Commit Graph

228 Commits

Author SHA1 Message Date
Russell Keith-Magee b794441951 Fixed #10976 -- Isolated contrib.auth tests so they will always pass, regardless of any local templates. Thanks to aarond10 for the report, and SmileyChris for turning that into a patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12420 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-02-13 12:02:11 +00:00
Luke Plant 4bff194633 Fixed #12804 - regression with decorating admin views.
This is a BACKWARDS INCOMPATIBLE change, because it removes the flawed
'auto_adapt_to_methods' decorator, and replaces it with 'method_decorator'
which must be applied manually when necessary, as described in the 1.2
release notes.

For users of 1.1 and 1.0, this affects the decorators:

 * login_required
 * permission_required
 * user_passes_test

For those following trunk, this also affects:

 * csrf_protect
 * anything created with decorator_from_middleware 

If a decorator does not depend on the signature of the function it is
supposed to decorate (for example if it only does post-processing of the
result), it will not be affected.
 



git-svn-id: http://code.djangoproject.com/svn/django/trunk@12399 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-02-09 15:02:39 +00:00
Russell Keith-Magee 47acb1d659 Fixed #6273 -- Added a 'changepassword' management command. Thanks to Ludvig Ericson and Justin Lilly for their work on this patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12351 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-01-29 08:10:29 +00:00
Luke Plant 8daec78cfd Fixed #12557 - AnonymousUser should check auth backends for permissions
Thanks to hvdklauw for the idea and work on the patch.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@12316 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-01-28 01:47:23 +00:00
Russell Keith-Magee 1b3dc8ad9a Fixed #12540, #12541 -- Added database routers, allowing for configurable database use behavior in a multi-db setup, and improved error checking for cross-database joins.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12272 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-01-22 14:30:06 +00:00
Jannis Leidel 5cd4c3e559 Fixed #12644 - Allow overriding the admin user creation form based on r12216. Thanks, minmax.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12265 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-01-19 22:19:26 +00:00
Jannis Leidel 373076a3cc Fixed #12606 - Removed stray print statement. Thanks, Sean Brant.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12225 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-01-14 11:12:24 +00:00
Jannis Leidel f4998574d3 Fixed #11796 - Tweaked ordering of permissions a little more to be even nicer.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12219 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-01-12 23:35:54 +00:00
Jannis Leidel c4470e5ced Make use of new ability to override admin add form templates and removed a litle bit of redundancy in the templates.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12218 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-01-12 23:35:29 +00:00
Joseph Kocherhans 2f9853b2dc Fixed #12512. Changed ModelForm to stop performing model validation on fields that are not part of the form. Thanks, Honza Kral and Ivan Sagalaev.
This reverts some admin and test changes from [12098] and also fixes #12507, #12520, #12552 and #12553.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@12206 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-01-12 02:29:45 +00:00
Adrian Holovaty 71e8d5dd87 Fixed #11409 -- Reordered the permissions checkboxes in the admin into a more natural progression. Thanks, benspaulding
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12203 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-01-10 21:58:01 +00:00
Adrian Holovaty 5ceed0a053 Changed a whole bunch of places to raise exception instances instead of old-style raising exception classes plus a comma. Good for the future Python 3 conversion
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12180 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-01-10 18:36:20 +00:00
Adrian Holovaty 19b72077f7 Fixed #8049 -- Fixed inconsistency in admin site is_active checks. Thanks for patch and tests, isagalaev
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12159 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-01-10 16:51:13 +00:00
Joseph Kocherhans 471596fc1a Merged soc2009/model-validation to trunk. Thanks, Honza!
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12098 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-01-05 03:56:19 +00:00
Jannis Leidel 57d7181caa Fixed #12462 - Fixed edge case with auth backends that don't support object permissions. Thanks to Florian Apolloner for catching it.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12032 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-12-30 22:12:57 +00:00
Russell Keith-Magee ff60c5f9de Fixed #1142 -- Added multiple database support.
This monster of a patch is the result of Alex Gaynor's 2009 Google Summer of Code project.
Congratulations to Alex for a job well done.

