innov
/
django1
1
0
Fork 0
Code Issues Pull Requests 1 Projects Releases Wiki Activity
7,443 Commits 25 Branches 361 Tags 501 MiB
Commit Graph

506 Commits

Author SHA1 Message Date
Luke Plant 7230a995ce Moved contrib.csrf.* to core code. 
There is stub code for backwards compatiblity with Django 1.1 imports.

The documentation has been updated, but has been left in
docs/contrib/csrf.txt for now, in order to avoid dead links to
documentation on the website.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@11661 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-10-27 00:36:34 +00:00
Luke Plant 8e70cef9b6 Fixed #9977 - CsrfMiddleware gets template tag added, session dependency removed, and turned on by default. 
This is a large change to CSRF protection for Django.  It includes:

 * removing the dependency on the session framework.
 * deprecating CsrfResponseMiddleware, and replacing with a core template tag.
 * turning on CSRF protection by default by adding CsrfViewMiddleware to
   the default value of MIDDLEWARE_CLASSES.
 * protecting all contrib apps (whatever is in settings.py)
   using a decorator.

For existing users of the CSRF functionality, it should be a seamless update,
but please note that it includes DEPRECATION of features in Django 1.1,
and there are upgrade steps which are detailed in the docs.

Many thanks to 'Glenn' and 'bthomas', who did a lot of the thinking and work
on the patch, and to lots of other people including Simon Willison and
Russell Keith-Magee who refined the ideas.

Details of the rationale for these changes is found here:

http://code.djangoproject.com/wiki/CsrfProtection

As of this commit, the CSRF code is mainly in 'contrib'.  The code will be
moved to core in a separate commit, to make the changeset as readable as
possible.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@11660 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-10-26 23:23:07 +00:00
Luke Plant c44fdf6a1e Fixed #12067 - check_dependencies in contrib.admin.sites not triggered using new style admin include 
Thanks to robhudson for report and patch.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@11648 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-10-24 10:13:24 +00:00
Brian Rosner 0d1177ae99 Moved _get_foreign_key call after testing for fk_name fixing a broken test. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11643 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-10-23 20:47:29 +00:00
Brian Rosner cb7a3262b5 Moved the call to _get_foreign_key to run in all cases catching incorrect inline setup sooner. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11631 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-10-19 19:17:20 +00:00
Brian Rosner 5fc35c9caf Fixed #11709 — Pass inline fk_name attribute when grabbing foreign key to test for exclusion. Thanks yishaibeeri for the report. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11630 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-10-19 19:17:07 +00:00
Luke Plant 4decf03f9c Fixed #11502 - wrong escaping in admin. 
Thanks Tomasz Elendt.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@11497 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-09-11 09:42:17 +00:00
Luke Plant 84ef9dabfa Fixed #11061: Malformed POST request causes TypeError in AdminSite.login(). 
Thanks vvd


git-svn-id: http://code.djangoproject.com/svn/django/trunk@11493 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-09-10 16:50:57 +00:00
Luke Plant 18a67e1069 Fixed #11591: invalid HTML in tabular.html. 
Thanks rlaager(at)wiktel.com



git-svn-id: http://code.djangoproject.com/svn/django/trunk@11489 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-09-10 16:12:08 +00:00
Luke Plant 976b18a494 Fixed #11252: Invalid XHTML when filtering a paginated list. 
Thanks daemondazz


