Commit Graph

569 Commits

Author SHA1 Message Date
Jacob Kaplan-Moss ae5247cb51 Added 1.5.1 release notes. 2013-03-28 15:03:19 -05:00
Donald Stufft 25f2acfed0 Fixed #20138 -- Added BCryptSHA256PasswordHasher
BCryptSHA256PasswordHasher pre-hashes the users password using
SHA256 to prevent the 72 byte truncation inherient in the BCrypt
algorithm.
2013-03-26 13:26:57 -04:00
Tim Graham 6073091b77 Fixed #20124 - Fixed doc warnings. 2013-03-24 13:49:31 -04:00
Aymeric Augustin e12aad2d57 Added changes missing from previous commit.
Sorry.
2013-03-24 14:30:04 +01:00
Aymeric Augustin e16c48e001 Fixed #15124 -- Changed the default for BooleanField.
Thanks to the many contributors who updated and improved the patch over
the life of this ticket.
2013-03-24 13:47:01 +01:00
Aymeric Augustin ae417dd4d5 Added release notes for 4b31a6a9.
Thanks Florian for reporting this omission.
2013-03-24 13:13:19 +01:00
Tim Graham 93cffc3b37 Added missing markup to docs. 2013-03-22 13:50:07 -04:00
Andrew Gorcester f9ab543720 Fixed #20084 -- Provided option to validate formset max_num on server.
This is provided as a new "validate_max" formset_factory option defaulting to
False, since the non-validating behavior of max_num is longstanding, and there
is certainly code relying on it. (In fact, even the Django admin relies on it
for the case where there are more existing inlines than the given max_num). It
may be that at some point we want to deprecate validate_max=False and
eventually remove the option, but this commit takes no steps in that direction.

This also fixes the DoS-prevention absolute_max enforcement so that it causes a
form validation error rather than an IndexError, and ensures that absolute_max
is always 1000 more than max_num, to prevent surprising changes in behavior
with max_num close to absolute_max.

Lastly, this commit fixes the previous inconsistency between a regular formset
and a model formset in the precedence of max_num and initial data. Previously
in a regular formset, if the provided initial data was longer than max_num, it
was truncated; in a model formset, all initial forms would be displayed
regardless of max_num. Now regular formsets are the same as model formsets; all
initial forms are displayed, even if more than max_num. (But if validate_max is
True, submitting these forms will result in a "too many forms" validation
error!) This combination of behaviors was chosen to keep the max_num validation
simple and consistent, and avoid silent data loss due to truncation of initial
data.

Thanks to Preston for discussion of the design choices.
2013-03-21 01:27:24 -07:00
Carny Cheng aaec4f2bd8 Fixed #18839 - Field.__init__() now calls super(). 2013-03-20 16:20:57 -07:00
Paul Collins 9a85ad89c2 Fixed #16319 -- added SuccessMessageMixin to contrib.messages
Thanks martinogden for the initial patch and d1ffuz0r for tests.
2013-03-19 21:02:55 -07:00
Aymeric Augustin 31b5275235 Fixed #13260 -- Quoted arguments interpolated in URLs in reverse. 2013-03-18 23:58:22 +01:00
Aymeric Augustin 6197935152 Fixed #19968 -- Dropped support for PostgreSQL < 8.4. 2013-03-18 21:16:29 +01:00
Aymeric Augustin 20a91cce04 Fixed #17037 -- Added a --all option to diffsettings. 2013-03-18 00:03:58 +01:00
Aymeric Augustin 912b5d2a6b Fixed #19697 -- Added a deployment checklist. 2013-03-17 19:21:36 +01:00
Aymeric Augustin 0555ef7c23 Added structure in the 1.6 release notes.
The backwards-incompatible changes section wasn't structured in sections
like it is in release notes for previous versions.
2013-03-17 11:05:41 +01:00
Marc Tamlyn d35ffcaaad Corrected typos in the 1.6 release notes 2013-03-15 12:50:15 +01:00
Aymeric Augustin 3f2befc931 Deprecated django.views.defaults.shortcut. 2013-03-14 20:30:23 +01:00
Anssi Kääriäinen 6b4834952d Fixed #16649 -- Refactored save_base logic
Model.save() will use UPDATE - if not updated - INSERT instead of
SELECT - if found UPDATE else INSERT. This should save a query when
updating, but will cost a little when inserting model with PK set.