Big thanks also go to:
 * Justin Bronn for keeping GIS in line with the changes,
 * Karen Tracey and Jani Tiainen for their help testing Oracle support
 * Brett Hoerner, Jon Loyens, and Craig Kimmerer for their feedback.
 * Malcolm Treddinick for his guidance during the GSoC submission process.
 * Simon Willison for driving the original design process
 * Cal Henderson for complaining about ponies he wanted.

... and everyone else too numerous to mention that helped to bring this feature into fruition.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@11952 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-12-22 15:18:51 +00:00
Russell Keith-Magee 35cc439228 Fixed #7052 -- Added support for natural keys in serialization.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11863 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-12-14 12:39:20 +00:00
Jannis Leidel 9bf652dfd6 Fixed #11010 - Add a foundation for object permissions to authentication backends. Thanks to Florian Apolloner for writing the initial patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11807 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-12-10 01:05:35 +00:00
Luke Plant 25020ddb05 Fixed #4604 - Configurable message passing system, supporting anonymous users
This deprecates User.message_set in favour of a configurable messaging
system, with backends provided for cookie storage, session storage and
backward compatibility.

Many thanks to Tobias McNulty for the bulk of the work here, with
contributions from Chris Beaven (SmileyChris) and lots of code review from
Russell Keith-Magee, and input from many others.  Also credit to the authors
of various messaging systems for Django whose ideas may have been pinched
:-)



git-svn-id: http://code.djangoproject.com/svn/django/trunk@11804 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-12-09 16:57:23 +00:00
Luke Plant 7230a995ce Moved contrib.csrf.* to core code.
There is stub code for backwards compatiblity with Django 1.1 imports.

The documentation has been updated, but has been left in
docs/contrib/csrf.txt for now, in order to avoid dead links to
documentation on the website.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@11661 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-27 00:36:34 +00:00
Luke Plant 8e70cef9b6 Fixed #9977 - CsrfMiddleware gets template tag added, session dependency removed, and turned on by default.
This is a large change to CSRF protection for Django.  It includes:

 * removing the dependency on the session framework.
 * deprecating CsrfResponseMiddleware, and replacing with a core template tag.
 * turning on CSRF protection by default by adding CsrfViewMiddleware to
   the default value of MIDDLEWARE_CLASSES.
 * protecting all contrib apps (whatever is in settings.py)
   using a decorator.

For existing users of the CSRF functionality, it should be a seamless update,
but please note that it includes DEPRECATION of features in Django 1.1,
and there are upgrade steps which are detailed in the docs.

Many thanks to 'Glenn' and 'bthomas', who did a lot of the thinking and work
on the patch, and to lots of other people including Simon Willison and
Russell Keith-Magee who refined the ideas.

Details of the rationale for these changes is found here:

http://code.djangoproject.com/wiki/CsrfProtection

As of this commit, the CSRF code is mainly in 'contrib'.  The code will be
moved to core in a separate commit, to make the changeset as readable as
possible.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@11660 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-26 23:23:07 +00:00
Luke Plant c161bf21f0 Fixed #6552, #12031 - Make django.core.context_processors.auth lazy to avoid "Vary: Cookie"
Thanks to olau@iola.dk, Suor for the report



