Commit Graph

17816 Commits

Author SHA1 Message Date
Hasan Ramezani 1da54bfe7d Corrected messages of admin checks for invalid model field names. 2021-03-04 08:41:28 +01:00
Jacob Walls b23232b6ab Fixed #27854 -- Added system check for nonexistent directories in STATICFILES_DIRS setting. 2021-03-03 11:27:08 +01:00
Jacob Walls be8faa7c75 Refs #27854 -- Skipped subsequent checks if STATICFILES_DIRS is not a list or tuple. 2021-03-03 09:36:06 +01:00
tim-mccurrach f55f3ce831
Fixed #32493 -- Removed redundant never_cache uses from admin views.
Co-authored-by: Carlton Gibson <carlton.gibson@noumenal.es>
2021-03-03 09:13:07 +01:00
François Freitag 7ca7f4495b Refs #21429 -- Added SimpleTestCase.assertNoLogs() on Python < 3.10. 2021-03-02 20:35:33 +01:00
Rohith PR d3ecef26b9 Refs #24121 -- Added __repr__() to URLNode. 2021-03-02 12:24:49 +01:00
Jacob Walls 73b1b225ce Fixed #22640 -- Raised TypeError when instantiating model with keyword and positional args for the same field. 2021-03-01 20:26:39 +01:00
Jacob Walls 712fe12466
Refs #23919 -- Removed unneeded AttributeError catching in collectstatic's link_file().
os.symlink() exists always on Python 3.2+.
2021-03-01 10:54:02 +01:00
Hasan Ramezani 8380fe08a0 Fixed #32456 -- Added dbshell support for specifying a password file on PostgreSQL. 2021-03-01 09:33:49 +01:00
Jacob Walls 64a0d1ef6e Fixed typo in assertQuerysetEqual() exception message. 2021-02-26 21:12:11 +01:00
Mariusz Felisiak 8908846444
Refs #32292 -- Made dbshell do not use 'postgres' database when service name is set.
Regression in dcb3ad3319.
2021-02-26 20:53:01 +01:00
Jacob Walls 337cd652a5 Fixed #28607 -- Prevented duplicates in HashedFilesMixin post-processing results.
Thanks Ed Morley for the implementation idea.
2021-02-26 11:38:32 +01:00
David Smith 179ee13eb3 Refs #24121 -- Added __repr__() to FilterExpression, Lexer, Parser, and Token. 2021-02-26 10:25:08 +01:00
BeryCZ 807226cd79
Fixed #32480 -- Corrected docstring and removed redundant comments in django/views/defaults.py. 2021-02-24 21:32:37 +01:00
Simon Charette 3089018e95 Fixed #32446 -- Deprecated SERIALIZE test database setting.
Whether or not the state of a test database should be serialized can be
inferred from the set of databases allowed to be access from discovered
TestCase/TransactionTestCase enabling the serialized_rollback feature
which makes this setting unnecessary.

This should make a significant test suite bootstraping time difference
on large projects that didn't explicitly disable test database
serialization.
2021-02-24 20:31:11 +01:00
Mariusz Felisiak c8837322e8
Refs #31811 -- Restored **kwargs to django.test.utils.setup_databases().
Accidentally removed in 61a0ba43cf.
2021-02-24 12:57:13 +01:00
Haki Benita 3fd82a6241 Refs #32468 -- Added error message on invalid usage of cache decorators. 2021-02-24 10:13:51 +01:00
Haki Benita 63bbfa9f45 Fixed #32468 -- Corrected usage of never_cache in contrib.admin. 2021-02-24 10:13:43 +01:00
Simon Charette 277eea8fcc Fixed #32478 -- Included nested columns referenced by subqueries in GROUP BY on aggregations.
Regression in fb3f034f1c.

Refs #31094, #31150.

