Chris Jerdonek
3cfcb8cbc8
Refs #32902 -- Moved ensure_csrf_cookie_view after protected_view.
2021-07-23 07:09:36 +02:00
Chris Jerdonek
a2e1f1e295
Fixed #32902 -- Fixed CsrfViewMiddleware.process_response()'s cookie reset logic.
...
Thanks Florian Apolloner and Shai Berger for reviews.
2021-07-23 07:08:45 +02:00
Chris Jerdonek
311401d9a2
Refs #32902 -- Added CSRF test when rotate_token() is called between resetting the token and processing response.
2021-07-23 06:56:53 +02:00
ryowright
1783b3cb24
Fixed #32275 -- Added scrypt password hasher.
...
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2021-07-22 12:40:33 +02:00
Wu Haotian
65b880b726
Fixed #32930 -- Fixed URLValidator when port numbers < 10.
2021-07-22 11:58:28 +02:00
Wu Haotian
b96cc7f85e
Added more test cases with port numbers for URLValidator.
2021-07-22 11:58:28 +02:00
Mariusz Felisiak
83022d279c
Refs #32508 -- Raised TypeError/ValueError instead of using "assert" in encode() methods of some password hashers.
2021-07-22 09:42:07 +02:00
Nick Pope
c35b81b864
Fixed #32951 -- Removed Query.where_class & co.
...
Unused since 3caf957ed5
.
2021-07-22 08:49:20 +02:00
yakimka
c542d0a072
Fixed #32949 -- Restored invalid number handling in DecimalField.validate().
...
DecimalField must itself validate() values, such as NaN, which cannot be
passed to validators, such as MaxValueValidator, during the
run_validators() phase.
Regression in cc3d24d7d5
.
2021-07-21 10:20:24 +02:00
David Wobrock
fd999318ad
Fixed #32704 -- Fixed list of deferred fields when chaining QuerySet.defer() after only().
2021-07-20 12:15:29 +02:00
David Wobrock
96706d76cd
Added more tests for chaining QuerySet.defer() after only().
2021-07-20 12:14:28 +02:00
Nick Pope
fee8734596
Refs #10929 -- Deprecated forced empty result value for PostgreSQL aggregates.
...
This deprecates forcing a return value for ArrayAgg, JSONBAgg, and
StringAgg when there are no rows in the query. Now that we have a
``default`` argument for aggregates, we want to revert to returning the
default of ``None`` which most aggregate functions return and leave it
up to the user to decide what they want to be returned by default.
2021-07-19 13:41:16 +02:00
Nick Pope
501a8db465
Fixed #10929 -- Added default argument to aggregates.
...
Thanks to Simon Charette and Adam Johnson for the reviews.
2021-07-19 13:04:27 +02:00
Keryn Knight
59942a66ce
Fixed #32941 -- Removed get_format_modules()'s unused reverse argument.
...
Unused since 0d8b523422
.
2021-07-19 11:42:20 +02:00
Chris Jerdonek
f3825ee050
Fixed wording of AuthViewsTestCase's docstring.
2021-07-19 06:36:20 +02:00
Jacob Walls
56f9579105
Fixed #32655 -- Deprecated extra_tests argument for DiscoverRunner.build_suite()/run_tests().
2021-07-16 20:46:41 +02:00
Chris Jerdonek
0dc25526d8
Fixed #32924 -- Changed BaseForm.get_initial_for_field() to remove microseconds when needed.
2021-07-16 15:51:20 +02:00
Chris Jerdonek
788441c6ab
Refs #32924 -- Changed test_initial_datetime_values() to use subTests.
2021-07-16 15:51:20 +02:00
Chris Jerdonek
469e769299
Refs #32924 -- Changed test_get_initial_for_field() to use subTests.
2021-07-16 15:51:20 +02:00
pochangl
f6d3557aa1
Fixed #32929 -- Fixed handling query strings in AsyncRequestFactory.
2021-07-15 13:09:29 +02:00
Daniyal
f479df7f8d
Refs #32508 -- Raised Type/ValueError instead of using "assert" in django.db.models.
...
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2021-07-15 11:43:33 +02:00
Chris Jerdonek
90a33ab2ce
Fixed #32920 -- Changed BaseForm to access its values through bound fields.
2021-07-15 10:47:02 +02:00
Ties Jan Hefting
84400d2e9d
Fixed #32905 -- Added CSS class for non-form errors of formsets.
2021-07-15 07:00:39 +02:00
Carlton Gibson
3a45fea083
Fixed #21936 -- Allowed DeleteView to work with custom Forms and SuccessMessageMixin.
...
Thanks to Mariusz Felisiak for review.
Co-authored-by: Demetris Stavrou <demestav@gmail.com>
Co-authored-by: Caroline Simpson <github@hoojiboo.com>
2021-07-14 09:47:03 +02:00
Nick Pope
6afc2a944c
Completed test coverage for django.utils.dateformat.
2021-07-13 13:21:10 +02:00
Nick Pope
ab0d751ddf
Used subTest() in utils_tests.test_dateformat.
2021-07-13 13:06:48 +02:00
Chris Jerdonek
5848b3a1d7
Fixed #32914 -- Prevented test --shuffle from skipping test methods.
...
"test --shuffle" skipped test methods when test classes were mixed.
This changes runner.py's reorder_tests() to group by TestCase class.
Regression in 90ba716bf0
.
2021-07-12 06:36:12 +02:00
Ian Foote
f42ccdd835
Fixed #27021 -- Allowed lookup expressions in annotations, aggregations, and QuerySet.filter().
...