git-svn-id: http://code.djangoproject.com/svn/django/trunk@11486 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-09-10 15:36:33 +00:00
Karen Tracey eaf1f7d6e3 Fixed #11534: Improved wording for admin delete confirmation. Thanks hanksims and others who reported this. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11447 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-08-13 17:16:29 +00:00
Karen Tracey ab6d6896c4 Fixed #11471: Fixed typo in a comment in admin options.py. Thanks adamv. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11446 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-08-13 17:04:42 +00:00
Russell Keith-Magee 53d16b1175 Fixed #11532 -- Corrected the link used for edit_inline foreign keys in admin when the admin is deployed using the old style admin.root approach. Thanks to JP for the report. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11314 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-07-23 14:31:33 +00:00
Russell Keith-Magee 8d48eaa064 Fixed #10061 -- Added namespacing for named URLs - most importantly, for the admin site, where the absence of this facility was causing problems. Thanks to the many people who contributed to and helped review this patch. 
This change is backwards incompatible for anyone that is using the named URLs
introduced in [9739]. Any usage of the old admin_XXX names need to be modified
to use the new namespaced format; in many cases this will be as simple as a
search & replace for "admin_" -> "admin:". See the docs for more details on
the new URL names, and the namespace resolution strategy.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@11250 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-07-16 16:16:13 +00:00
Russell Keith-Magee e992e57d3e Fixed #11416 -- Restored use of the never_cache decorator on admin views. Thanks to Ramiro Morales and Michael Newmann for their work on the patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11229 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-07-13 13:46:31 +00:00
Russell Keith-Magee 708bc80ba6 Fixed #11271 -- Added a translation marker for the list_editable save button. Thanks to dc for the report. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10931 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-06-06 13:43:44 +00:00
Jacob Kaplan-Moss 3da3716252 Fixed #10348: ChangeList no longer overwrites a select_related provided by `ModelAdmin.queryset()`. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10782 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-05-14 15:09:33 +00:00
Malcolm Tredinnick fe971ec66f Changed r10668 to not falsely error out when using generic inlines. 
The bug was picked up by the tests already, but only if run against a
backend that supports referential integrity.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@10732 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-05-10 21:09:38 +00:00
Russell Keith-Magee 2c2871b7c3 Fixed #11042 -- Corrected admin inlines for inherited models. Thanks to jsmullyan for the report, and mir for helpful triage work. Patch includes regression test for #8093, and a commented out test for #10992. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10725 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-05-09 11:40:13 +00:00
Jacob Kaplan-Moss f7d01c49e9 Fixed #10651: fixed a javascript error on the admin user add form. Thanks, seanl. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10714 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-05-08 12:57:57 +00:00
Jacob Kaplan-Moss 23fa913676 Fixed #10448: correcting errors on "save as new" now correctly create a new object instead of modifying the old one. Thanks, bastih. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10713 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-05-08 12:53:14 +00:00
Jacob Kaplan-Moss eaf8ec54d2 Fixed #10997: fixed a Python 2.4-ism in admin actions. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10705 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-05-08 09:57:47 +00:00
Russell Keith-Magee ae7d9bfad2 Fixed #10899 -- Ensured that log messages for deletions in the admin contain useful descriptions. Thanks to Jeremy Dunck for the patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10686 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-05-07 13:10:59 +00:00
Russell Keith-Magee b5f0aff922 Fixed #10516 -- Corrected admin search when the search_fields definition contains multiple fields on the same base model. Thanks to Zain Memon for the patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10684 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-05-07 12:52:43 +00:00
Russell Keith-Magee e2d66e7d03 Fixed #10959 -- Changed the admin search button text to make it clearer in the UI, and to disambiguate during translation. Thanks to Ramiro Morales for the report and patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10678 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-05-05 22:26:01 +00:00
Russell Keith-Magee 31c833f113 Fixed #10897 -- Modified use of ngettext to ungettext in admin change messages. Thanks to zuber for the report and patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10677 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-05-05 22:25:35 +00:00
Russell Keith-Magee 9d28568cb4 Fixed #10275 -- Corrected the edge case of rendering a LogEntry with a contenttype of None. Thanks to Jarek Zgoda for the report, and Peter Bengtsson for the patch 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10675 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-05-05 11:52:03 +00:00
Russell Keith-Magee d7233e7c5a Fixed #9932 -- Added a validation error when an inline tries to exclude the foreign key that provides the link to the parent model. Thanks to david for the report and patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10668 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-05-03 13:39:33 +00:00
Russell Keith-Magee 80a54dd23b Fixed #9362 -- Prevented inline forms from overwriting the content_type_id attribute on objets being inlined. Thanks to carljm for the report and patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10667 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-05-03 13:38:36 +00:00
Russell Keith-Magee 2c24bba934 Fixed #8903 -- Corrected rendering of admin inline formsets (tabular and stacked) when the inline model has a custom non-autofield primary key. Thanks to dgouldin for the patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10666 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-05-03 13:37:20 +00:00
Jacob Kaplan-Moss d6829782d0 Now that formsets guarentee ordering (see [10623]) we can remove the arbitrary validation of this fact added as part of [10077]. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10628 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-04-22 22:45:23 +00:00
Jacob Kaplan-Moss 855a58f963 Fixed a needless list() coercion in in ChangeList. Refs #10163. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10624 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-04-22 22:16:32 +00:00
Jacob Kaplan-Moss 6c15b5db60 Fixed #10208: `ModelAdmin` now respects the `exclude` and `field` atributes of custom `ModelForm`s. Thanks, Alex Gaynor. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10619 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-04-22 15:48:51 +00:00
Malcolm Tredinnick 86b6db591c Fixed #9420 -- Fixed admin templates CSS. 
Removed some unconditional, invalid, IE-specific notations that were
protecting IE 5 users. IE 5 is sufficiently old, we don't really need to
do that and helping that small userbase at the expense of everybody else
was a slight priority inversion.

