Commit Graph

18501 Commits

Author SHA1 Message Date
Collin Anderson 0de89b6f8d
Refs #31223 -- Added __class_getitem__() to ForeignKey. 2022-04-22 14:13:12 +02:00
Mariusz Felisiak eeb0bb6379
Refs #27674 --- Deprecated django.contrib.gis.admin.OpenLayersWidget. 2022-04-22 11:36:27 +02:00
Adam Johnson 6f453cd298 Fixed #33509 -- Added "(no-op)" to sqlmigrate output for operations without SQL statement. 2022-04-21 12:25:16 +02:00
sarahboyce cd4da34fc1 Fixed #33004 -- Made saving objects with unsaved GenericForeignKey raise ValueError.
This aligns to the behaviour of OneToOneField and ForeignKey fields.

Thanks Jonny Park for the initial patch.
2022-04-21 10:12:28 +02:00
Aymeric Augustin 5dfa6fca96 Refactored out RedirectURLMixin.get_success_url().
This also adds a default implementation of get_default_redirect_url().
2022-04-20 10:04:29 +02:00
Aymeric Augustin 04bc2564b6 Simplified LogoutView.get_success_url().
This preserves the behavior of redirecting to the logout URL without
query string parameters when an insecure ?next=... parameter is given.

It changes the behavior of a POST to the logout URL, as shown by the
test that is changed. Currently, this results in a GET to the logout
URL. However, such GET requests are deprecated. This change would be
necessary in Django 5.0 anyway. This commit merely anticipates it.
2022-04-20 10:04:29 +02:00
Aymeric Augustin 5fcd9b8c33 Unified LoginView/LogoutView.get_default_redirect_url() methods.
This might change the behavior when self.next_page == "". However,
resolve_url(self.next_page) would almost certainly fail in that case.

It is technically possible to define a logout URLpattern whose name is
"": path('logout/', LogoutView.as_view(), name=''), and then to refer to
this pattern with next_page = "". However this feels like a pathological
case, so we decided not to handle it.

Most checks on next_page, LOGIN_REDIRECT_URL, and LOGOUT_REDIRECT_URL
are performed with boolean evaluation rather than comparison with None.
That's why we standardizing that way.
2022-04-20 10:04:29 +02:00
Aymeric Augustin 5b8699e723 Renamed LogoutView.get_next_page() to get_success_url().
This aligns it with LoginView. Also, it removes confusion with the
get_next_page() method of paginators. get_next_page() was a private
API, therefore this refactoring is allowed.
2022-04-20 10:04:29 +02:00
Aymeric Augustin 12576bd371 Refactored out RedirectURLMixin.get_redirect_url().
This also renames SuccessURLAllowedHostsMixin to RedirectURLMixin.

This doesn't change the behavior of LogoutView.get_next_page() because
next_page == "" implies url_is_safe == False before the refactoring.
2022-04-20 10:04:29 +02:00
Andrey Otto 420d13edee
Fixed #33654 -- Added localdate to utils.timezone.__all__. 2022-04-20 09:59:48 +02:00
Carlton Gibson bf7c51a5f4 Fixed #33639 -- Enabled cached template loader in development. 2022-04-19 12:13:27 +02:00
Mariusz Felisiak f4f2afeb45
Refs #32226 -- Fixed JSON format of QuerySet.explain() on PostgreSQL when format is uppercased.
Follow up to aba9c2de66.
2022-04-19 08:24:24 +02:00
Aymeric Augustin 903702dfb1 Removed unnecessary default argument from GET.get() call in LoginView.get_redirect_url().
The default argument is unnecessary because
url_has_allowed_host_and_scheme() returns False when its first argument
is "" or None, so get_redirect_url() still returns "".

This also aligns LoginView.get_redirect_url() and LogoutView.get_next_page().
2022-04-19 06:25:38 +02:00
Aymeric Augustin 5591a72571
Fixed #33648 -- Prevented extra redirect in LogoutView on invalid next page when LOGOUT_REDIRECT_URL is set. 2022-04-18 16:33:10 +02:00
Mariusz Felisiak 331a460f8f Fixed DatabaseFeatures.uses_savepoints/can_release_savepoints and related tests with MyISAM storage engine. 2022-04-18 07:05:52 +02:00
Scott e12670016b
Fixed #33643 -- Fixed inspectdb crash on functional unique constraints on Oracle. 2022-04-16 15:29:51 +02:00
Alexandru Mărășteanu a1e4e86f92
Fixed #33607 -- Made PostgresIndex.create_sql() respect the "using" argument. 2022-04-15 22:00:28 +02:00
mgaligniana c72f6f36c1 Fixed #11803 -- Allowed admin select widgets to display new related objects.
Adjusted admin javascript to add newly created related objects to
already loaded select widgets.