Also fixed #17341 -- made sure .save() commits transactions only after
the whole model has been saved. This wasn't the case in model
inheritance situations.

The save_base implementation was refactored into multiple methods.
A typical chain for inherited save is:
save_base()
    _save_parents(self)
        for each parent:
            _save_parents(parent)
            _save_table(parent)
    _save_table(self)
2013-03-14 11:01:47 +02:00
Aymeric Augustin 5d8342f321 Proof-read and adjusted the transactions docs. 2013-03-13 15:17:41 +01:00
Jacob Kaplan-Moss 571b2d139b Deprecated django.contrib.comments. 2013-03-11 15:38:40 -05:00
Aymeric Augustin ac37ed21b3 Deprecated TransactionMiddleware and TRANSACTIONS_MANAGED.
Replaced them with per-database options, for proper multi-db support.

Also toned down the recommendation to tie transactions to HTTP requests.
Thanks Jeremy for sharing his experience.
2013-03-11 15:04:05 +01:00
Aymeric Augustin 7c46c8d5f2 Added some assertions to enforce the atomicity of atomic. 2013-03-11 14:48:55 +01:00
Aymeric Augustin 5e27debc5c Enabled database-level autocommit for all backends.
This is mostly a documentation change.

It has the same backwards-incompatibility consequences as those
described for PostgreSQL in a previous commit.
2013-03-11 14:48:54 +01:00
Aymeric Augustin 9cec689e6a Moved a warning in the 1.6 notes back to its expected location. 2013-03-11 12:04:29 +01:00
Claude Paroz e6f5b7eacd Fixed #9806 -- Allowed editing GeometryField with OpenLayersWidget
Thanks Paul Winkler for the initial patch.
2013-03-09 16:10:28 +01:00
Loic Bistuer 6983a1a540 Fixed #15363 -- Renamed and normalized to `get_queryset` the methods that return a QuerySet. 2013-03-08 10:11:45 -05:00
Alex Gaynor bbbd698c7a Added a ManyToManyField(db_constraint=False) option, this allows not creating constraints on the intermediary models. 2013-03-07 11:24:51 -08:00
Preston Holmes 0ea5bf88dd Fixed #19543 -- implemented SimpleLazyObject.__repr__
Thanks to Florian Hahn for the patch
2013-03-06 16:13:12 -08:00
Ramiro Morales b01381072a Release notes blurb for 804366327d. 2013-03-03 16:44:44 -03:00
Aymeric Augustin e0449316eb Fixed #18130 -- Made the isolation level configurable on PostgreSQL.
Thanks limscoder for the report and niwi for the draft patch.
2013-03-02 15:05:49 +01:00
Claude Paroz 8ee1eddb7e Add a BinaryField model field
Thanks Michael Jung, Charl Botha and Florian Apolloner for review
and help on the patch.
2013-03-02 10:29:02 +01:00
Aymeric Augustin 2ee21d9f0d Implemented persistent database connections.
Thanks Anssi Kääriäinen and Karen Tracey for their inputs.
2013-02-28 15:28:13 +01:00
Florian Apolloner 481f3f13b5 1.5 is no longer "UNDER DEVELOPMENT".
Thanks to Bruno Renie for reporting.
2013-02-28 11:11:26 +01:00
Aymeric Augustin 59a3520875 Refactored database exceptions wrapping.
Squashed commit of the following:

commit 2181d833ed1a2e422494738dcef311164c4e097e
Author: Aymeric Augustin <aymeric.augustin@m4x.org>
Date:   Wed Feb 27 14:28:39 2013 +0100

    Fixed #15901 -- Wrapped all PEP-249 exceptions.

commit 5476a5d93c19aa2f928c497d39ce6e33f52694e2
Author: Aymeric Augustin <aymeric.augustin@m4x.org>
Date:   Tue Feb 26 17:26:52 2013 +0100

    Added PEP 3134 exception chaining.