Thanks Hannes Ljungberg and Simon Charette for reviews.
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2021-07-09 11:43:06 +02:00
Mariusz Felisiak
ae32e337e0
Fixed isolation of NonAutocommitTests.test_orm_query_after_error_and_rollback().
2021-07-09 07:38:31 +02:00
Mariusz Felisiak
7bb0605a8c
Fixed isolation of GenericRelationTests.test_filter_targets_related_pk().
2021-07-08 13:13:40 +02:00
Chris Jerdonek
90ba716bf0
Fixed #24522 -- Added a --shuffle option to DiscoverRunner.
2021-07-08 07:29:04 +02:00
abhiabhi94
cf6774a53b
Fixed #32904 -- Made parse_time() more strict.
...
Thanks Keryn Knight for the report.
2021-07-07 12:08:43 +02:00
Shipeng Feng
68cc04887b
Fixed #32866 -- Fixed trimming trailing punctuation from escaped string in urlize().
2021-07-07 11:19:33 +02:00
Mads Jensen
c51bf80d56
Used more specific unittest assertions in tests.
2021-07-07 10:51:38 +02:00
abhiabhi94
6a5ef557f8
Added test for errors when saving timezone-aware times if not supported.
2021-07-06 10:44:06 +02:00
Keryn Knight
857320e9e0
Added more tests for parse_time().
2021-07-06 08:45:23 +02:00
Hannes Ljungberg
a06b977a91
Fixed #32776 -- Added support for Array subqueries on PostgreSQL.
2021-07-06 07:36:52 +02:00
Mariusz Felisiak
49ca6bbc44
Fixed isolation of RouterTestCase.test_m2m_cross_database_protection().
...
Hardcoded pks are necessary for this test case, however we need to set
them for all new rows because the sequence will not increment
automatically. It works when the sequence is incremented by other
test cases.
2021-07-05 15:22:08 +02:00
Mateo Radman
2231429991
Refs #32508 -- Raised ImproperlyConfigured/TypeError instead of using "assert".
2021-07-05 13:31:03 +02:00
Mariusz Felisiak
1ff0ea6e9b
Fixed isolation of test_filename_traversal_upload().
...
shutil.rmtree(MEDIA_ROOT) is already called as a class cleanup.
2021-07-05 12:05:13 +02:00
Wu Haotian
aba9c2de66
Fixed #32226 -- Fixed JSON format of QuerySet.explain() on PostgreSQL.
2021-07-05 09:08:39 +02:00
Wu Haotian
b3b04ad211
Refs #28574 -- Added test for XML format output to Queryset.explain().
2021-07-05 09:01:54 +02:00
Eduardo Aldair Ahumada Garcia Jurado
e4da365436
Refs #24121 -- Added __repr__() to AdminSite, DefaultAdminSite, and ModelAdmin.
...
Thanks tlebrize for the initial patch.
2021-07-05 08:15:58 +02:00
Nick Pope
fa35c8bdbc
Fixed #30934 -- Included database alias in django.db.backends log messages.
...
This is useful when working with database routing as you want to know
where each query is being executed.
Co-authored-by: David Winterbottom <david.winterbottom@gmail.com>
2021-07-02 15:36:53 +02:00
cammil
313c3d1aa1
Fixed #28935 -- Fixed display of errors in extended blocks.
...
Get the template that caused the exception and get the
exception info from that template, using the node that
caused the exception.
2021-07-02 11:38:15 +02:00
Simon Charette
9f3cce172f
Refs #26430 -- Re-introduced empty aggregation optimization.
...
The introduction of the Expression.empty_aggregate_value interface
allows the compilation stage to enable the EmptyResultSet optimization
if all the aggregates expressions implement it.
This also removes unnecessary RegrCount/Count.convert_value() methods.
Disabling the empty result set aggregation optimization when it wasn't
appropriate prevented None returned for a Count aggregation value.
Thanks Nick Pope for the review.
2021-07-02 07:25:42 +02:00
Simon Charette
f3112fde98
Fixed #26430 -- Fixed coalesced aggregation of empty result sets.
...
Disable the EmptyResultSet optimization when performing aggregation as
it might interfere with coalescence.
2021-07-02 06:40:54 +02:00
abhiabhi94
fde6fb2898
Fixed #32893 -- Fixed serialization of models.Model class in migrations.
...
Migrations assumed that an import of the models.Model class must
already be included when it's serialized, but for models with only
custom fields this was not necessarily the case.
Thanks Jaap Joris Vens for the report.
2021-07-01 12:42:32 +02:00
Allan Feldman
36fa071d6e
Fixed #32889 -- Allowed per-request sync_to_async context in ASGIHandler .
...
By using a asgiref's ThreadSensitiveContext context manager, requests
will be able to execute independently of other requests when sync work
is involved.
Prior to this commit, a single global thread was used to execute any
sync work independent of the request from which that work was scheduled.
This could result in contention for the global sync thread in the case
of a slow sync function.
Requests are now isolated to their own sync thread.
2021-07-01 12:13:19 +02:00
Carlton Gibson
4af162d4de
Refs #32144 -- Made makemessages remove temporary files on preprocessing error.
...
Co-authored-by: Anders Hovmöller <anders.hovmoller@dryft.se>
2021-07-01 10:11:10 +02:00
Carlton Gibson
dfa7781033
Fixed #32144 -- Made makemessages remove temporary files when locale path doesn't exist.
2021-07-01 10:11:10 +02:00
Hannes Ljungberg
d8c90d4c22
Fixed #32786 -- Moved subquery ordering clearing optimization to the _in lookup.
...
