Commit Graph

1311 Commits

Author SHA1 Message Date
Jacob Kaplan-Moss 6e748b5db4 Fixed #11457: tightened the security check for "next" redirects after logins.
The new behavior still disallows redirects to off-site URLs, but now allows
redirects of the form `/some/other/view?foo=http://...`.

Thanks to brutasse.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@12635 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-03-01 19:58:53 +00:00
Jacob Kaplan-Moss c8015052d9 Fixed #5786: relaxed the validation for usernames to allow more common characters '@', etc.
This is really just a stop-gap until we come up with a improved way of handling
disparate auth data, but it should help us stretch a bit more milage out of the
current system.

Thanks to alextreme, lbruno, and clayg.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@12634 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-03-01 19:49:05 +00:00
Karen Tracey d2dffd78e6 Fixed #11791: Put hidden input elements in the change list inside td elements so they're valid HTML. Thanks panni and mlavin.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12631 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-03-01 18:43:27 +00:00
Jannis Leidel e889b69dd2 Fixed #12966 - Force unicode of verbose labels in admin change messages.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12627 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-03-01 14:34:24 +00:00
Jannis Leidel 2dafe4ac3a Fixed #12903 - Added plural forms to a few strings in the admin actions template.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12626 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-03-01 14:34:07 +00:00
Luke Plant d7abb33e70 Fixed #12933 - AdminSite.admin_view disables @csrf_view_exempt
Thanks to philomat for report and patch.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@12619 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-02-27 21:08:30 +00:00
Karen Tracey 9fab1467c7 Removed more stray tabs in Python files.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12616 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-02-27 16:30:27 +00:00
Russell Keith-Magee 41c30f2fb8 Fixed #12981 -- Removed some stray tabs. Thanks to loewis for the report.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12614 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-02-27 05:38:17 +00:00
Russell Keith-Magee e12b3199d0 Fixed #6191, #11296 -- Modified the admin deletion confirmation page to use the same object collection scheme as the actual deletion. This ensures that all objects that may be deleted are actually deleted, and that cyclic display problems are avoided. Thanks to carljm for the patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12598 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-02-26 13:17:43 +00:00
Justin Bronn dc1ad69f30 Fixed #11353 -- `GeometryProxy` descriptor no longer chokes when accessed from a class rather than an instance, thanks yml and Tobu; removed unnecessary imports from `types` and cleaned up whitespace.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12584 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-02-24 21:20:02 +00:00
Joseph Kocherhans 3f443363f9 Fixed #11681. Fixed display of non_field_errors and non_form_errors in the admin. Thanks, nessita.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12541 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-02-23 18:56:00 +00:00
Joseph Kocherhans f2d5582c53 Fixed #12561. InlineAdmin now respects can_delete=False. Thanks, nessita.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12533 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-02-23 17:14:50 +00:00
Joseph Kocherhans 7aeb37d610 Fixed #12707. Admin action messages are no longer displayed when submitting list_editable content. Thanks, copelco.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12525 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-02-23 14:48:15 +00:00
Russell Keith-Magee 6b2f125b80 Fixed #12729 -- Replaced a hard-coded SQL statement with an ORM query so that the contrib.auth ModelBackend will work on a routed multi-db setup. Thanks to dhageman for the report.
Historical note: The SQL that was removed predates Django being open sourced.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@12509 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-02-23 12:02:41 +00:00
Justin Bronn 1d5165e3be Fixed #12776 -- `User.get_profile` now raises `SiteProfileNotAvailable` instead of `AttributeError` in certain circumstances. Thanks, Bruno Renié.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12506 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-02-23 05:52:37 +00:00
Joseph Kocherhans a3e2ddde65 Fixed #12570. Removed unused fields from GenericForeignKey. Thanks, specialunderwear.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12492 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-02-22 15:48:19 +00:00
Russell Keith-Magee eb67e449dd Fixed #12864 -- Corrected handling of new user creation when a multi-database router is in place. Thanks to haris@dubizzle.com for the report.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12488 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-02-22 13:09:02 +00:00
Justin Bronn a9b2ac25d1 Fixed #9147 -- Added `FormPreview.process_preview` customization hook. Thanks, bthomas and thalin.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12486 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-02-22 05:00:36 +00:00
Jannis Leidel 67d4289c2e Fixed #12066 - Moved auth context processor from core to the auth app. Thanks, Rob Hudson.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12466 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-02-21 23:40:47 +00:00
Justin Bronn eaa17e13e8 Fixed #12705 -- Date/time and select filter widgets now work again with newly added inline forms in the admin.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12454 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-02-17 18:54:02 +00:00
Russell Keith-Magee b794441951 Fixed #10976 -- Isolated contrib.auth tests so they will always pass, regardless of any local templates. Thanks to aarond10 for the report, and SmileyChris for turning that into a patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12420 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-02-13 12:02:11 +00:00
Luke Plant 4bff194633 Fixed #12804 - regression with decorating admin views.
This is a BACKWARDS INCOMPATIBLE change, because it removes the flawed
'auto_adapt_to_methods' decorator, and replaces it with 'method_decorator'
which must be applied manually when necessary, as described in the 1.2
release notes.

