16:56:36 +00:00
Luke Plant
ef4b29a001
Fixed #13081 - Admin actions lose get-parameters in changelist view
...
Thanks to joh for report and to SmileyChris for patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13696 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-09-07 20:55:53 +00:00
Russell Keith-Magee
a352154e42
Fixed #14123 -- Made AdminDocs tests optional, based on the availability of docutils. Thanks to PaulM for the original report, and Łukasz Rekucki for narrowing down the cause.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13606 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-08-19 13:11:24 +00:00
Russell Keith-Magee
7e52bb2bc3
Fixed #13796 -- Ensure that builtin tags and filters are included in admin documentation views.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13588 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-08-14 13:41:56 +00:00
Russell Keith-Magee
cefee67b7d
Fixed #14014 -- Ensure that the "save and add another" button for users actually does what it says. Thanks to Ramiro for the report.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13503 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-08-06 16:08:40 +00:00
Russell Keith-Magee
2ab3b52d2a
Fixed #14012 -- Corrected the handling of the create user popup dialog in the admin. Thanks to gk@lka.hu for the report, and Ramiro Morales for the patch.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13501 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-08-06 14:58:05 +00:00
Russell Keith-Magee
21e84194b5
Fixed #13514 -- Corrected the process of loading multiple javascript translation catalogs. Thanks to jtiai for the report, to Ramiro Morales for working out the test case, and to Ramiro and Jannis for their help on the fix.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13250 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-05-13 13:29:31 +00:00
Jannis Leidel
cce32a9b09
Fixed #13166 - Added JavaScript warnings to admin changelist to help against ambiguity between action and list_editable form submission. Thanks to blinkylights and aaugustin for the report and initial patch.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13072 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-05-02 23:02:16 +00:00
Jannis Leidel
43bf086783
Fixed #13388 - Refined changes made in r12384 in the JavaScript i18n admin view.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13069 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-05-02 19:46:31 +00:00
Jannis Leidel
c3dbe9d509
Fixed #13361 - Made sure jQuery is always included in the admin changelist and changeform. Thanks to Carl Meyer for report and patch.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12997 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-04-19 10:16:25 +00:00
Jannis Leidel
31f7ff1518
Fixed #12903 - Made translating the admin action selection text easier. Thanks to Ramiro Morales for the patch.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12968 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-04-13 10:29:19 +00:00
Russell Keith-Magee
faceca7075
Fixed #13301 -- Corrected problem with capitalization of changelist row headers in admin. Thanks to emyller for the report.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12947 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-04-11 08:35:04 +00:00
Russell Keith-Magee
f4c76fb604
Fixed #13298 -- Modified test assertion to ensure that javascript variables aren't mistakenly identified as <input> HTML tags. Thanks to mk for the report and fix.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12946 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-04-11 06:58:33 +00:00
Russell Keith-Magee
90d112785b
Fixed #13038 -- Ensured that readonly fields in the admin have their name added as a CSS class. Thanks to andybak for the report, and javimansilla, fisadev and fgallina for their work on the patch.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12922 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-04-05 15:37:43 +00:00
Russell Keith-Magee
c421a4fd92
Fixed #11949 -- Added a hook to allow ModelAdmin customization of the delete selected template. Thanks to bendavis78 for the report and patch, and Ramiro Morales for his cleanup work.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12916 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-04-05 12:02:27 +00:00
Karen Tracey
f88c2f16e8
Fixed #13004 : Ensure the add page for a model with a ManyToManyField specified
...
in readonly_fields does not raise an exception. Thanks hejsan, mlavin, copelco.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12827 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-03-21 14:23:25 +00:00
Karen Tracey
4528f39886
Fixed #12962 : Made admin delete action work again. Thanks ptone, skevy, mlavin and anyone else I've missed.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12813 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-03-20 14:53:17 +00:00
Karen Tracey
883329ecb3
Fixed #12105 : Corrected handling of isnull=False lookups in admin. Thanks marcob, Travis Cline, gabrielhurley.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12795 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-03-16 19:01:40 +00:00