Thanks Igor Pejic for the report.
2021-02-24 09:01:36 +01:00
Hannes Ljungberg 3aa545281e Fixed #30916 -- Added support for functional unique constraints.
Thanks Ian Foote and Mariusz Felisiak for reviews.
2021-02-23 20:19:53 +01:00
Chris Jerdonek 19ce1d493a Fixed typo in django/db/backends/sqlite3/base.py comment. 2021-02-23 10:54:32 +01:00
Marc Gibbons d6572ee4b0 Fixed #32470 -- Fixed ResolverMatch instance on test clients when request.urlconf is set. 2021-02-23 09:54:49 +01:00
Nick Pope 8f02a78695
Refs #16117 -- Made @action and @display decorators importable from django.contrib.gis.admin. 2021-02-22 10:12:33 +01:00
Nick Pope 0e4e35722a Fixed #32469 -- Made assertQuerysetEqual() respect maxDiff when ordered=False. 2021-02-22 09:27:46 +01:00
Hannes Ljungberg 87acbf0631 Fixed #32458 -- Made __repr__() for Index and BaseConstraint subclasses more consistent. 2021-02-19 20:25:11 +01:00
Hasan Ramezani 7c18b22e2f Fixed #32256 -- Fixed migration optimization crash when swapping field names.
This disables optimization of RenameField operation when an old field
name is referenced in subsequent operations.

Co-authored-by: InvalidInterrupt <InvalidInterrupt@users.noreply.github.com>
2021-02-19 11:19:01 +01:00
Hasan Ramezani f2bef2b7bc Fixed #32455 -- Allowed right combining Q() with boolean expressions. 2021-02-18 22:20:36 +01:00
starryrbs 466920f6d7 Fixed #32450 -- Fixed crash when ANDing/ORing an empty Q() with not pickleable Q().
Regression in bb0b6e5263.
2021-02-18 21:13:24 +01:00
Amir Ajorloo 1710cdbe79
Fixed #32443 -- Removed "shifted" CSS class when admin's sidebar is disabled. 2021-02-18 09:18:19 +01:00
Hannes Ljungberg 4d99375b46 Fixed #32453 -- Added introspection of unique constraint field ordering on SQLite.
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2021-02-17 10:59:17 +01:00
Teresa Partida 45bef6706a Fixed #30231 -- Fixed admin filter horizontal/vertical verbose_name generation.
Co-authored-by: David Smith <smithdc@gmail.com>
2021-02-16 14:26:53 +01:00
Harm Geerts 06e5f7ae16 Fixed #29052 -- Made test database creation preserve alias order and prefer the "default" database.
This fixes flushing test databases when two aliases point to the same
database.

Use a list() to store the test database aliases so the order remains
stable by following the order of the connections. Also, always use the
"default" database alias as the first alias to accommodate `migrate`.

Previously `migrate` could be executed on a secondary alias which
caused truncating the "default" database.
2021-02-16 10:25:34 +01:00
manav014 3119a6deca Fixed #26607 -- Allowed customizing formset kwargs with ModelAdmin.get_formset_kwargs().
Thanks Nick Pope for reviews.
2021-02-15 11:37:35 +01:00
Chris Jerdonek 600ff26a85 Fixed #32417 -- Removed unneeded hasattr() check in LiveServerTestCase._tearDownClassInternal(). 2021-02-15 10:25:11 +01:00
Hannes Ljungberg c60b9e6640 Simplified introspection of constraints on MySQL.
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2021-02-12 21:11:04 +01:00
Chris Jerdonek 694deff82f Fixed #32437 -- Fixed cleaning up ALLOWED_HOSTS in LiveServerTestCase on setUpClass() failure. 2021-02-12 09:39:48 +01:00
Chris Jerdonek 91c243f80f Refs #32416 -- Added LiveServerThread.server_class to ease subclassing. 2021-02-12 08:17:46 +01:00
Egidijus Macijauskas 6307c3f1a1 Fixed #32433 -- Added error message on QuerySet.delete() following distinct(). 2021-02-11 08:33:30 +01:00
Ramon Saraiva dcb094abe8 Fixed #32421 -- Made admindocs ModelDetailView show model cached properties. 2021-02-11 06:50:50 +01:00
Carlton Gibson 4372233ebf Refs #32355 -- Restored PY36 and PY37 version constants.
Partially reverts ec0ff40631.

PY36 should be removed when Django 2.2 is EOL.
PY37 should be removed when Django 3.2 is EOL.