git-svn-id: http://code.djangoproject.com/svn/django/trunk@11623 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-14 18:09:13 +00:00
Luke Plant c46ddbf1fc Fixed #8274 - allow custom forms for auth 'login' and 'password_change' views
Thanks to julien for the suggestion and patch, and SmileyChris for work on the patch.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@11618 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-12 15:32:24 +00:00
Luke Plant af02f38e02 Rewrote user_passes_test to use auto_adapt_to_methods, removing the need for _CheckLogin
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11587 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-21 22:34:45 +00:00
Luke Plant 4a5630fe75 Removed unnecessary keys in django.contrib.auth.test.__test__
Only doctest tests, and not TestCases, need to be in __test__ AFAICS.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@11481 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-10 09:51:27 +00:00
Russell Keith-Magee e91deca779 Fixed #10521 -- Modified the Remote User tests so that it isn't dependent on particular deployed URLs. Thanks to Kegan and Ramiro Morales for their contributions.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10674 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-05-04 07:05:44 +00:00
Malcolm Tredinnick 5a57a7f006 Fixed #8752 -- Fixed django.contrib.auth tests to be locale-independent.
Patch from Koen Biermans.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@10599 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-04-19 03:41:33 +00:00
Jacob Kaplan-Moss ab562bf954 Fixed #10694: correctly check permissions in the change password admin. Thanks, jturnbull.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10591 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-04-18 21:04:40 +00:00
Jacob Kaplan-Moss 9faa1cd9b5 Fixed #10747: fixed the auth tests to ignore broken user-supplied login/logout templates.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10482 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-04-10 15:50:51 +00:00
Jacob Kaplan-Moss 6d5492630d Fixed a sloppy test auth test. [10400] revealed that the auth test was relying on the weird difference between calling a management from the shell and from `call_command`. That this worked in the first case was pretty much an accident.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10404 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-04-05 19:00:27 +00:00
Jacob Kaplan-Moss 2a994716a1 Fixed #10265: fixed a bug when generating a password reset token for a user created on the same request. Thanks, crucialfelix.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10341 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-04-01 21:25:24 +00:00
Jacob Kaplan-Moss 3e6f4674e2 Fixed #10460: the logout view can now redirect like the rest of the auth views. Thanks, chronos and steingrd.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10332 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-04-01 17:02:32 +00:00
Jacob Kaplan-Moss 35a1f22bc2 Fixed #10106: added is_active to user admin's list_display.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10331 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-04-01 16:43:01 +00:00
Jacob Kaplan-Moss 19b9211a3b Fixed #9881: Added the to the login view context, not just the site's name. Thanks, nessita.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10330 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-04-01 16:37:48 +00:00
Jacob Kaplan-Moss e6ad4fb901 Fixed #9474: user_passes_test may now be applied multiple times.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10328 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-04-01 16:17:38 +00:00
Gary Wilson Jr b4f5655c86 Fixed #10553 -- Corrected several uses of `URLconf` in documentation and comments, according to the Django style guide. Based on patch from rduffield.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10256 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-03-31 16:07:07 +00:00
Gary Wilson Jr 3989a7ae11 Fixed #8140 -- Made `UserManager.create_superuser` return the new `User` object, based on patch from ericholscher.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10217 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-03-30 22:00:07 +00:00
Jacob Kaplan-Moss c485e236bd Fixed #8193: all dynamic imports in Django are now done correctly. I know this because Brett Cannon borrowed the time machine and brought Python 2.7's '`importlib` back for inclusion in Django. Thanks for the patch-from-the-future, Brett!
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10088 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-03-18 16:55:59 +00:00
Gary Wilson Jr b994387d8d Fixed #689 -- Added a middleware and authentication backend to contrib.auth for supporting external authentication solutions. Thanks to all who contributed to this patch, including Ian Holsman, garthk, Koen Biermans, Marc Fargas, ekarulf, and Ramiro Morales.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10063 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-03-15 05:54:28 +00:00
Luke Plant 1306079a02 Fixed #10017 - PasswordResetForm.clean_email was not returning the value.
Thanks Zak Johnson, Leo


git-svn-id: http://code.djangoproject.com/svn/django/trunk@9906 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-02-26 17:11:28 +00:00
Russell Keith-Magee 39dd44570c Fixed #10025 -- Corrected two minor typos in source documentation. Thanks to Tarken for the report.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9861 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-02-22 06:08:37 +00:00
Jacob Kaplan-Moss 1f84630c87 Fixed #6470: made the admin use a URL resolver.
This *is* backwards compatible, but `admin.site.root()` has been deprecated. The new style is `('^admin/', include(admin.site.urls))`; users will need to update their code to take advantage of the new customizable admin URLs.