For users of 1.1 and 1.0, this affects the decorators:

 * login_required
 * permission_required
 * user_passes_test

For those following trunk, this also affects:

 * csrf_protect
 * anything created with decorator_from_middleware 

If a decorator does not depend on the signature of the function it is
supposed to decorate (for example if it only does post-processing of the
result), it will not be affected.
 



git-svn-id: http://code.djangoproject.com/svn/django/trunk@12399 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-02-09 15:02:39 +00:00
Jannis Leidel edb6d753a8 Fixed #12716 - Typo in the admin change list template. Thanks, kbrownlees.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12398 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-02-07 15:55:40 +00:00
Jannis Leidel fdb9f83253 Fixed #12748 - Use charAt instead of array-like access to format string to please IE. Thanks, yedpodtrzitko.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12397 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-02-07 14:42:16 +00:00
Jannis Leidel f5ee28931d Fixed #12793 - Only use the admin actions JavaScript if not explicitly deactivated with 'actions = None' in the ModelAdmin. Thanks, Florian Apolloner.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12396 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-02-07 14:41:43 +00:00
Luke Plant def34da85c Fixed #12358 - csrf_token template tag does not work with flatpages.
Thanks to phretor for the report.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@12381 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-02-04 21:47:19 +00:00
Jannis Leidel 5dad2350f7 Use a closure for embedding the admin actions JavaScript and updated the minified versions a little bit.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12372 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-02-01 14:16:44 +00:00
Jannis Leidel 816fced5d7 Being a good citizen, adding the jQuery license and a command line script to easily minify the jQuery based scripts.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12371 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-02-01 14:16:01 +00:00
Jannis Leidel f839736c60 Fixed #12695 - Force Firefox to not autocomplete input fields that are critical to the dynamic admin inlines.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12370 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-02-01 14:15:27 +00:00
Jannis Leidel 9555f2be9d Fixed #12692 - Properly handle the extra clause of admin inline formsets. Also fixes #12703, second error.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12369 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-02-01 14:14:56 +00:00
Jannis Leidel f70a0882a3 Fixed #12700 - Take read-only fields into account when rendering the empty form for dynamic inlines.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12368 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-02-01 14:13:47 +00:00
Jannis Leidel be90eadfb9 Fixed #12628 - Don't ignore read-only fields in GenericInlineModelAdmin during save. Thanks, Alex Gaynor.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12367 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-02-01 14:13:21 +00:00
Jannis Leidel 267346678d Fixed #12654 - Correctly display ForeignKey fields in read-only scenarios. Thanks, minmax.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12366 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-02-01 14:12:56 +00:00
Jannis Leidel 6c36e1034a Fixed #12726 - Prevent listing media twice in admin's change list. Thanks, jedie.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12365 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-02-01 14:12:24 +00:00
Justin Bronn 0741fb6507 Fixed geographic feed test failure due to `Rss201rev2Feed` additions in r12338.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12357 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-01-29 18:07:49 +00:00
Justin Bronn 901b60e7e1 Now look for `DatabaseError` during PostGIS backend initialization, as it is now raised instead of a `ProgrammingError` after changes in r12352.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12354 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-01-29 17:58:55 +00:00
Russell Keith-Magee 47acb1d659 Fixed #6273 -- Added a 'changepassword' management command. Thanks to Ludvig Ericson and Justin Lilly for their work on this patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12351 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-01-29 08:10:29 +00:00
Justin Bronn 72c39410c8 Renamed `reverse` to `reverse_geom` because of clash with existing `QuerySet` method; added `GeoQuerySet.geohash` support for producing GeoHash reprsentations.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12350 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-01-29 02:46:07 +00:00
Justin Bronn 5b21033847 Added `reverse` and `force_rhr` methods to `GeoQuerySet`. Refs #12416.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12349 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-01-29 02:20:58 +00:00
Russell Keith-Magee c4c27d8a04 Fixed #6188, #6304, #6618, #6969, #8758, #8989, #10334, #11069, #11973 and #12403 -- Modified the syndication framework to use class-based views. Thanks to Ben Firshman for his work on this patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12338 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-01-28 13:46:18 +00:00
Russell Keith-Magee 3f68d255e2 Fixed #12600 -- Added some extra search paths for comment preview templates, allowing for naming parity with other templates in comments and admin. Thanks to hvdklauw for the report.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12337 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-01-28 11:30:29 +00:00
Luke Plant 8daec78cfd Fixed #12557 - AnonymousUser should check auth backends for permissions
Thanks to hvdklauw for the idea and work on the patch.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@12316 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-01-28 01:47:23 +00:00
Justin Bronn ff6b44980a `GeoQuerySet.distance` now allows calculations to/from non-point geodetic geometry fields as allowed on PostGIS 1.5.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12312 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-01-27 23:09:46 +00:00
Justin Bronn 9a8449afe1 Fixed #12605 -- Removed redundant import of `ImproperlyConfigured`. Thanks, tmcw.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12310 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-01-27 18:55:36 +00:00
Justin Bronn 14acace029 Fixed #12706 -- Forgot to pass `using` kwarg in parent class initialization of `GeoQuerySet`. Thanks, albsen.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12309 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-01-27 16:24:48 +00:00
Justin Bronn b0d218e9e2 `OGRGeometry` objects may now be pickled.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12303 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-01-27 03:47:37 +00:00
Justin Bronn 25f47bbbb6 Applied DRY and centralized geometry input regular expressions; `OGRGeometry` may now consume and output EWKT.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12302 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-01-27 03:32:30 +00:00
Justin Bronn f9f04a49e8 Got rid of Python 2.3 compatibility global, and thus `OGRGeomType` import wrapping with try/except no longer necessary.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12301 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-01-27 03:01:13 +00:00
Justin Bronn 474ce51ffd Fixed #12690 -- Fixed SQL template used for Oracle's with `SDO_RELATE` function, added `truncate_params` attribute to spatial backend, and re-enabled the `relate` lookup tests. Thanks, jtiai, for the bug report.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12300 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-01-26 17:32:11 +00:00
Jannis Leidel a260980f98 Ported collapsible admin fieldsets to jQuery. Thanks Rob Hudson.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12299 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-01-26 15:03:52 +00:00