    Thanks Jacob Kaplan-Moss for the suggestion.

commit 9365fad0a650328002fb424457d675a273c95802
Author: Aymeric Augustin <aymeric.augustin@m4x.org>
Date:   Tue Feb 26 17:13:49 2013 +0100

    Improved API for wrapping database errors.

    Thanks Alex Gaynor for the proposal.

commit 1b463b765f2826f73a8d9266795cd5da4f8d5e9e
Author: Aymeric Augustin <aymeric.augustin@m4x.org>
Date:   Tue Feb 26 15:00:39 2013 +0100

    Removed redundant exception wrapping.

    This is now taken care of by the cursor wrapper.

commit 524bc7345a724bf526bdd2dd1bcf5ede67d6bb5c
Author: Aymeric Augustin <aymeric.augustin@m4x.org>
Date:   Tue Feb 26 14:55:10 2013 +0100

    Wrapped database exceptions in the base backend.

    This covers the most common PEP-249 APIs:
    - Connection APIs: close(), commit(), rollback(), cursor()
    - Cursor APIs: callproc(), close(), execute(), executemany(),
      fetchone(), fetchmany(), fetchall(), nextset().

    Fixed #19920.

commit a66746bb5f0839f35543222787fce3b6a0d0a3ea
Author: Aymeric Augustin <aymeric.augustin@m4x.org>
Date:   Tue Feb 26 14:53:34 2013 +0100

    Added a wrap_database_exception context manager and decorator.

    It re-throws backend-specific exceptions using Django's common wrappers.
2013-02-27 17:26:54 +01:00
Tim Graham 4ae9e83f2b Merge pull request #835 from vdboor/docfix
Fixed documentation typo (:mod: role in Syndication feed text)
2013-02-24 12:11:55 -08:00
Diederik van der Boor b7ba4fc408 Add column-<field_name> classes to the admin list
This simplifies CSS styling to set column widths.
2013-02-24 17:50:23 +01:00
Diederik van der Boor 6d8f59dab9 Fix documentation :mod: role in Syndication feed text. 2013-02-24 17:02:10 +01:00
Jacob Kaplan-Moss c35f2e67c1 Added a note about Feed.get_context_data to the 1.6 release notes. 2013-02-24 08:33:20 -06:00
Aymeric Augustin 7106a1e594 Merge pull request #819 from erikr/master
Fixed #16302 -- Ensured contrib.comments is IPv6 capable.
2013-02-24 05:02:00 -08:00
Erik Romijn ade992c61e Fixed #16302 -- Ensure contrib.comments is IPv6 capable
Changed the ip_address field for Comment to GenericIPAddressField. Added
instructions to the release notes on how to update the schema of existing
databases.
2013-02-24 13:58:38 +01:00
Bas Peschier 5a9b2bce24 Fixed #19810 -- MemcachedCache now uses pickle.HIGHEST_PROTOCOL 2013-02-24 13:56:15 +01:00
Vladimir A Filonov f49e9a517f Fixed #17906 - Autoescaping {% cycle %} and {% firstof %} templatetags.
This commit adds "future" version of these two tags with auto-escaping
enabled.
2013-02-23 16:16:39 +01:00
Claude Paroz 7ec2a21be1 Fixed #19686 -- Added HTML5 number input type
Thanks Simon Charette for his help on the patch. Refs #16630.
2013-02-23 10:18:08 +01:00
Claude Paroz 60fff6fc94 Documented jQuery upgrade
Refs #14571.
2013-02-22 22:02:53 +01:00
Alex Gaynor b55cde054e Added a db_constraint option to ForeignKeys.
This controls whether or not a database level cosntraint is created. This is useful in a few specialized circumstances, but in general should not be used!
2013-02-20 11:27:32 -08:00
Carl Meyer 8fbea5e188 Update 1.5 release notes for XML and formset fixes. 2013-02-19 11:23:30 -07:00
Carl Meyer d51fb74360 Added a new required ALLOWED_HOSTS setting for HTTP host header validation.
This is a security fix; disclosure and advisory coming shortly.
2013-02-19 11:23:29 -07:00
Simon Meers 9c2066d567 Corrected INSTALLED_APPS syntax in 1.5 release notes. 2013-02-18 00:33:29 +11:00
Aymeric Augustin e74e207cce Fixed #17260 -- Added time zone aware aggregation and lookups.
Thanks Carl Meyer for the review.