Thanks to Alex Gaynor.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@9739 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-01-14 20:22:25 +00:00
Adrian Holovaty be2697209b Improved the auth admin site to raise Http404 with a helpful error message if DEBUG is True, explaining why permission isn't denied. Refs #9866, and see also [9682]
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9683 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-12-25 06:17:42 +00:00
Adrian Holovaty 62362c6175 Added comment to UserAdmin.add_view() explaining why we disallow users without change permissions from adding other users. Refs #9866
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9682 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-12-25 06:04:11 +00:00
Karen Tracey bcd63cbfb0 Fixed #6160, #9111 -- Consistently apply conditional_escape to form errors and labels when outputing them as HTML.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9365 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-11-06 19:49:24 +00:00
Malcolm Tredinnick fb62bcc69e Fixed #8321 -- Change django.contrib.auth.models to use django.utils.hashcompat
for consistency with other code. Thanks, magneto.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@9160 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-10-06 05:14:17 +00:00
Malcolm Tredinnick c58c1f43cf Fixed #5753 -- Allow createsuperuser to work in situations where there
might be a valid password database entry for the current user id.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@9158 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-10-06 04:54:14 +00:00
Malcolm Tredinnick 2f0be0faae Fixed #8660 -- Small database query optimisation in User.get_profile.
When calling User.get_profile(), we now tell the profile object about the
related User object right away. This can save a database lookup later if
something in the user profile object wants to refer to the user object.

Patch from Mike Malone.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@9152 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-10-05 12:07:10 +00:00
Brian Rosner ab13303ea4 Fixed #8433 -- Deal with the add user popup on models that foreign key to User correctly. Thanks sorl for the report and fix.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8776 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-08-31 21:24:33 +00:00
Gary Wilson Jr c2ba59fc1d Removed oldforms, validators, and related code:
* Removed `Manipulator`, `AutomaticManipulator`, and related classes.
 * Removed oldforms specific bits from model fields:
   * Removed `validator_list` and `core` arguments from constructors.
   * Removed the methods:
     * `get_manipulator_field_names`
     * `get_manipulator_field_objs`
     * `get_manipulator_fields`
     * `get_manipulator_new_data`
     * `prepare_field_objs_and_params`
     * `get_follow`
   * Renamed `flatten_data` method to `value_to_string` for better alignment with its use by the serialization framework, which was the only remaining code using `flatten_data`.
 * Removed oldforms methods from `django.db.models.Options` class: `get_followed_related_objects`, `get_data_holders`, `get_follow`, and `has_field_type`.
 * Removed oldforms-admin specific options from `django.db.models.fields.related` classes: `num_in_admin`, `min_num_in_admin`, `max_num_in_admin`, `num_extra_on_change`, and `edit_inline`.
 * Serialization framework
   * `Serializer.get_string_value` now calls the model fields' renamed `value_to_string` methods.
   * Removed a special-casing of `models.DateTimeField` in `core.serializers.base.Serializer.get_string_value` that's handled by `django.db.models.fields.DateTimeField.value_to_string`.
 * Removed `django.core.validators`:
   * Moved `ValidationError` exception to `django.core.exceptions`.
   * For the couple places that were using validators, brought over the necessary code to maintain the same functionality.
 * Introduced a SlugField form field for validation and to compliment the SlugField model field (refs #8040).
 * Removed an oldforms-style model creation hack (refs #2160).