Co-Authored-By: Simon Charette <charette.s@gmail.com>
2021-06-30 10:08:55 +02:00
Chris Jerdonek
43d1ea6e2f
Refs #32885 -- Used _read_csrf_cookie()/_set_csrf_cookie() in more CSRF tests.
2021-06-30 07:48:15 +02:00
Chris Jerdonek
abc8795632
Fixed #32885 -- Removed cookie-based token specific logic from CsrfViewMiddlewareTestMixin.
2021-06-30 07:48:15 +02:00
Chris Jerdonek
8bca838f4a
Refs #32655 -- Improved error if iter_test_cases() is passed a string.
2021-06-29 20:41:40 +02:00
Mariusz Felisiak
5371ad1d14
Refs #26430 -- Added tests for PostgreSQL-specific aggregates on EmptyQuerySets and used subTest().
2021-06-29 20:23:59 +02:00
Chris Jerdonek
594d6e9407
Refs #32843 -- Added CsrfViewMiddlewareTestMixin._get_csrf_cookie_request() hook.
2021-06-29 08:56:13 +02:00
Chris Jerdonek
c8439d1dba
Refs #32843 -- Added method/cookie arguments to CsrfViewMiddlewareTestMixin._get_request().
...
This also removes unnecessary test hooks.
2021-06-29 08:56:13 +02:00
Chris Jerdonek
6bccb64347
Refs #32843 -- Moved _get_GET_csrf_cookie_request() to CsrfViewMiddlewareTestMixin.
2021-06-29 08:56:05 +02:00
Chris Jerdonek
4397d2bd6b
Fixed #32843 -- Ensured the CSRF tests' _get_GET_csrf_cookie_request() sets the request method.
2021-06-29 08:14:25 +02:00
abhiabhi94
cd124295d8
Fixed #32381 -- Made QuerySet.bulk_update() return the number of objects updated.
...
Co-authored-by: Diego Lima <diego.lima@lais.huol.ufrn.br>
2021-06-29 06:58:46 +02:00
Dan Strokirk
f5ea9aa2f3
Fixed #32807 -- Fixed JSONField crash when redisplaying None values.
...
Thanks to Alex Hill for the initial patch.
2021-06-28 11:02:08 +02:00
Nick Pope
66af94d56e
Removed unnecessary json.loads() call in test_json_agg_empty().
2021-06-28 09:22:23 +02:00
Nick Pope
e8e8e207e7
Ensured that empty result test for JSONBAgg executes a query.
...
Use of QuerySet.none() will cause the EmptyQuerySet aggregation
optimisation to be used. Change the test to be implemented like the
other tests for empty results in this file.
2021-06-28 09:21:57 +02:00
Nick Pope
1aca9fc7d2
Corrected test method and variable names for JSONBAgg.
...
This is probably a hangover from when the aggregate function was
originally called JSONAgg during development.
2021-06-28 09:17:34 +02:00
Chris Jerdonek
5e60c3943b
Refs #32800 -- Added CsrfViewMiddleware tests for all combinations of masked/unmasked cookies and tokens.
2021-06-28 08:31:30 +02:00
Chris Jerdonek
defa8d3d87
Refs #32800 -- Made CsrfViewMiddlewareTestMixin._csrf_id_cookie and _csrf_id_token different.
...
This also renames CsrfViewMiddlewareTestMixin._csrf_id to _csrf_id_token.
2021-06-28 08:09:53 +02:00
Chris Jerdonek
2523c32d50
Refs #32800 -- Eliminated the need for separate _get_POST_bare_secret() methods.
2021-06-28 08:08:43 +02:00
Chris Jerdonek
c8108591b9
Refs #32800 -- Added to csrf_tests/tests.py the unmasked version of the secret.
...
This also adds tests that the secret is correct, and updates existing
tests to use the value.
2021-06-28 07:59:22 +02:00
Mateo Radman
8a7ac78b70
Refs #32508 -- Raised ImproperlyConfigured/TypeError instead of using "assert" in various code.
2021-06-25 06:55:47 +02:00
Mariusz Felisiak
27e156fa31
Fixed ResourceWarning in test_client.tests.ClientTest.test_uploading_named_temp_file().
2021-06-24 11:47:29 +02:00
Ben Wilber
fff4870bfa
Fixed #32727 -- Allowed spaces before time zone offset in parse_datetime().
2021-06-24 10:07:55 +02:00
Chris Jerdonek
fcb75651f9
Fixed #32817 -- Added the token source to CsrfViewMiddleware's bad token error messages.
2021-06-23 16:07:15 +02:00
Chris Jerdonek
1a284afb07
Refs #32817 -- Added tests for bad CSRF token provided via X-CSRFToken or custom header.
2021-06-23 16:07:07 +02:00
Chris Jerdonek
6837bd68a4
Refs #32817 -- Added post_token/meta_token/token_header arguments to _get_POST_csrf_cookie_request().
2021-06-23 16:07:07 +02:00
Chris Jerdonek
999402f142
Refs #32817 -- Combined the bad-or-missing CSRF token tests.
2021-06-23 16:07:07 +02:00
tomhamiltonstubber
1e5aa8e1c7
Fixed #32790 -- Ensured test Client handles redirects to domain indexes without a specified trailing slash.
2021-06-23 12:32:29 +02:00
Nicolas Restrepo
bbb3965826
Refs #24121 -- Added __repr__() to StreamingHttpResponse and subclasses.
2021-06-22 21:28:48 +02:00
Hasan Ramezani
7a9745fed4
Fixed #32863 -- Skipped system check for specifying type of auto-created primary keys on models with invalid app_label.
...