Thanks to Tim Graham for the report.
2021-02-10 19:57:11 +01:00
Mariusz Felisiak ec0ff40631 Fixed #32355 -- Dropped support for Python 3.6 and 3.7 2021-02-10 10:20:54 +01:00
Josh Santos 9c6ba87692 Fixed #32145 -- Improved makemessages error message when app's locale directory doesn't exist. 2021-02-09 20:00:20 +01:00
Jordan Bae d4ac23bee1 Fixed #32425 -- Fixed adding nullable field with default on MySQL.
Thanks Simon Charette for the review.
2021-02-09 06:59:31 +01:00
ThinkChaos b99d6c9cbc Fixed #28216 -- Added next_page/get_default_redirect_url() to LoginView. 2021-02-08 21:08:05 +01:00
Markus Holtermann 9d05add447 Fixed #32394 -- Changed project template settings to use relative STATIC_URL.
Refs #25598 which added original support for relative STATIC_URL and
MEDIA_URL.
2021-02-06 13:34:00 +01:00
Hasan Ramezani 63d239db03 Fixed #32411 -- Fixed __icontains lookup for JSONField on MySQL. 2021-02-05 16:14:12 +01:00
Mikolaj Rybinski 8e90560aa8 Fixed #32420 -- Fixed detecting primary key values in deserialization when PK is also a FK. 2021-02-05 12:33:43 +01:00
Daniel Ebrahimian 3f8979e37b Fixed #32350 -- Fixed showmigrations crash for applied squashed migrations.
Thanks Simon Charette for reviews.
2021-02-04 21:17:26 +01:00
Simon Charette f23b05696e Fixed #32395 -- Allowed capturing stdout of migration signals. 2021-02-04 11:19:49 +01:00
Mariusz Felisiak 5d9b065d3f Refs #32074 -- Fixed TextChoices/IntegerChoices crash on Python 3.10.
EnumMeta has a new keyword argument 'boundary' in Python 3.10. This
is a new mechanism that controls how out-of-range / invalid bits are
handled, see https://bugs.python.org/issue38250.
2021-02-04 10:47:45 +01:00
Jim Xie ce60d28929 Fixed #31527 -- Allowed admindocs index to handle non-string URLconfs. 2021-02-04 10:11:58 +01:00
Hasan Ramezani 7cba92ec55 Fixed #32332 -- Fixed loss of parent with non-numeric pk when saving child after parent.
Follow up to 519016e5f2.
2021-02-04 06:06:00 +01:00
Mariusz Felisiak f39634ff22 Refs #32390 -- Bumped required cx_Oracle to 7.0. 2021-02-03 10:03:33 +01:00
Mariusz Felisiak 84283ab9cd Fixed #32390 -- Dropped support for Oracle 12.2 and 18c. 2021-02-03 10:03:33 +01:00
Mariusz Felisiak f131841c60
Fixed #32403 -- Fixed re-raising DatabaseErrors when using only 'postgres' database.
Thanks Kazantcev Andrey for the report.

Regression in f48f671223.
2021-02-02 21:34:36 +01:00
Mariusz Felisiak 05413afa8c Fixed CVE-2021-3281 -- Fixed potential directory-traversal via archive.extract().
Thanks Florian Apolloner, Shai Berger, and Simon Charette for reviews.

Thanks Wang Baohua for the report.
2021-02-01 09:07:36 +01:00
Sandro Covo 6822aa5c6c Fixed #32345 -- Fixed preserving encoded query strings in set_language() view.
Thanks Johannes Maron for the review.
2021-01-29 11:58:43 +01:00
Tilman Koschnick fdfbc66331 Fixed #32392 -- Fixed ExclusionConstraint crash with Cast() in expressions. 2021-01-29 11:05:00 +01:00
Denis Skulimovskiy 269a767146 Fixed #32391 -- Used CSS flex properties for changelist filter.
Matched layout adjustment using flex from admin sidebar added in
d24ba1be7a.