git-svn-id: http://code.djangoproject.com/svn/django/trunk@8616 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-08-27 07:19:44 +00:00
Malcolm Tredinnick 157dbe2fff Fixed #8552 -- Use the LOGIN_REDIRECT_URL setting in the auth tests, rather than hard-coding the value.
This enables things to work properly when installed in other configurations.
Patch from aeby.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@8613 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-08-27 06:02:13 +00:00
Jacob Kaplan-Moss 78d13fb1c2 Fixed #8379: the admin user change form now properly validates the username. Thanks, kratorius.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8544 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-08-25 17:10:20 +00:00
Jacob Kaplan-Moss 9a1e4cedde Fixed #8344: make User.get_profile() work when settings.AUTH_PROFILE_MODULE is unset.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8543 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-08-25 16:56:59 +00:00
Jacob Kaplan-Moss 15ed0d65b0 Fixed #7833: the user creation form now works when password1 isn't set.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8542 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-08-25 16:55:57 +00:00
Russell Keith-Magee 96d12748a9 Added app_label to the context for the add user admin view.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8510 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-08-24 06:46:53 +00:00
Malcolm Tredinnick aa78a05e69 Fixed #8359 -- Add an admin log entry when creating a new user.
Patch from evan_schulz.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@8503 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-08-23 21:45:36 +00:00
Malcolm Tredinnick abb1c508cc Tests for password change process. Thanks, Mike Richardson. Fixed #8402.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8497 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-08-23 18:20:49 +00:00
Brian Rosner ab26efc952 Fixed #8493 -- Fixed a NoReverseMatch when redirecting to password_change/done/ in the admin. Added the ability to override redirects to other password change views for consistency. Thanks for the report mtrichardson.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8473 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-08-23 03:26:01 +00:00
Malcolm Tredinnick c8c159cbba When logging in, change the session key whilst preserving any existing
sesssion. This means the user will see their session preserved across a login
boundary, but somebody snooping the anonymous session key won't be able to view
the authenticated session data.

This is the final piece of the session key handling changes.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@8459 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-08-21 13:54:53 +00:00
Gary Wilson Jr 3bb50169d9 Removed unused and redefined imports.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8386 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-08-15 17:42:13 +00:00
Gary Wilson Jr 415bf3efb3 Fixed #7364 -- Never cache the contrib.auth login view.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8383 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-08-15 17:10:14 +00:00
Malcolm Tredinnick 97a7dab2b1 Fixed #6941 -- When logging a user out, or when logging in with an existing
session and a different user id to the current session owner, flush the session
data to avoid leakage. Logging in and moving from an anonymous user to a
validated user still keeps existing session data.

Backwards incompatible if you were assuming sessions persisted past logout.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@8343 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-08-14 03:58:00 +00:00
Jacob Kaplan-Moss bb30805452 Fixed #8131: use reverse() in auth views. Patch from davenaff.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8334 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-08-12 23:31:31 +00:00
Gary Wilson Jr f09f14d0ae Fixed #8226 -- Fixed a Python 2.3 incompatibility in a unicode string substitution, thanks nfg.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8302 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-08-11 15:13:00 +00:00
Gary Wilson Jr 0b01d50076 Refs #7742 -- Removed unused `validator_list` argument (this is already being checked by the `UserCreationForm`).
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8293 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-08-11 04:30:30 +00:00
Brian Rosner a7d3c92767 Fixed #8202 -- Moved user_change_password to UserAdmin. This enables seamless integration of a custom UserAdmin. Thanks ElliottM for catching this.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8283 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-08-10 09:43:48 +00:00
Brian Rosner baac791c4b Fixed #7932 -- Made it easier to use a custom User model with the admin. Added add_form attribute to UserAdmin and removed hard-coded dependancies to User. Thanks ElliottM for the patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8280 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-08-10 04:22:21 +00:00
Jacob Kaplan-Moss 19bbc74e46 Fixed #7115: tweaked ordering on Permission to more closely match the pre-QSRF behavior, which was nice. Thanks, Matthew Flanagan.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8246 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-08-08 21:24:02 +00:00
Jacob Kaplan-Moss 34a3bd5225 Major refactoring of django.dispatch with an eye towards speed. The net result is that signals are up to 90% faster.
Though some attempts and backwards-compatibility were made, speed trumped compatibility. Thus, as usual, check BackwardsIncompatibleChanges for the complete list of backwards-incompatible changes.