Squashed commit of the following:

commit 4f290bdb60
Author: Aymeric Augustin <aymeric.augustin@m4x.org>
Date:   Wed Feb 13 21:21:30 2013 +0100

    Used '0:00' instead of 'UTC' which doesn't always exist in Oracle.

    Thanks Ian Kelly for the suggestion.

commit 01b6366f3c
Author: Aymeric Augustin <aymeric.augustin@m4x.org>
Date:   Wed Feb 13 13:38:43 2013 +0100

    Made tzname a parameter of datetime_extract/trunc_sql.

    This is required to work around a bug in Oracle.

commit 924a144ef8
Author: Aymeric Augustin <aymeric.augustin@m4x.org>
Date:   Wed Feb 13 14:47:44 2013 +0100

    Added support for parameters in SELECT clauses.

commit b4351d2890
Author: Aymeric Augustin <aymeric.augustin@m4x.org>
Date:   Mon Feb 11 22:30:22 2013 +0100

    Documented backwards incompatibilities in the two previous commits.

commit 91ef84713c
Author: Aymeric Augustin <aymeric.augustin@m4x.org>
Date:   Mon Feb 11 09:42:31 2013 +0100

    Used QuerySet.datetimes for the admin's date_hierarchy.

commit 0d0de288a5
Author: Aymeric Augustin <aymeric.augustin@m4x.org>
Date:   Mon Feb 11 09:29:38 2013 +0100

    Used QuerySet.datetimes in date-based generic views.

commit 9c0859ff7c
Author: Aymeric Augustin <aymeric.augustin@m4x.org>
Date:   Sun Feb 10 21:43:25 2013 +0100

    Implemented QuerySet.datetimes on Oracle.

commit 68ab511a4f
Author: Aymeric Augustin <aymeric.augustin@m4x.org>
Date:   Sun Feb 10 21:43:14 2013 +0100

    Implemented QuerySet.datetimes on MySQL.

commit 22d52681d3
Author: Aymeric Augustin <aymeric.augustin@m4x.org>
Date:   Sun Feb 10 21:42:29 2013 +0100

    Implemented QuerySet.datetimes on SQLite.

commit f6800fd04c
Author: Aymeric Augustin <aymeric.augustin@m4x.org>
Date:   Sun Feb 10 21:43:03 2013 +0100

    Implemented QuerySet.datetimes on PostgreSQL.

commit 0c829c23f4
Author: Aymeric Augustin <aymeric.augustin@m4x.org>
Date:   Sun Feb 10 21:41:08 2013 +0100

    Added datetime-handling infrastructure in the ORM layers.

commit 104d82a777
Author: Aymeric Augustin <aymeric.augustin@m4x.org>
Date:   Mon Feb 11 10:05:55 2013 +0100

    Updated null_queries tests to avoid clashing with the __second lookup.

commit c01bbb3235
Author: Aymeric Augustin <aymeric.augustin@m4x.org>
Date:   Sun Feb 10 23:07:41 2013 +0100

    Updated tests of .dates().

    Replaced .dates() by .datetimes() for DateTimeFields.
    Replaced dates with datetimes in the expected output for DateFields.

commit 50fb7a5246
Author: Aymeric Augustin <aymeric.augustin@m4x.org>
Date:   Sun Feb 10 21:40:09 2013 +0100

    Updated and added tests for QuerySet.datetimes.

commit a8451a5004
Author: Aymeric Augustin <aymeric.augustin@m4x.org>
Date:   Sun Feb 10 22:34:46 2013 +0100

    Documented the new time lookups and updated the date lookups.

commit 29413eab2b
Author: Aymeric Augustin <aymeric.augustin@m4x.org>
Date:   Sun Feb 10 16:15:49 2013 +0100

    Documented QuerySet.datetimes and updated QuerySet.dates.
2013-02-16 09:19:04 +01:00
Hiroki Kiyohara e94f405d94 Fixed #18558 -- Added url property to HttpResponseRedirect*
Thanks coolRR for the report.
2013-02-13 10:29:32 +01:00