Commit Graph

111 Commits

Author SHA1 Message Date
Florian Apolloner 0b79eb3691 Fixed CVE-2021-31542 -- Tightened path & file name sanitation in file uploads. 2021-05-04 08:44:42 +02:00
Sultan 6599608c4d
Fixed #32098 -- Made FieldFile use FileField.attname.
After a93425a37f FileDescriptor is a
subclass of DeferredAttribute and uses FileField.attname to access the
field data, so that custom subclasses can not only save data to files,
but also represent the same data with a different data type by
attaching FileFiled.name to a particular descriptor.

Follow up to a93425a37f.
2020-10-12 07:22:59 +02:00
Brian Helba 2d42e23b6d Fixed #31941 -- Corrected FileField.deconstruct() with a callable storage. 2020-09-02 11:06:18 +02:00
Matthias Kestenholz c1f8d87bb0 Fixed #31812 -- Fixed FileField.model for fields defined in abstract models.
Regression in a93425a37f.
2020-07-24 11:06:57 +02:00
alosultan a93425a37f Fixed #31701 -- Made FileDescriptor subclass DeferredAttribute. 2020-06-30 08:25:20 +02:00
Sultan 6b25d24a57
Fixed #31706 -- Removed unnecessary getattr() call in FileDescriptor.__get__().
refresh_from_db() loads fields values.
2020-06-15 07:26:49 +02:00
miigotu 210657b791 Fixed #28184 -- Allowed using a callable for FileField and ImageField storage. 2020-04-08 11:26:17 +02:00
Hasan Ramezani f600e3fad6 Fixed #21238 -- Fixed restoring attributes when pickling FileField and ImageField. 2020-01-09 09:37:59 +01:00
Claude Paroz d1c2e6dd04 Refs #28428 -- Made FileField.upload_to support pathlib.Path. 2019-08-18 20:34:58 +02:00
Ramiro Morales aed89adad5 Fixed #30367 -- Changed "pip install" to "python -m pip install" in docs, comments and hints. 2019-04-18 14:41:15 +02:00
Jon Dufresne 7e3bf2662b Removed default mode='r' argument from calls to open(). 2019-01-27 17:41:43 -05:00
Brett Cannon 64b74804c5 Fixed #29334 -- Updated pypi.python.org URLs to pypi.org. 2018-04-17 20:24:27 -04:00
Дилян Палаузов d7b2aa24f7 Fixed #28982 -- Simplified code with and/or. 2018-01-03 20:12:23 -05:00
Tim Graham acc8dd4142
Fixed #28984 -- Made assorted code simplifications. 2018-01-03 13:24:02 -05:00
Дилян Палаузов d79cf1e9e2 Fixed #28985 -- Removed unneeded None checks before hasattr(). 2018-01-03 11:37:06 -05:00
Nick Pope d13a9e44de Fixed #28909 -- Simplified code using tuple/list/set/dict unpacking. 2017-12-11 07:08:45 -05:00
Дилян Палаузов 87c76aa116 Fixed #28873 -- Used dict.setdefault() to set model and form field defaults. 2017-12-04 13:28:48 -05:00
Manatsawin Hanmongkolchai a0c07d77fc Fixed #28242 -- Moved ImageField file extension validation to the form field. 2017-06-01 10:13:23 -04:00
Ingo Klöcker c4536c4a54 Fixed #27777 -- Made File.open() work with the with statement (#8310)
Fixed #27777 -- Made File.open() work with the with statement
2017-04-07 14:21:06 +02:00
Claude Paroz 8346680e1c Refs #27795 -- Removed unneeded force_text calls
Thanks Tim Graham for the review.
2017-03-04 18:18:21 +01:00
Anton Samarchyan 60e52a047e Refs #27656 -- Updated django.db docstring verbs according to PEP 257. 2017-02-28 09:17:27 -05:00
Tim Graham d6e26e5b7c Removed obsolete references to form_for_instance(). 2017-02-28 07:37:25 -05:00
Claude Paroz c651331b34 Converted usage of ugettext* functions to their gettext* aliases
Thanks Tim Graham for the review.
2017-02-07 09:04:04 +01:00
Vytis Banaitis d1bab24e01 Refs #23919, #27778 -- Removed obsolete mentions of unicode. 2017-01-26 08:19:27 -05:00
chillaranand d6eaf7c018 Refs #23919 -- Replaced super(ClassName, self) with super(). 2017-01-25 12:23:46 -05:00
Claude Paroz 042b7350a0 Refs #23919 -- Removed unneeded str() calls 2017-01-20 14:13:55 +01:00