Regression in b5e12d490a
.
Thanks Iuri de Silvio for the report.
2021-06-22 20:47:15 +02:00
David Smith
b9e872b593
Refs #32338 -- Removed 'for ="..."' from RadioSelect's <label>.
...
This improves accessibility for screen reader users.
Co-authored-by: Thibaud Colas <thibaudcolas@gmail.com>
2021-06-22 10:59:29 +02:00
Igor Fernandes
e85d9c02ad
Fixed #32870 -- Improved error message when URLconf is empty.
2021-06-22 08:09:53 +02:00
Mariusz Felisiak
e07609a0d1
Refs #32858 , Refs #32392 -- Restored using :: shortcut syntax in Cast() on PostgreSQL.
...
This partly reverts commit fdfbc66331
unnecessary since b69b0c3fe8
.
2021-06-22 06:28:42 +02:00
Lucidiot
b69b0c3fe8
Fixed #32858 -- Fixed ExclusionConstraint crash with index transforms in expressions.
2021-06-22 06:09:16 +02:00
Jacob Walls
501a371411
Fixed typo in makemessages error message.
2021-06-21 21:23:59 +02:00
Carlton Gibson
225d96533a
Fixed #30427 , Fixed #16176 -- Corrected setting descriptor in Field.contribute_to_class().
...
Co-authored-by: Jarek Glowacki <jarekwg@gmail.com>
2021-06-15 12:01:28 +02:00
Carlton Gibson
0c0240aba8
Refs #30427 , Refs #16176 -- Added test for abstract model inheritance.
2021-06-15 11:42:52 +02:00
Keryn Knight
854e9b0668
Fixed #32824 -- Improved performance of NodeList.render().
...
This avoids the following:
- checking that each item in the nodelist is a subclass of Node,
- calling str() on the render_annotated() output, because it's
documented that Node.render() must return a string,
- calling mark_safe() on the output, when the value to be wrapped is
definitively known to be a string because the result of ''.join()
is always of that type,
- using an intermediate list to store each individual string.
2021-06-11 12:22:06 +02:00
Jacob Walls
2dfc1066a0
Fixed #25250 -- Clarified partially recorded state of squashed migrations in showmigrations --list.
2021-06-11 09:35:42 +02:00
Chris Jerdonek
de4f620183
Fixed #32609 -- Updated runtests.py to support directory path test labels.
...
For example, with this change, the following now works from the tests
directory:
$ ./runtests.py view_tests/tests/
2021-06-10 20:19:30 +02:00
Mariusz Felisiak
fa0433d05f
Fixed #32832 -- Fixed adding BLOB/TEXT nullable field with default on MySQL 8.0.13+.
...
Regression in d4ac23bee1
.
Thanks Omkar Deshpande for the report.
2021-06-10 20:03:43 +02:00
Mariusz Felisiak
8b4983cfd4
Fixed typo in tests/test_runner/test_discover_runner.py.
2021-06-10 13:25:05 +02:00
saeedblanchette
66ed03e7c9
Refs #24121 -- Added __repr__() to AdminForm, BlockContext, BlockTranslateNode, and IncludeNode.
2021-06-10 12:47:53 +02:00
Ceesjan Luiten
cb6c19749d
Refs #27734 -- Prevented creation of more parallel workers than TestCases.
...
The parallel test runner uses multiple workers to distribute the
workload. These workers are assigned a worker ID using a globally
incremented variable, which determines what test database to connect
to. When the worker ID surpasses the test database IDs Django will
crash.
This reduce likelihood of crashing parallel tests because
ParallelTestSuite will no longer create more workers than TestCases.
It won't eliminate the problem completely though because there are
other circumstances in which new workers can be created which can then
be assigned an "illegal" worker ID.
2021-06-10 07:32:15 +02:00
Angus Holder
3e73c65ffc
Fixed #32195 -- Added system check for invalid view in path() and improved error messages.
2021-06-09 09:06:42 +02:00
Mariusz Felisiak
8f89454bbc
Refs #32195 -- Added path() test for invalid view.
2021-06-09 08:58:41 +02:00
Jacob Walls
c0e29cec83
Fixed #25255 -- Recorded unapplied squashed migrations.
2021-06-08 08:40:34 +02:00
Sanskar Jaiswal
8c3bd0b708
Fixed #31653 -- Added AddConstraintNotValid()/ValidateConstraint() operations for PostgreSQL.
2021-06-08 07:46:51 +02:00
luzpaz
bbf09254a3
Fixed typos in test comments.
2021-06-07 20:54:28 +02:00
Chris Jerdonek
87bb746ea6
Refs #32668 -- Renamed setup()/teardown() to setup_run_tests()/teardown_run_tests() in runtests.py.
2021-06-07 09:04:27 +02:00
Chris Jerdonek
9389d4d3db
Refs #32668 -- Changed bisect_tests() and paired_tests() to use only setup_collect_tests().
2021-06-07 09:04:27 +02:00
Chris Jerdonek
e96e93618c
Refs #32668 -- Passed setup()'s return value to run_tests() instead of get_installed().
2021-06-07 09:04:27 +02:00
Chris Jerdonek
b3083d5bd2
Refs #32668 -- Refactored out setup_collect_tests() in runtests.py.
2021-06-07 09:04:24 +02:00
Chris Jerdonek
9b9cea04b9
Refs #32668 -- Added gis_enabled argument to get_test_modules().
2021-06-07 08:54:15 +02:00
aryabartar
651e527f9b
Fixed #32716 -- Fixed ManifestStaticFilesStorage crash when max_post_process_passes is 0.