Filters would become squashed when viewport was
constrained or list display table became too wide.
2021-01-28 15:51:05 +01:00
Illia Volochii 3c004075b1 Fixed #32389 -- Fixed ResponseHeaders crash when data is not mapping. 2021-01-28 10:10:08 +01:00
David Smith 54102d20b2
Improved performance of django.forms.ChoiceWidget.optgroups(). 2021-01-27 21:10:11 +01:00
tim-mccurrach a736baab92
Fixed #32385 -- Removed unused and duplicated loading of tags in admin templates.
- `i18n` is duplicated in base.html.
- `l10n` is unused in prepopulated_fields_js.html
  since d638cdc42a.
- `static` is unused in change_list_results.html
  since f2ed107b07.
- `static` is unused in stacked.html
  since d61ebc8fed.
2021-01-27 12:16:12 +01:00
Hasan Ramezani c978dd93fd Fixed #32290 -- Fixed TemplateNotFound in {% include %} tag for relative path in variable. 2021-01-27 10:07:31 +01:00
Jerin Peter George 1adc09064f Fixed #32347 -- Made ModelChoiceField include the value in ValidationError for invalid_choice. 2021-01-26 09:31:53 +01:00
Simon Charette 42e8cf47c7 Fixed #32369 -- Fixed adding check constraints with pattern lookups and expressions as rhs.
This disables interpolation of constraint creation statements. Since
Constraint.create_sql interpolates its parameters instead of deferring
this responsibility to the backend connection it must disable
connection level parameters interpolation.
2021-01-26 06:41:57 +01:00
Timothy McCurrach b1821fbad5 Fixed #32360 -- Added system check for FILE_UPLOAD_TEMP_DIR setting. 2021-01-22 07:51:00 +01:00
Mariusz Felisiak a03a36121d Fixed #32367 -- Fixed system check for specifying type of auto-created primary keys for inherited PKs.
Regression in b5e12d490a.

Thanks אורי for the report.
2021-01-21 09:03:07 +01:00
Simon Charette 0c42cdf0d2 Fixed #32374 -- Stopped recording migration application before deferred SQL.
Migrations cannot be recorded in the same transaction as its associated
DDL operations when some of it is deferred until the schema editor
context exits.

Regression in c86a3d80a2.
2021-01-21 07:03:35 +01:00
Hasan Ramezani dcb3ad3319 Fixed #32292 -- Added support for connection by service name to PostgreSQL. 2021-01-20 17:30:37 +01:00
Tom Carrick f054468cac
Refs #31259 -- Made various dark theme adjustments. 2021-01-20 15:47:23 +01:00
muskanvaswan ab7478d1d4 Fixed #32324 -- Added template block to override the admin site header. 2021-01-19 12:27:07 +01:00
Mariusz Felisiak 5371342ed6
Fixed #32357 -- Dropped support for PostgreSQL 9.6 and PostGIS 2.3. 2021-01-19 12:25:20 +01:00
Paul Ganssle 10d1261984 Refs #32365 -- Allowed use of non-pytz timezone implementations. 2021-01-19 11:59:37 +01:00
Adam Johnson 8c7ff7b8cf
Removed unreachable SystemExit check.
This check dates back to Python <2.5, before Python introduced
BaseException to prevent exactly unwarranted catching of SystemExit
(and others).