In this version, applies only where limit_choices_to is not set.
2022-04-15 07:46:37 +02:00
Claude Paroz 08f30d1b6a
Fixed #33637 -- Improved initial zoom level in MapWidget. 2022-04-14 11:50:31 +02:00
Mariusz Felisiak a0bd006306
Made select_for_update() don't raise TransactionManagementError on databases that don't support transactions. 2022-04-14 07:53:15 +02:00
Tim Graham db83ac48d4 Expanded QuerySet.explain() error message if a backend supports no formats. 2022-04-14 06:46:42 +02:00
Tim Graham a32876606f Removed unneeded code in explain_query_prefix() 2022-04-14 06:46:42 +02:00
Florian Apolloner 2eea361eff Fixed #30511 -- Used identity columns instead of serials on PostgreSQL. 2022-04-13 21:51:51 +02:00
Mariusz Felisiak fdfb3086fc Fixed DatabaseFeatures.supports_index_column_ordering and related tests with MyISAM storage engine. 2022-04-13 11:56:24 +02:00
David Smith 856b528801
Removed unnecessary tuple call in SQLInsertCompiler. 2022-04-13 08:10:52 +02:00
Mariusz Felisiak 24f442b91d
Fixed DatabaseFeatures.supports_expression_indexes on MySQL with MyISAM. 2022-04-12 12:26:51 +02:00
mgaligniana 0ad5316f22 Fixed #24296 -- Made QuerySet.exists() clear selected columns for not sliced distinct querysets. 2022-04-12 08:18:22 +02:00
Himanshu-Balasamanta 06ebaa9e28 Fixed #33626 -- Cleared cache when unregistering a lookup. 2022-04-12 06:24:02 +02:00
Mateo Radman 884b4c27f5 Fixed #32604 -- Made file upload respect group id when uploading to a temporary file. 2022-04-11 13:32:27 +02:00
Mariusz Felisiak b8759093d8
Removed DatabaseFeatures.validates_explain_options.
Always True since 6723a26e59.
2022-04-11 12:58:01 +02:00
Mariusz Felisiak 6723a26e59 Fixed CVE-2022-28347 -- Protected QuerySet.explain(**options) against SQL injection on PostgreSQL. 2022-04-11 08:59:58 +02:00
Mariusz Felisiak 93cae5cb2f Fixed CVE-2022-28346 -- Protected QuerySet.annotate(), aggregate(), and extra() against SQL injection in column aliases.
Thanks Splunk team: Preston Elder, Jacob Davis, Jacob Moore,
Matt Hanson, David Briggs, and a security researcher: Danylo Dmytriiev
(DDV_UA) for the report.
2022-04-11 08:59:33 +02:00
Manel Clos 62739b6e26 Fixed #33628 -- Ignored directories with empty names in autoreloader check for template changes.
Regression in 68357b2ca9.
2022-04-11 07:37:30 +02:00
Simon Charette 0b31e02487 Fixed #33618 -- Fixed MTI updates outside of primary key chain. 2022-04-07 07:54:56 +02:00
Carlton Gibson 9ffd4eae2c
Fixed #33611 -- Allowed View subclasses to define async method handlers. 2022-04-07 07:05:59 +02:00
sarahboyce 65effbdb10 Fixed #33471 -- Made AlterField operation a noop when changing "choices".
This also allows customizing attributes of fields that don't affect
a column definition.
2022-04-06 13:05:57 +02:00
David Smith 6991880109 Refs #31617 -- Added an id for helptext in admin forms. 2022-04-06 12:42:43 +02:00
Baptiste Mispelon 50e1e7ef8e Fixed #33348 -- Changed SimpleTestCase.assertFormError()/assertFormsetErrors() to take form/formset.
Instead of taking a response object and a context name for
the form/formset, the two methods now take the object directly.
2022-04-06 07:58:52 +02:00
Brian Helba 2d5215c675 Fixed #33605 -- Fixed migration crash when altering RegexValidator to pre-compiled regular expression. 2022-04-04 07:38:15 +02:00
Lucidiot 13a9cde133 Fixed #33613 -- Made createsuperuser detect uniqueness of USERNAME_FIELD when using Meta.constraints. 2022-04-01 11:39:41 +02:00
Luke Plant 40b8a6174f Fixed #33397 -- Corrected resolving output_field for DateField/DateTimeField/TimeField/DurationFields.
This includes refactoring of CombinedExpression._resolve_output_field()
so it no longer uses the behavior inherited from Expression of guessing
same output type if argument types match, and instead we explicitly
define the output type of all supported operations.