2021-06-07 07:56:20 +02:00
Chris Jerdonek
7272e1963f
Fixed #32821 -- Updated os.scandir() uses to use a context manager.
2021-06-07 06:52:42 +02:00
saeedblanchette
7dd502b0e1
Refs #24121 -- Added __repr__() to ChangeList and BaseStorage.
2021-06-07 06:31:50 +02:00
Chris Jerdonek
9812b486b5
Refs #32668 -- Simplified start_at/start_after logic in runtests.py's setup().
2021-06-05 16:46:37 +02:00
Mariusz Felisiak
213850b4b9
Refs #32355 -- Used addClassCleanup() in tests.
...
Inspired by Adam Johnson talk on DjangoCon Europe 2021.
2021-06-04 12:53:11 +02:00
Adam Johnson
2e4711c611
Made SerializeMixin check lockfile attr at import time.
2021-06-04 12:29:09 +02:00
Takayuki Hirayama
0393b9262d
Fixed #32812 -- Restored immutability of named values from QuerySet.values_list().
...
Regression in 981a072dd4
.
Thanks pirelle for the report.
2021-06-04 07:23:16 +02:00
Chris Jerdonek
0d2816133c
Refs #32668 -- Simplified get_test_modules() in runtests.py.
...
This simplifies runtests.py's get_test_modules() in a few ways. For
example, it changes the function to yield strings instead of returning
pairs of strings, which simplifies the calling code.
This commit also changes SUBDIRS_TO_SKIP from a list to a dict since
the directories to skip depend on the parent directory.
2021-06-03 09:20:47 +02:00
Chris Jerdonek
ffc0d57a04
Refs #32668 -- Refactored away module_found_in_labels in runtests.py's setup().
2021-06-03 09:20:47 +02:00
Chris Jerdonek
90f41c2d91
Refs #32668 -- Made setup()'s test_labels argument optional in runtests.py.
2021-06-03 09:20:47 +02:00
Mariusz Felisiak
62e8f369c3
Fixed #32808 -- Prevented DiscoverRunner.build_suite() from mutating test loader patterns.
...
Thanks Chris Jerdonek for the report and reviews.
2021-06-03 08:59:37 +02:00
Chris Jerdonek
1b4d1675b2
Refs #32641 -- Made DiscoverRunner's "Found X tests" message work for finding one test.
...
This also removes passing level to log() as logging.INFO is the default.
2021-06-02 12:53:09 +02:00
Jacob Walls
ec2727efef
Fixed #28154 -- Prevented infinite loop in FileSystemStorage.save() when a broken symlink with the same name exists.
2021-06-02 12:20:22 +02:00
Mariusz Felisiak
e1d787f1b3
Fixed CVE-2021-33571 -- Prevented leading zeros in IPv4 addresses.
...
validate_ipv4_address() was affected only on Python < 3.9.5, see [1].
URLValidator() uses a regular expressions and it was affected on all
Python versions.
[1] https://bugs.python.org/issue36384
2021-06-02 10:58:39 +02:00
Florian Apolloner
46572de2e9
Fixed CVE-2021-33203 -- Fixed potential path-traversal via admindocs' TemplateDetailView.
2021-06-02 10:58:39 +02:00
Mariusz Felisiak
e703b152c6
Fixed #32793 -- Fixed loss of precision for temporal operations with DecimalFields on MySQL.
...
Regression in 1e38f1191d
.
Thanks Mohsen Tamiz for the report.
2021-06-01 15:11:42 +02:00
Daniyal
a0410ffe8f
Refs #32552 -- Added DiscoverRunner.log() to allow customization.
...
Thanks Carlton Gibson, Chris Jerdonek, and David Smith for reviews.
2021-06-01 13:31:44 +02:00
Chris Jerdonek
cd19db10df
Fixed #32796 -- Changed CsrfViewMiddleware to fail earlier on badly formatted cookie tokens.
2021-06-01 09:02:27 +02:00
Chris Jerdonek
623cec0879
Refs #32796 -- Added CsrfViewMiddleware tests for incorrectly formatted cookie tokens.
2021-06-01 09:02:23 +02:00
abhiabhi94
c609d5149c
Refs #24121 -- Added __repr__() to Engine
2021-06-01 07:44:36 +02:00
Chris Jerdonek
55775891fb
Fixed #32795 -- Changed CsrfViewMiddleware to fail earlier on badly formatted tokens.
2021-05-31 21:12:21 +02:00
Chris Jerdonek
ffdee8d264
Refs #32795 -- Added CsrfViewMiddleware tests for rejecting invalid or missing tokens.
...
This also improves test names for test_process_request_no_csrf_cookie
and test_process_request_csrf_cookie_no_token. The logic being tested
is actually in process_view() rather than process_request(), and it's
not necessary to include the method name.
2021-05-31 21:12:17 +02:00
Gildardo Adrian Maravilla Jacome
91e21836f6
Fixed #32319 -- Added ES module support to ManifestStaticFilesStorage.
2021-05-31 11:09:48 +02:00
Gildardo Adrian Maravilla Jacome
781b44240a
Refs #32319 -- Changed HashedFilesMixin to use named groups in patterns.
2021-05-31 10:40:21 +02:00
David Wobrock
b9df2b74b9
Fixed #32676 -- Prevented migrations from rendering related field attributes when not passed during initialization.
...
Thanks Simon Charette for the implementation idea.
2021-05-28 20:25:59 +02:00
Hannes Ljungberg
b746596f5f
Refs #32779 -- Changed DatabaseSchemaEditor._unique_sql()/_create_unique_sql() to take fields as second parameter.