response_for_exception() is only called under `except Exception` or
`except Http404` so it's now impossible for a SystemExit instance to
reach the branch.
2021-01-19 07:04:53 +01:00
David Smith 6b01511f04
Removed unnecessary empty dict creation in ChoiceWidget.create_option().
build_atttrs() already creates an empty dict if extra_attrs is None.
2021-01-19 06:52:34 +01:00
Hasan Ramezani 34aa4f1997 Fixed #32296 -- Added --skip-checks option to runserver command. 2021-01-18 12:51:35 +01:00
Illia Volochii bef6f75842 Fixed #32358 -- Fixed queryset crash when grouping by annotation with Distance()/Area().
Made MeasureBase hashable.
2021-01-18 09:58:50 +01:00
Timothy McCurrach 0aff3fd711 Fixed #18549 -- Fixed heading for inlines with a OneToOneField.
Used verbose_name instead of verbose_name_plural.
2021-01-18 08:12:19 +01:00
David Smith e58f79c535
Improved performance of DecimalField.
strip() is unnecessary because decimal.Decimal() strips the input value.
2021-01-16 17:49:02 +01:00
Mariusz Felisiak 88e972e46d
Fixed #32265, Refs #32355 -- Removed unnecessary ServerHandler.handle_error().
ConnectionAbortedError, BrokenPipeError, ConnectionResetError raised
from SocketServer.BaseServer.finish_request() are already suppressed
by wsgiref.handlers.BaseHandler.run() in Python 3.7+, see
47ffc1a9f6
2021-01-16 17:37:53 +01:00
Claude Paroz e0a46367df Updated source translation catalogs.
Forwardport of 3dc3a952b2 from stable/3.2.x.
2021-01-15 09:43:45 +01:00
Mariusz Felisiak a948d9df39 Increased the default PBKDF2 iterations for Django 4.0. 2021-01-14 17:50:04 +01:00
Mariusz Felisiak b4c5f878bd Advanced deprecation warnings for Django 4.0. 2021-01-14 17:50:04 +01:00
Mariusz Felisiak 0aa6a602b2 Refs #31842 -- Removed DEFAULT_HASHING_ALGORITHM transitional setting.
Per deprecation timeline.
2021-01-14 17:50:04 +01:00
Mariusz Felisiak e7208f13c0 Refs #25236 -- Removed {% ifequal %} and {% ifnotequal %} template tags per deprecation timeline. 2021-01-14 17:50:04 +01:00
Mariusz Felisiak 2dd6a83d2d Refs #12990 -- Removed django.contrib.postgres.forms.JSONField per deprecation timeline. 2021-01-14 17:50:04 +01:00
Mariusz Felisiak 8fdb5a656a Refs #12990 -- Removed django.contrib.postgres.fields.jsonb.KeyTransform/KeyTextTransform.
Per deprecation timeline.
2021-01-14 17:50:04 +01:00
Mariusz Felisiak 7cb5712edc Refs #12990 -- Removed django.contrib.postgres.fields.JSONField per deprecation timeline. 2021-01-14 17:50:04 +01:00
Mariusz Felisiak 98ae3925e5 Refs #31534 -- Removed django.conf.urls.url() per deprecation timeline. 2021-01-14 17:50:04 +01:00
Mariusz Felisiak be6e468130 Refs #31359 -- Made get_random_string()'s length argument required.
Per deprecation timeline.
2021-01-14 17:50:04 +01:00
Mariusz Felisiak d992f4e3c2 Refs #31369 -- Removed models.NullBooleanField per deprecation timeline. 2021-01-14 17:50:04 +01:00
Mariusz Felisiak 06eec31970 Refs #7098 -- Removed support for passing raw column aliases to order_by().
Per deprecation timeline.
2021-01-14 17:50:04 +01:00
Mariusz Felisiak bf770cc825 Refs #8760 -- Removed "list" message for ModelMultipleChoiceField per deprecation timeline. 2021-01-14 17:50:04 +01:00
Mariusz Felisiak 1adcf20385 Refs #31327 -- Removed providing_args argument for Signal per deprecation timeline. 2021-01-14 17:50:04 +01:00
Mariusz Felisiak 4bb30fe5d5 Refs #26601 -- Made get_response argument required and don't accept None in middleware classes.
Per deprecation timeline.
2021-01-14 17:50:04 +01:00
Mariusz Felisiak 6b4941dd57 Refs #27468 -- Removed support for the pre-Django 3.1 user sessions.
Per deprecation timeline.
2021-01-14 17:50:04 +01:00