This also makes nonsensical operations involving dates
(e.g. date + date) raise a FieldError, and adds support for
automatically inferring output_field for cases such as:
* date - date
* date + duration
* date - duration
* time + duration
* time - time
2022-03-31 11:05:23 +02:00
Luke Plant 1efea11808 Refs #33397 -- Added register_combinable_fields(). 2022-03-31 11:02:46 +02:00
Mariusz Felisiak d7eb500338 Removed unnecessary Query.get_loaded_field_names_cb() and Query.deferred_to_data()'s callback argument. 2022-03-31 10:54:59 +02:00
Mariusz Felisiak 0a3c6fe6b2 Refs #24020 -- Removed redundant Query.get_loaded_field_names().
get_loaded_field_names() is no longer called in multiple places
(see 0c7633178f) and it's redundant
with SQLCompiler.deferred_to_columns().
2022-03-31 10:54:59 +02:00
Mariusz Felisiak 0db0a25d84
Updated select_related_descend() comment.
Outdated since 0c7633178f.
2022-03-31 08:50:25 +02:00
David c8459708a7 Refs #32339 -- Added use_fieldset to Widget. 2022-03-30 16:28:14 +02:00
Mariusz Felisiak fac662f479
Fixed #33598 -- Reverted "Removed unnecessary reuse_with_filtered_relation argument from Query methods."
Thanks lind-marcus for the report.

This reverts commit 0c71e0f9cf.

Regression in 0c71e0f9cf.
2022-03-30 07:31:56 +02:00
Carlton Gibson 59ab3fd0e9 Refs #32365 -- Deprecated django.utils.timezone.utc. 2022-03-29 14:47:44 +02:00
Alokik Vijay baf9604ed8 Fixed #16406 -- Added ResolveMatch.captured_kwargs and extra_kwargs.
Thanks Florian Apolloner for the review and implementation idea.
2022-03-29 10:27:40 +02:00
Mariusz Felisiak 83c803f161
Updated Oracle docs links to Oracle 21c. 2022-03-29 09:41:57 +02:00
René Fleschenberg eb07b5be0c Fixed #15619 -- Deprecated log out via GET requests.
Thanks Florian Apolloner for the implementation idea.

Co-Authored-By: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2022-03-29 06:42:14 +02:00
adontz 2bee0b4328 Fixed #7497 -- Allowed overriding the order of apps and models in admin. 2022-03-25 10:33:44 +01:00
Mariusz Felisiak 94d8ed55fa
Refs #15619 -- Logged out with POST requests in admin. 2022-03-24 17:41:53 +01:00
Carlton Gibson bb61f0186d Refs #32365 -- Removed internal uses of utils.timezone.utc alias.
Remaining test case ensures that uses of the alias are mapped
canonically by the migration writer.
2022-03-24 06:29:50 +01:00
Thomas Schmidt 1cf60ce601 Fixed #33569 -- Added SECURE_PROXY_SSL_HEADER support for list of protocols in the header value. 2022-03-23 19:33:36 +01:00
Carlton Gibson d46e158ee2 Refs #32365 -- Made migration writer use datetime.timezone.utc. 2022-03-23 12:43:43 +01:00
Gagaro 7325d29152 Refs #30581 -- Fixed DatabaseFeatures.bare_select_suffix on MySQL < 8 and MariaDB < 10.4. 2022-03-22 09:45:59 +01:00
Stefan Wehrmeyer 561761c660 Fixed #33592 -- Fixed "View on Site" links in custom admin site. 2022-03-21 10:07:32 +01:00
François Granade 4b8e4f5060 Fixed #33582 -- Fixed deserializing natural keys with foreing key dependencies in a multiple database setup. 2022-03-18 20:57:08 +01:00
David Smith ba298a32b3 Refs #31169 -- Prevented infinite loop in parallel tests with custom test runner when using spawn.
Regression in 3b3f38b3b0.