Claude Paroz dc8834cad4 Refs #23919 -- Removed unneeded force_str calls 2017-01-20 08:44:31 +01:00
Simon Charette cecc079168 Refs #23919 -- Stopped inheriting from object to define new style classes. 2017-01-19 08:39:46 +01:00
Aymeric Augustin eb422e476f Refs #23919 -- Removed obsolete __ne__() methods.
__ne__() defaults to the opposite of __eq__() on Python 3
when it doesn't return NotImplemented.
2017-01-18 21:44:00 -05:00
Claude Paroz 7b2f2e74ad Refs #23919 -- Removed six.<various>_types usage
Thanks Tim Graham and Simon Charette for the reviews.
2017-01-18 20:18:46 +01:00
Tim Graham 0dfc5479a8 Refs #26058 -- Removed deprecated FileField.get_directory_name()/get_filename(). 2017-01-17 20:52:04 -05:00
Lex Berezhny 1a9bd75bfa Refs #27358 -- Fixed system check crash with an empty FileField.upload_to. 2016-11-30 10:07:42 -05:00
Henry Dang 7cddd8a02e Fixed #27358 -- Added a system check to prevent FileField's upload_to from starting with a slash.
Thanks Frank Bijlsma for the initial patch.
2016-11-29 16:12:24 -05:00
Michael Scott ec9ed07488 Fixed #27188 -- Allowed using unique=True with FileField.
Thanks Tim Graham for the initial patch.
2016-10-28 20:11:03 -04:00
Adam Chidlow f734e2d4b2 Fixed #27334 -- Allowed FileField to move rather than copy a file.
When a FileField is set to an instance of File that is not also an
instance of FieldFile, pre_save() passes that object as the contents to
Storage.save(). This allows the file to be moved rather than copied
to the upload destination.
2016-10-26 12:25:30 -04:00
Berker Peksag a02b5848ae Replaced property() usage with decorator in several places. 2016-08-25 20:06:22 -04:00
Chris Sinchok ac1975b18b Fixed #13809 -- Made FieldFile.open() respect its mode argument. 2016-08-09 12:53:18 -04:00
Tim Graham 7c33aa8a87 Fixed #26900 -- Fixed crash accessing deferred FileFields. 2016-07-16 08:22:24 -04:00
Berker Peksag 12b4280444 Fixed #21548 -- Added FileExtensionValidator and validate_image_file_extension. 2016-06-30 09:08:50 -04:00
Tim Graham 7def55c3f6 Reverted "Fixed #26398 -- Made FieldFile.open() respect its mode argument."
This reverts commit a52a531a8b due to
regressions described in refs #26772.
2016-06-17 21:04:02 -04:00
Claude Paroz 388bb5bd9a Fixed #22936 -- Obsoleted Field.get_prep_lookup()/get_db_prep_lookup()
Thanks Tim Graham for completing the initial patch.
2016-05-04 20:02:01 +02:00
Cristiano 914c72be2a Fixed #26058 -- Delegated os.path bits of FileField's filename generation to the Storage. 2016-04-30 17:22:40 -04:00
Tim Graham df8d8d4292 Fixed E128 flake8 warnings in django/. 2016-04-08 09:51:06 -04:00
Tim Graham 2cd2d18851 Fixed W503 flake8 warnings. 2016-04-04 17:14:26 -04:00
Alexey Kotlyarov a52a531a8b Fixed #26398 -- Made FieldFile.open() respect its mode argument. 2016-03-23 10:05:26 -04:00
Tim Graham f15f4b8bb6 Refs #26367 -- Removed obsolete _size cache on FieldField.
The _size attribute is used in File.size but FieldFile overrides it.
2016-03-17 10:25:17 -04:00
Tim Graham 004ba0f99e Removed unneeded hint=None/obj=None in system check messages. 2016-02-12 13:01:25 -05:00
Chris Lamb 77b8d8cb6d Discouraged use of /tmp with predictable names.
The use of predictable filenames in /tmp often leads to symlink attacks
so remove the most obvious use of them in the docs.
2015-12-24 09:54:33 -05:00
Attila Tovt 6f229048dd Fixed #25547 -- Made Model.refresh_from_db() update FileField's instance. 2015-12-05 17:23:13 -05:00
Tim Graham 0b5d32faca Fixed #25611 -- Standardized descriptor signatures. 2015-10-26 11:31:16 -04:00