Mariusz Felisiak d32a232fe9 Refs #27468 -- Removed support for the pre-Django 3.1 signatures in Signer and signing.dumps()/loads().
Per deprecation timeline.
2021-01-14 17:50:04 +01:00
Mariusz Felisiak 8250145a0c Refs #31274 -- Removed support for the pre-Django 3.1 encoding format of sessions.
Per deprecation timeline.
2021-01-14 17:50:04 +01:00
Mariusz Felisiak 66b4046d68 Refs #27468 -- Removed support for the pre-Django 3.1 password reset tokens.
Per deprecation timeline.
2021-01-14 17:50:04 +01:00
Mariusz Felisiak 831a05b185 Refs #27604 -- Removed support for the pre-Django 3.1 encoding format in CookieStorage.
Per deprecation timeline.
2021-01-14 17:50:04 +01:00
Mariusz Felisiak d08977a0f0 Refs #30997 -- Removed HttpRequest.is_ajax() per deprecation timeline. 2021-01-14 17:50:04 +01:00
Mariusz Felisiak 90c59b4e12 Refs #23433 -- Removed django-admin.py entry point per deprecation timeline. 2021-01-14 17:50:04 +01:00
Mariusz Felisiak 68e3ca13d7 Refs #30988 -- Removed InvalidQuery exception per deprecation timeline. 2021-01-14 17:50:04 +01:00
Mariusz Felisiak 396da8b94c Refs #30841 -- Made isnull lookup raise ValueError for non-boolean values.
Per deprecation timeline.
2021-01-14 17:50:04 +01:00
Mariusz Felisiak 12ac4916af Refs #28622 -- Removed settings.PASSWORD_RESET_TIMEOUT_DAYS per deprecation timeline. 2021-01-14 17:50:04 +01:00
Mariusz Felisiak 9e456f3166 Refs #30747 -- Removed django.utils.http.is_safe_url() per deprecation timeline. 2021-01-14 17:50:04 +01:00
Mariusz Felisiak 157ab32f34 Refs #27753 -- Removed django.utils.text.unescape_entities() per deprecation timeline. 2021-01-14 17:50:04 +01:00
Mariusz Felisiak 5e33ec80d1 Refs #30158 -- Made alias argument required in signature of Expression.get_group_by_cols() subclasses.
Per deprecation timeline.
2021-01-14 17:50:04 +01:00
Mariusz Felisiak d134b0b93e Refs #15902 -- Stopped set_language() storing user's language in the session.
Per deprecation timeline.
2021-01-14 17:50:04 +01:00
Mariusz Felisiak 52a238ddf2 Refs #30165 -- Removed ugettext(), ugettext_lazy(), ugettext_noop(), ungettext(), and ungettext_lazy() per deprecation timeline. 2021-01-14 17:50:04 +01:00
Mariusz Felisiak 810f037b29 Refs #27753 -- Removed django.utils.encoding.force_text() and smart_text() per deprecation timeline. 2021-01-14 17:50:04 +01:00
Mariusz Felisiak 88ed1c8d08 Refs #27753 -- Removed django.utils.http urllib aliases per deprecation timeline. 2021-01-14 17:50:04 +01:00
Mariusz Felisiak f20a622aea Bumped version; master is now 4.0 pre-alpha. 2021-01-14 17:50:04 +01:00
Matthias Kestenholz 257dfce6c8
Refs #31259 -- Improved some color contrasts for admin dark theme. 2021-01-14 14:06:02 +01:00
Hasan Ramezani f750377318 Fixed #32321 -- Added system checks for invalid model field names in functional indexes. 2021-01-14 12:27:00 +01:00
Jon Moroney 76ae6ccf85 Fixed #31358 -- Increased salt entropy of password hashers.
Co-authored-by: Florian Apolloner <florian@apolloner.eu>
2021-01-14 11:20:28 +01:00
Hannes Ljungberg ffe756d624 Refs #26167 -- Changed default value of DatabaseFeatures.supports_expression_indexes to True. 2021-01-14 08:32:26 +01:00
mimi89999 b5cef91a91 Fixed #31259 -- Added admin dark theme. 2021-01-14 08:27:29 +01:00
Florian Apolloner 64cc9dcdad Refs #31358 -- Added constant for get_random_string()'s default alphabet. 2021-01-13 20:40:40 +01:00
Nick Pope 9204485396
Fixed #16117 -- Added decorators for admin action and display functions.
Refs #25134, #32099.
2021-01-13 17:19:22 +01:00
Hannes Ljungberg 83fcfc9ec8 Fixed #26167 -- Added support for functional indexes.
Thanks Simon Charette, Mads Jensen, and Mariusz Felisiak for reviews.