Co-Authored-By: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2022-03-17 10:20:13 +01:00
Florian Apolloner 4f92cf87b0 Prevented initialization of unused database connections. 2022-03-17 07:40:57 +01:00
Florian Apolloner 13378ad952 Moved ensure_defaults() and prepare_test_settings() logic to ConnectionHandler.configure_settings(). 2022-03-17 07:36:34 +01:00
Florian Apolloner 58ad9a99a7 Removed usage of django.db.utils.ConnectionHandler.databases. 2022-03-17 07:36:34 +01:00
Gagaro 4bd494db42 Made BaseConstraint importable from django.db.models. 2022-03-16 16:21:10 +01:00
jochemfranken 5f9ad17201
Fixed #33580 -- Fixed crash when checking support for terminal colors on Wine.
Regression in f1585c54d0.
2022-03-16 16:16:10 +01:00
Gagaro 1ea7e3157d Used sets for field names for exclusion.
They are used only for containment checks.
2022-03-16 11:05:09 +01:00
Gagaro bf524d229f Refs #30581 -- Allowed sql.Query to be used without model. 2022-03-16 09:33:16 +01:00
Mariusz Felisiak 970f5bf503
Fixed #33577 -- Confirmed support for GDAL 3.4. 2022-03-16 09:07:01 +01:00
David Smith 3b3f38b3b0 Fixed #31169 -- Adapted the parallel test runner to use spawn.
Co-authored-by: Valz <ahmadahussein0@gmail.com>
Co-authored-by: Nick Pope <nick@nickpope.me.uk>
2022-03-15 16:23:55 +01:00
Mariusz Felisiak 3eaba13a47
Removed unnecessary _connector from Q construction in get_for_models().
Q._connector defaults to Q.AND.

Follow up to 859a87d873.
2022-03-15 16:13:28 +01:00
Mariusz Felisiak be80aa55ec
Removed outdated handling of length parameter to If-Modified-Since header.
The length parameter is not described in RFC-7232 and it's against
HTTP/1.0 and HTTP/1.1 specifications. It was an old and unofficial
extension set by some ancient versions of IE.
2022-03-15 13:07:44 +01:00
Sage Abdullah a88fab1bca Fixed #33552 -- Fixed JSONField has key lookups with numeric keys on MariaDB, MySQL, Oracle, and SQLite. 2022-03-15 06:37:35 +01:00
Biel Frontera 859a87d873 Fixed #31357 -- Fixed get_for_models() crash for stale content types when model with the same name exists in another app. 2022-03-14 12:52:26 +01:00
Adam Johnson 8f7cda0831
Fixed #33572 -- Implemented CreateModel/AlterModelManagers reduction. 2022-03-11 07:03:51 +01:00
Collin Anderson 71017a68a6
Fixed #33571 -- Fixed static serving views crash when If-Modified-Since is empty.
Regression in d6aff369ad.
2022-03-11 06:19:01 +01:00
Adrian Torres d90e34c61b Fixed #33561 -- Allowed synchronization of user attributes in RemoteUserBackend. 2022-03-10 12:57:19 +01:00
Claude Paroz 93803a1b5f Fixed #33567 -- Avoided setting default text/html content type on responses. 2022-03-09 14:50:52 +01:00
Adam Johnson a8c15481f4 Rewrote some references to "master".
Following d9a266d657.
2022-03-08 14:50:06 +01:00
Mariusz Felisiak d4fd31684a
Refs #33173 -- Used locale.getlocale() instead of getdefaultlocale().
locale.getdefaultlocale() was deprecated in Python 3.11, see
https://bugs.python.org/issue46659.
2022-03-08 13:17:05 +01:00
Hameed Gifford 58d357fc65
Fixed #33563 -- Fixed contenttype reverse data migration crash with a multiple databases setup. 2022-03-08 06:22:03 +01:00
Luke Plant f3bf6c4218 Refs #33562 -- Made HttpResponse.set_cookie() raise ValueError when both "expires" and "max_age" are passed.
This fixes the case where you might pass set_cookie(expires=val, max_age=val)
and max_age is silently ignored.
2022-03-07 08:04:18 +01:00
Luke Plant ae2da5ba65 Fixed #33562 -- Made HttpResponse.set_cookie() support timedelta for the max_age argument. 2022-03-07 07:57:14 +01:00
Ryan Heard c6b4d62fa2 Fixed #29865 -- Added logical XOR support for Q() and querysets. 2022-03-04 12:55:37 +01:00
Mariusz Felisiak 795da6306a
Refs #31169 -- Prevented infinite loop in tests on failures.
Regression in ae91ecf6a1.
2022-03-04 11:21:05 +01:00
Adam Johnson b811364421 Refs #33446 -- Allowed variable whitespace in CSS source map references.
Follow up to dc8bb35e39.