2021-05-28 10:50:27 +02:00
abhiabhi94
22da686ca9
Refs #24121 -- Added __repr__() to PermWrapper.
2021-05-28 08:03:23 +02:00
Chris Jerdonek
71179a6124
Fixed #32596 -- Added CsrfViewMiddleware._check_referer().
...
This encapsulates CsrfViewMiddleware's referer logic into a method and
updates existing tests to check the "seam" introduced by the refactor,
when doing so would improve the test.
2021-05-28 07:31:56 +02:00
Mohammadreza Varasteh
e93eb3d971
Fixed #32789 -- Made feeds emit elements with no content as self-closing tags.
2021-05-27 21:05:28 +02:00
Chris Jerdonek
02c59b7a43
Refs #32596 -- Added extra tests for CsrfViewMiddleware's referer logic.
2021-05-27 10:53:20 +02:00
Nilo César Teixeira
0d67481a66
Fixed #32762 -- Fixed locale reset in compilemessages test.
...
Reset the `LC_ALL` override value in the test environment to ensure that locale
values the calling environment are not used.
2021-05-26 15:37:42 +02:00
Moriyoshi Koizumi
9e4780deda
Fixed #32669 -- Fixed detection when started non-django modules which aren't packages with "python -m" in autoreloader.
2021-05-26 12:29:43 +02:00
Michael Lissner
5a8e8f80bb
Fixed #32772 -- Made database cache count size once per set.
2021-05-26 11:21:11 +02:00
Mariusz Felisiak
12b19a1d76
Fixed #32783 -- Fixed crash of autoreloader when __main__ module doesn't have __spec__ attribute.
...
Regression in ec6d2531c5
.
Thanks JonathanNickelson for the report.
2021-05-26 11:19:47 +02:00
Hasan Ramezani
1143f3bb5e
Fixed #32543 -- Added search_help_text to ModelAdmin.
2021-05-26 10:20:13 +02:00
Hasan Ramezani
68357b2ca9
Fixed #32744 -- Normalized to pathlib.Path in autoreloader check for template changes.
2021-05-26 09:41:29 +02:00
Mariusz Felisiak
7e51893911
Refs #32379 -- Added USE_TZ settings to AdminScriptTestCase.write_settings().
2021-05-25 13:22:40 +02:00
Hannes Ljungberg
3e0fdf5546
Fixed #32780 -- Made Add/RemoveConstraint operations a noop for covering/deferrable unique constraints on SQLite.
2021-05-25 11:34:25 +02:00
saeedblanchette
d3d95d645f
Refs #24121 -- Added __repr__() to Lookup.
2021-05-24 07:32:25 +02:00
Mariusz Felisiak
f0a9413bd2
Refs #24121 -- Improved Value.__repr__().
2021-05-24 07:26:53 +02:00
Mariusz Felisiak
3f6d4e22f8
Fixed typo in tests/expressions/tests.py.
2021-05-24 07:26:53 +02:00
Hannes Ljungberg
7ef2398e81
Fixed #32777 -- Passed table reference as a string to DatabaseSchemaEditor._index_columns().
2021-05-24 06:31:48 +02:00
Yuekui Li
5e04e84d67
Fixed #32503 -- Fixed altering BLOB/TEXT field to non-nullable with default on MySQL 8.0.13+.
...
MySQL 8.0.13+ supports defaults for BLOB/TEXT but not in the
ALTER COLUMN statement.
Regression in 6b16c91157
.
Thanks Matt Westcott for the report.
2021-05-21 13:34:37 +02:00
Rohith PR
7cca22964c
Fixed #32375 -- Started deprecation toward changing the default sitemap protocol to https.
...
The default sitemap protocol, when it is built outside the context of
a request, will be changed from 'http' to 'https' in Django 5.0.
2021-05-21 11:00:54 +02:00
Rohith PR
56003b21ea
Added tests for Sitemap.get_protocol().
2021-05-21 10:55:05 +02:00
David Sanders
736bb9868a
Renamed "object" argument of ModelAdmin.log_addition(), log_change(), and log_deletion() methods.
2021-05-20 07:29:16 +02:00
David Sanders
2978c63a34
Fixed #32771 -- Used IS_POPUP_VAR constant instead of hard-coded value.
2021-05-20 07:04:26 +02:00
David Sanders
536c155e67
Fixed #32765 -- Removed "for" HTML attribute from ReadOnlyPasswordHashWidget.
...
ReadOnlyPasswordHashWidget doesn't have any labelable elements.
2021-05-19 20:34:57 +02:00
Claude Paroz
8cd55021bc
Fixed #32379 -- Started deprecation toward changing default USE_TZ to True.
...
Co-authored-by: Nick Pope <nick@nickpope.me.uk>
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2021-05-18 20:26:44 +02:00
Mariusz Felisiak
958cdf65ae
Fixed #32747 -- Prevented initialization of unused caches.
...
Thanks Alexander Ebral for the report.
Regression in 98e05ccde4
.
2021-05-18 18:24:19 +02:00
Rust Saiargaliev
a24fed399c
Fixed #32733 -- Skipped system check for specifying type of auto-created primary keys on abstract models.
...
Regression in b5e12d490a
.
2021-05-18 13:02:33 +02:00
Rust Saiargaliev
f07723aa0a
Refs #31007 -- Added test for check for specifying type of auto-created primary keys from abstract models.
2021-05-18 12:54:51 +02:00
Slava Skvortsov
f7691d4812
Fixed #32754 -- Made AdminSite.catch_all_view() respect SCRIPT_NAME.
...
Regression in ba31b01034
.