Thanks to Jeremy Dunck and Keith Busell for the bulk of the work; some ideas from Brian Herring's previous work (refs #4561) were incorporated.

Documentation is, sigh, still forthcoming.

Fixes #6814 and #3951 (with the new dispatch_uid argument to connect).


git-svn-id: http://code.djangoproject.com/svn/django/trunk@8223 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-08-06 15:32:46 +00:00
Luke Plant 8e24b37610 Cleaned up whitespace
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8214 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-08-05 16:36:20 +00:00
Russell Keith-Magee bf65fd0a80 Fixed #8901 -- Corrected typo in docstring. Thanks to Hayley Bonham <djangocode@vortex.cx> for the report.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8207 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-08-04 12:11:04 +00:00
Gary Wilson Jr c85c8f8891 Fixed #7919 -- md5 and sha modules are deprecated since Python 2.5, use hashlib module when available. Patch from Karen Tracey.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8193 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-08-02 05:56:57 +00:00
Luke Plant 8dff194e9b Fixed #3062 - removed arbitrary and unneeded max_length on password fields in auth forms.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8180 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-08-01 21:18:17 +00:00
Luke Plant 64f5ab67a5 Changed some URL conf regexes to rawstrings for consistency
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8172 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-08-01 16:18:24 +00:00
Luke Plant 079e5bf1ec Added a login link to the password reset completion screen.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8171 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-08-01 16:13:12 +00:00
Luke Plant fcd837cd0f Fixed #7723 - implemented a secure password reset form that uses a token and prompts user for new password.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8162 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-07-31 20:47:53 +00:00
Russell Keith-Magee 99e34c1846 Fixed #8042 -- Modified the password reset form so that the email field length matches the User model. Thanks to Bob Thomas <bthomas@ncircle.com> for the report.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8159 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-07-31 09:08:55 +00:00
Adrian Holovaty 29f0e8182f Fixed #7847 -- Removed a whole bunch of unused imports from throughout the codebase. Thanks, julien
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8046 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-07-22 03:24:09 +00:00
Adrian Holovaty 8bc442e771 Fixed #7304 -- Gave AnonymousUser a has_perms() method, which it was lacking
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8044 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-07-22 03:05:40 +00:00
Jacob Kaplan-Moss 46786b4193 Fixed #7741: django.newforms is now django.forms. This is obviously a backwards-incompatible change. There's a warning upon import of django.newforms itself, but deeper imports will raise errors.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@7971 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-07-19 01:22:26 +00:00
Brian Rosner a19ed8aea3 Merged the newforms-admin branch into trunk.
This is a backward incompatible change. The admin contrib app has been
refactored. The newforms module has several improvements including FormSets
and Media definitions.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@7967 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-07-18 23:54:34 +00:00
Gary Wilson Jr 56e1cdc8bc Fixed a long and complex line by breaking into a for loop, with the added benefit that the method will now exit as soon as a matching
permission is found instead of checking all of the user's permissions and putting them into a temporary list.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@7823 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-07-02 05:05:50 +00:00
Gary Wilson Jr 73dfef8771 Added docstring and other minor style fixes.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@7822 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-07-02 05:00:09 +00:00
Russell Keith-Magee 8cb128e57c Refs #7521 -- Re-reverted [7716] (originally reverted in [7726]), now modified to use the new TestCase urlpattern framework.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@7808 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-06-30 13:11:12 +00:00
Malcolm Tredinnick 339df5ce44 Fixed #6089 -- Removed default ordering on the User class.
Admin users are still ordered, since we add it in specially for Admin. Slightly
backwards incompatible.