The Webpack default is to output CSS source map comments like
`/*# sourceMappingURL=main.css.map*/`. Also, Chromium allows tabs.
2022-03-04 06:22:28 +01:00
Keryn Knight 24cc51f8fb Refs #27624 -- Optimized Query.clone() a bit. 2022-03-03 08:38:03 +01:00
Keryn Knight 6d5709ce7d Refs #27624 -- Optimized sql.Query creation by moving immutable/singleton attributes to class attributes. 2022-03-03 08:36:29 +01:00
Collin Anderson 5659015d3c
Optimized lazy wrappers a bit.
This avoids an extra __getattribute__() call for self._wrapped.
2022-03-03 06:19:11 +01:00
Keryn Knight 95b7d01d38 Refs #33546 -- Optimized handling content types in HttpResponseBase.__init__().
This removes an extraneous conditional causing "Content-Type" to be
checked within the ResponseHeaders twice, if a content_type parameter
is provided.
2022-03-02 20:23:39 +01:00
Keryn Knight 4b2f6ace57 Refs #33546 -- Optimized HttpResponseBase.charset a bit.
This avoids scanning the Content-Type if it's empty, allowing the
Content-Type header itself to have a charset assigned without using
the re module.
2022-03-02 20:23:39 +01:00
Keryn Knight 51f896fe25 Refs #33546 -- Optimized ResponseHeaders._convert_to_charset() by reducing the type-checking duplication.
In the common case, where keys and values are be encoded into
ascii/latin-1, defer the checking for newlines until it's been
successfully coerced to a string.

Co-authored-by: Nick Pope <nick@nickpope.me.uk>
2022-03-02 20:23:39 +01:00
Keryn Knight e0b197c63c Refs #33546 -- Avoided unpacking data in ResponseHeaders when not necessary. 2022-03-02 20:23:39 +01:00
Nick Pope d436554861 Fixed #33553 -- Used built-in math functions in SQLite 3.35+.
In SQLite 3.35+ some math functions are available built-in as long as
they are not disabled at compile time. We can introspect this and use
these built-in functions in preference to our slower implementations.
2022-03-02 10:10:48 +01:00
Mariusz Felisiak 445b075def
Fixed #33547 -- Fixed error when rendering invalid inlines with readonly fields in admin.
Regression in de95c82667.

Thanks David Glenck for the report.
2022-03-01 08:09:58 +01:00
Hrushikesh Vaidya 119f227aa6 Fixed #33524 -- Allowed overriding empty_label for ForeignKey in ModelAdmin.radio_fields. 2022-02-28 13:28:21 +01:00
Dulalet e0442a628e
Fixed #33527 -- Removed unnecessary code in ModelAdmin._changeform_view().
Co-authored-by: Daulet1 <d.abduali@thefactory.kz>
2022-02-26 18:07:56 +01:00
Alokik Vijay c1d168be0f
Fixed #33508 -- Fixed DatabaseFeatures.supports_index_column_ordering on MariaDB 10.8+. 2022-02-26 16:25:21 +01:00
Albert Defler 2b6a3baebe Fixed #31486 -- Deprecated passing unsaved objects to related filters.
Co-Authored-By: Hasan Ramezani <hasan.r67@gmail.com>
2022-02-25 07:51:37 +01:00
Shubh1815 11cc227344 Fixed #33267 -- Added link to related item to related widget wrapper in admin. 2022-02-25 06:33:05 +01:00
Anders Kaseorg 7f4fc5cbd4 Fixed #33539 -- Fixed spaces in WITH SQL for indexes on PostgreSQL. 2022-02-24 09:03:58 +01:00