2021-05-18 09:14:05 +02:00
Artur Beltsov
3954bf50fb
Fixed #32750 -- Fixed crash of Extract() transform on OuterRef() expressions.
...
Thanks Simon Charette for the review.
2021-05-17 17:51:39 +02:00
Rohith PR
530f58caaa
Fixed #32734 -- Fixed validation of startapp's directory with trailing slash.
...
Regression in fc9566d42d
.
2021-05-14 12:45:00 +02:00
snowman2
29345aecf6
Fixed #32721 -- Fixed migrations crash when adding namespaced spatial indexes on PostGIS.
2021-05-14 07:10:28 +02:00
Mariusz Felisiak
c6d88a1872
Refs #16455 -- Added test for using opclasses on indexes for multidimensional geometry fields on PostGIS.
2021-05-13 13:13:12 +02:00
Mariusz Felisiak
b55699968f
Fixed #32718 -- Relaxed file name validation in FileField.
...
- Validate filename returned by FileField.upload_to() not a filename
passed to the FileField.generate_filename() (upload_to() may
completely ignored passed filename).
- Allow relative paths (without dot segments) in the generated filename.
Thanks to Jakub Kleň for the report and review.
Thanks to all folks for checking this patch on existing projects.
Thanks Florian Apolloner and Markus Holtermann for the discussion and
implementation idea.
Regression in 0b79eb3691
.
2021-05-13 08:53:44 +02:00
Simon Charette
b81c7562fc
Fixed #32717 -- Fixed filtering of querysets combined with the | operator.
...
Address a long standing bug in a Where.add optimization to discard
equal nodes that was surfaced by implementing equality for Lookup
instances in bbf141bcdc
.
Thanks Shaheed Haque for the report.
2021-05-13 07:26:52 +02:00
Raffaele Salmaso
3733ae8957
Fixed #32031 -- Added model class for each model to AdminSite.each_context().
2021-05-13 06:57:09 +02:00
Nick Pope
29e4ccb1a2
Fixed #32738 -- Deprecated django.utils.datetime_safe module.
2021-05-12 14:42:17 +02:00
Nick Pope
46346f8ea0
Refs #32738 -- Added sanitize_strftime_format() to replace datetime_safe.
2021-05-12 14:42:17 +02:00
Nick Pope
44accb066a
Refs #32738 , Refs #29600 , Refs #29595 -- Removed unused django.utils.datetime_safe.time().
...
Unused since c72dde41e6
.
2021-05-12 14:42:17 +02:00
Nick Pope
1061f52436
Fixed #32732 -- Removed usage of deprecated 'db' and 'passwd' connection options in MySQL backend.
...
The 'db' and 'passwd' connection options have been deprecated, use
'database' and 'password' instead (available since mysqlclient >= 1.3.8).
This also allows the 'database' option in DATABASES['OPTIONS'] on MySQL.
2021-05-12 12:21:57 +02:00
Nick Pope
d06c5b3581
Fixed #32366 -- Updated datetime module usage to recommended approach.
...
- Replaced datetime.utcnow() with datetime.now().
- Replaced datetime.utcfromtimestamp() with datetime.fromtimestamp().
- Replaced datetime.utctimetuple() with datetime.timetuple().
- Replaced calendar.timegm() and datetime.utctimetuple() with datetime.timestamp().
2021-05-12 11:08:41 +02:00
Nick Pope
6b7960188b
Added extra assertion to migrations.test_writer.WriterTests.test_serialize_datetime.
...
This checks that datetime.timezone.utc serializes correctly.
2021-05-12 11:06:30 +02:00
saeedblanchette
e6406853c3
Refs #24121 -- Added__repr__() to StaticNode.
2021-05-12 08:41:52 +02:00
Nick Pope
34363a391b
Fixed #32735 -- Made DateFormat.Y() return a zero-padded year.
2021-05-12 08:17:06 +02:00
Mariusz Felisiak
b1a4b1f0bd
Fixed #32722 -- Fixed comparing to TruncTime() on Oracle.
2021-05-11 09:19:25 +02:00
Jordi Castells
205c36b58f
Fixed #32670 -- Allowed GDALRasters to use any GDAL virtual filesystem.
2021-05-07 20:03:46 +02:00
Hasan Ramezani
028f10fac6
Fixed #32712 -- Deprecated django.utils.baseconv module.
2021-05-07 11:57:40 +02:00
Alex Hill
c4ee3b208a
Fixed #32699 -- Fixed comparing to TruncTime() with 0 microseconds on MySQL.
2021-05-07 08:13:40 +02:00
Mariusz Felisiak
65a9d0013d
Removed unused TestHashedFiles._max_post_process_passes.
...
Unused since f1894bae30
2021-05-06 12:26:25 +02:00
Mariusz Felisiak
e1e81aa1c4
Fixed #32713 , Fixed CVE-2021-32052 -- Prevented newlines and tabs from being accepted in URLValidator on Python 3.9.5+.
...
In Python 3.9.5+ urllib.parse() automatically removes ASCII newlines
and tabs from URLs [1, 2]. Unfortunately it created an issue in
the URLValidator. URLValidator uses urllib.urlsplit() and
urllib.urlunsplit() for creating a URL variant with Punycode which no
longer contains newlines and tabs in Python 3.9.5+. As a consequence,
the regular expression matched the URL (without unsafe characters) and
the source value (with unsafe characters) was considered valid.
[1] https://bugs.python.org/issue43882 and
[2] 76cd81d603
2021-05-06 08:45:23 +02:00
Carlton Gibson
a708f39ce6
Refs CVE-2021-31542 -- Skipped mock AWS storage test on Windows.