Patch from G2P and reviwed by Wilson Miner (who made the original
changes).

git-svn-id: http://code.djangoproject.com/svn/django/trunk@10598 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-04-19 03:06:29 +00:00
Malcolm Tredinnick 945b89e177 Fixed #10601 -- Fixed edit inline display in admin for right-to-left locales. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10524 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-04-11 13:45:45 +00:00
Malcolm Tredinnick 0d2cf7bdd6 Fixed #10783 -- Fixed Javascript error when adding a new object in admin. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10516 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-04-11 11:33:10 +00:00
Malcolm Tredinnick f4072f5be8 Fixed #10782 -- Fixed a Javascript error in the admin. 
Viewing an empty changelist page no longer attempts to attach event
listeners to an undefined object.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@10515 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-04-11 11:32:50 +00:00
Malcolm Tredinnick 3bd384aa62 Fixed #10645 -- Added some robustness around some admin and modelform params. 
Fieldset dictionary names, search fields and unique_together attribute
names all have to be convertible to strings (that has always been true).
If somebody passes in a unicode object, Python barfs because Django uses
those values as keyword argument names and function calls require
parameter names to be str objects. We now convert thing to strs
automatically.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@10510 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-04-11 07:41:59 +00:00
Jacob Kaplan-Moss f55f2b9d74 Fixed #10059: `ModelAdmin.formfield_for_dbfield` now handles custom `Field` subclasses. Thanks, Alex Gaynor. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10454 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-04-08 20:25:56 +00:00
Jacob Kaplan-Moss 6eaf154a2e Fixed #9341: add another on `ManyToManyField`s with `raw_id_admins` now works correctly. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10452 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-04-08 19:57:27 +00:00
Jacob Kaplan-Moss 7d1b4295b9 Fixed #9036: unified the permission checking in `AdminSite`, pushing it down to the `ModelAdmin` where it belongs. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10451 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-04-08 19:47:46 +00:00
Jacob Kaplan-Moss 8415c057fb Fixed #10423, a type on the `AdminSite.admin_view` docstring. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10410 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-04-06 21:11:10 +00:00
Jacob Kaplan-Moss bb15cee58a Made a bunch of improvements to admin actions. Be warned: this includes one minor but BACKWARDS-INCOMPATIBLE change. 
These changes are:

    * BACKWARDS-INCOMPATIBLE CHANGE: action functions and action methods now share the same signature: `(modeladmin, request, queryset)`. Actions defined as methods stay the same, but if you've defined an action as a standalone function you'll now need to add that first `modeladmin` argument.
    * The delete selected action is now a standalone function registered site-wide; this makes disabling it easy.
    * Fixed #10596: there are now official, documented `AdminSite` APIs for dealing with actions, including a method to disable global actions. You can still re-enable globally-disabled actions on a case-by-case basis.
    * Fixed #10595: you can now disable actions for a particular `ModelAdmin` by setting `actions` to `None`.
    * Fixed #10734: actions are now sorted (by name).
    * Fixed #10618: the action is now taken from the form whose "submit" button you clicked, not arbitrarily the last form on the page.
    * All of the above is documented and tested.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@10408 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-04-06 20:23:33 +00:00
Jacob Kaplan-Moss ee17cabba0 Fixed #9969: choices with options groups (added in [7977]) now work correctly in the admin with list_display and list_filter. Thanks, ramiro. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10318 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-04-01 14:14:20 +00:00
Jacob Kaplan-Moss a2dec37c41 Fixed #9908: allow individual app index templates in the admin. Thanks, arne. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10317 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-04-01 14:13:59 +00:00
Jacob Kaplan-Moss f83af07ce3 Fixed #7510: the ModelAdmin now uses `self.queryset` instead of the default manager. Thanks, Alex Gaynor. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10314 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-04-01 03:11:58 +00:00
Jacob Kaplan-Moss aea0bb68e0 Fixed a corner case from [10258]; thanks, Alex. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10272 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-03-31 17:10:23 +00:00
Jacob Kaplan-Moss c823e9d7cc Added row highlighting when selecting action checkmarks. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10258 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-03-31 16:24:12 +00:00
Gary Wilson Jr b4f5655c86 Fixed #10553 -- Corrected several uses of `URLconf` in documentation and comments, according to the Django style guide. Based on patch from rduffield. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10256 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-03-31 16:07:07 +00:00
Gary Wilson Jr 7372ea159a Fixed #10389, #10501, #10502, #10540, #10562, #10563, #10564, #10565, #10568, #10569, #10614, #10617, #10619 -- Fixed several typos as well as a couple minor issues in the docs, patches from timo, nih, bthomas, rduffield, UloPe, and sebleier@gmail.com. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10242 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-03-31 07:01:01 +00:00