Patch from Erik Karulf.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@7806 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-06-30 12:52:46 +00:00
Adrian Holovaty fbef599f60 Fixed #6306 -- redirect_to_login() helper function now quotes the URL arguments correctly. Thanks, SmileyChris
git-svn-id: http://code.djangoproject.com/svn/django/trunk@7749 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-06-26 04:11:53 +00:00
Adrian Holovaty 54f7da3a27 Fixed #7274 -- Improved the django.contrib.auth password_reset() view not to require the Sites framework. Thanks, joshrl
git-svn-id: http://code.djangoproject.com/svn/django/trunk@7748 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-06-26 04:09:29 +00:00
Russell Keith-Magee c8d39f15cb Fixed #7521 -- Reverted [7716]. Fixed URLs in test case broke any application that deployed contrib.auth.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@7726 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-06-23 12:17:57 +00:00
Luke Plant fad8e8f7c2 Added basic tests for auth.views.password_reset
git-svn-id: http://code.djangoproject.com/svn/django/trunk@7716 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-06-20 17:43:12 +00:00
Jacob Kaplan-Moss 2b62e945b0 Fixed #3393: login view no longer assumes that set_test_cookie has been called. This is mildly backwards-incompatible, but in the "now it works the way it should have all along" sense. Thanks to James and lcordier for the patches.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@7692 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-06-18 16:13:14 +00:00
Jacob Kaplan-Moss b0ebcfe15a Fixed #7394: fixed bug with syncdb and createsuperuser introduced in [7590]. Thanks, av0000@mail.ru
git-svn-id: http://code.djangoproject.com/svn/django/trunk@7598 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-06-08 18:18:01 +00:00
Russell Keith-Magee 8398ea6603 Fixed #7392 -- Corrected a typo in the backwards-compatibility layer to the new createsuperuser command.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@7596 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-06-08 08:45:14 +00:00
Jacob Kaplan-Moss 5675ae4443 Fixed #5614: added 'manage.py createsuperuser'. Thanks, programmerq.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@7590 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-06-08 05:31:16 +00:00
Malcolm Tredinnick 6dfe245f02 Updated the inline help text for User.is_active.
Fixed #6881. Refs #7011.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@7414 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-04-13 01:50:29 +00:00
Gary Wilson Jr a75e58be58 Fixed #5922 -- Turned `ModelBackend` authentication backend into a new-style class, thanks `Honza_Kral`.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@7201 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-03-08 03:09:29 +00:00
Gary Wilson Jr 5ca0b9203b Fixed #5701 -- Fixed decorators to take the name, attributes, and docstring of the function they decorate by adding a modified version of the `functools.wraps` function from Python 2.5. `wraps` has been altered to work with Django's `curry` function and with Python 2.3, which doesn't allow assignment of a function's `__name__` attribute. This fixes severaly annoyances, such as the online documentation for template filters served by the admin app. This change is backwards incompatible if, for some reason, you were relying on the name of a Django decorator instead of the function it decorates.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@7153 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-02-25 06:02:35 +00:00
Gary Wilson Jr 298d76aed4 Fixed #3165 -- Really allow underscores when making a superuser, thanks `SmileyChris`.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@7018 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-01-13 04:03:36 +00:00
Gary Wilson Jr a4478ee9c6 Fixed #6174 -- Made `AnonymousUser.is_active` False instead of True since `AnonymousUser`s can't login. Thanks, `SmileyChris`.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6912 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-12-11 06:37:07 +00:00
Luke Plant 8c9b65429a Fixed bug in /admin/doc/views/ caused by [6658]
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6659 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-09 15:27:49 +00:00
Luke Plant 8eeb9feab0 Fixed #4376 -- login_required now works with bound methods. Thanks, Steven Bethard.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6658 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-07 22:45:07 +00:00