...
The validate_file_name() sanitation introduced in
0b79eb3691
correctly rejects the example
file name as containing path elements on Windows. This breaks the test
introduced in 914c72be2a
to allow path
components for storages that may allow them.
Test is skipped pending a discussed storage refactoring to support this
use-case.
2021-05-06 07:04:52 +02:00
ecogels
a0a5e0f4c8
Fixed #32705 -- Prevented database cache backend from checking .rowcount on closed cursor.
...
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2021-05-05 12:41:59 +02:00
Simon Charette
136ff592ad
Fixed #32690 -- Fixed __in lookup crash when combining with filtered aggregates.
...
Having lookups group by subquery right-hand-sides is likely unnecessary
in the first place but relatively large amount of work would be needed
to achieve that such as making Lookup instances proper resolvable
expressions.
Regression in 3543129822
.
Thanks James A. Munsch for the report.
2021-05-05 11:41:35 +02:00
Maxim Beder
06fd4df41a
Fixed #32479 -- Added fallbacks to subsequent language codes in translations.
...
Thanks Claude Paroz and Nick Pope for reviews.
2021-05-05 09:37:54 +02:00
Simon Charette
96f55ccf79
Fixed #32714 -- Prevented recreation of migration for Meta.ordering with OrderBy expressions.
...
Regression in c8b6594305
.
Thanks Kevin Marsh for the report.
2021-05-05 08:43:57 +02:00
Karthikeyan Singaravelan
f9f6bd63c9
Refs #32074 -- Removed usage of deprecated Thread.setDaemon().
...
Thread.setDaemon() was deprecated in Python 3.10 and will be removed in
Python 3.12.
2021-05-04 12:07:18 +02:00
Florian Apolloner
0b79eb3691
Fixed CVE-2021-31542 -- Tightened path & file name sanitation in file uploads.
2021-05-04 08:44:42 +02:00
Hasan Ramezani
8de4ca74ba
Fixed #32693 -- Quoted and lowercased generated column aliases.
2021-05-04 07:36:56 +02:00
Mariusz Felisiak
1f643c28b5
Fixed #32653 -- Made quoting names in the Oracle backend consistent with db_table.
2021-04-30 12:59:07 +02:00
Tim Graham
54da6e2ac2
Fixed #32678 -- Removed SECURE_BROWSER_XSS_FILTER setting.
2021-04-30 12:32:52 +02:00
Hasan Ramezani
8bcb00858e
Fixed #32698 -- Moved HttpRequest.get_raw_uri() to ExceptionReporter._get_raw_insecure_uri().
2021-04-30 08:05:42 +02:00
Nick Pope
2161db0792
Fixed capitalization of "ECMAScript" and "JavaScript".
2021-04-29 20:29:08 +02:00
Simon Charette
c8b6594305
Fixed #32632 , Fixed #32657 -- Removed flawed support for Subquery deconstruction.
...
Subquery deconstruction support required implementing complex and
expensive equality rules for sql.Query objects for little benefit as
the latter cannot themselves be made deconstructible to their reference
to model classes.
Making Expression @deconstructible and not BaseExpression allows
interested parties to conform to the "expression" API even if they are
not deconstructible as it's only a requirement for expressions allowed
in Model fields and meta options (e.g. constraints, indexes).
Thanks Phillip Cutter for the report.
This also fixes a performance regression in bbf141bcdc
.
2021-04-28 12:13:55 +02:00
Mariusz Felisiak
4f600673d7
Refs #32632 -- Added tests for returning a copy when combining Q() objects.
2021-04-28 11:31:17 +02:00
Konstantin Alekseev
6e742dabc9
Fixed #32687 -- Restored passing process’ environment to underlying tool in dbshell on PostgreSQL.
...
Regression in bbe6fbb876
.
2021-04-27 10:43:35 +02:00
Mariusz Felisiak
1871182031
Fixed #32682 -- Made admin changelist use Exists() instead of distinct() for preventing duplicates.
...
Thanks Zain Patel for the report and Simon Charette for reviews.
The exception introduced in 6307c3f1a1
revealed a possible data loss issue in the admin.
2021-04-27 10:34:47 +02:00
Mariusz Felisiak
cd74aad90e
Refs #32682 -- Renamed use_distinct variable to may_have_duplicates.
...
QuerySet.distinct() is not the only way to avoid duplicate, it's also
not preferred.
2021-04-27 10:34:47 +02:00
Mariusz Felisiak
4074f38e1d
Refs #32682 -- Fixed QuerySet.delete() crash on querysets with self-referential subqueries on MySQL.
2021-04-27 10:34:47 +02:00
Mariusz Felisiak
158eca4f93
Refs #19080 -- Added tests for preserving select_related() in the admin changelist.
2021-04-27 10:34:47 +02:00
Mariusz Felisiak
d68be0494b
Refs 32637 -- Made technical 404 debug page display exception message when URL is resolved.
...
Follow up to 3b8527e32b
.
2021-04-27 08:40:52 +02:00
Hannes Ljungberg
eab71f7690
Fixed #32686 -- Removed unnecessary semicolon on collected multiline SQL for RunSQL.
2021-04-27 08:01:07 +02:00
Hannes Ljungberg
95754dbc9b
Refs #32686 -- Added tests for adding a semicolon when collecting SQL for RunSQL.
2021-04-27 07:59:41 +02:00
Zain Patel
4e5bbb6ef2
Fixed #32681 -- Fixed VariableDoesNotExist when rendering some admin template.
...
Regression in 84609b3205
.
2021-04-26 07:08:16 +02:00