Co-authored-by: Markus Holtermann <info@markusholtermann.eu>
2021-01-13 11:47:50 +01:00
Tim Graham e3ece0144a Removed redundant database vendor helpers in gis_tests/utils.py. 2021-01-13 09:22:44 +01:00
Tim Graham 9f91122ed8 Added SpatialFeatures.empty_intersection_returns_none. 2021-01-13 09:22:44 +01:00
Hannes Ljungberg 4c62cdaa10 Refs #26709 -- Made Index raise ValueError on non-string fields. 2021-01-12 20:22:44 +01:00
Paolo Melchiorre c412d9af7e
Fixed #32291 -- Added fixtures compression support to dumpdata. 2021-01-12 15:47:58 +01:00
Jon Dufresne ba31b01034
Fixed #31747 -- Fixed model enumeration via admin URLs.
Co-authored-by: Carlton Gibson <carlton.gibson@noumenal.es>
2021-01-12 14:37:56 +01:00
Johannes Maron 3071660acf
Fixed #29010, Fixed #29138 -- Added limit_choices_to and to_field support to autocomplete fields.
* Fixed #29010 -- Added limit_choices_to support to autocomplete fields.
* Fixed #29138 -- Allowed autocomplete fields to target a custom
  to_field rather than the PK.
2021-01-12 11:37:38 +01:00
Hasan Ramezani ba3fb2e4d0
Refs #32311 -- Fixed CSRF_FAILURE_VIEW system check errors code. 2021-01-12 11:22:13 +01:00
Hasan Ramezani 64331419c8
Fixed #32311 -- Added system check for CSRF_FAILURE_VIEW setting. 2021-01-12 09:44:36 +01:00
Michel Le Bihan 16d27fb806
Refs #32018 -- Corrected color variables for paginator and header links in admin.
Follow up to cd3019bc10.
2021-01-12 06:34:25 +01:00
Mariusz Felisiak 407d3cf39c
Fixed #32342 -- Added index order introspection on MySQL 8.0.1+. 2021-01-11 11:45:20 +01:00
Michel Le Bihan cd3019bc10
Refs #32018 -- Used --header-link-color for header links in admin. 2021-01-11 11:42:59 +01:00
David Smith 622fcb8119
Refs #31791 -- Improved performance of URLResolver.resolve().
Performance regression in 11ebc6479f.
2021-01-11 07:49:01 +01:00
Florian Apolloner 2d6179c819 Fixed #32191 -- Made CookieStorage use RFC 6265 compliant format.
Co-authored-by: Craig Smith <hello@craigiansmith.com.au>
2021-01-07 13:00:53 +01:00
Matthias Kestenholz 0a802233ec
Fixed #32018 -- Extracted admin colors into CSS variables.
Defined all colors used in the admin CSS as variables. Implemented the
following standardizations and accessibility improvements while at it:

- Improved the contrast of text to not use ratios of less than 3:1 anymore.
- Most hover states already used desaturated and darkened colors.
  Changed object tools to follow the same rule instead of showing the
  primary color on hover.

Various places used similar colors; those have been merged with the goal
of reducing the count of CSS variables. Contrasts have been improved in
a few places.

- Many borders used slightly different colors (e.g. #eaeaea vs. #eee)
- Help texts used #999, this has been changed to --body-quiet-color
  (#666) which has a better contrast.

Introduced fast color transitions on links and buttons.
2021-01-07 10:07:19 +01:00
Florian Apolloner 102d92fc09 Refs #32191 -- Added Signer.sign_object()/unsign_object().
Co-authored-by: Craig Smith <hello@craigiansmith.com.au>
2021-01-06 20:16:47 +01:00
Mariusz Felisiak 5bcba16c01
Refs #25175 -- Removed postgresql_psycopg2 in django.db.utils.load_backend().
Follow up to 944469939b.
2021-01-06 20:15:14 +01:00
Viktor Grabov 6a054f7681
Fixed #32322 -- Fixed autocomplete widget wrapping. 2021-01-06 09:32:13 +01:00
William Schwartz ec6d2531c5 Fixed #32314 -- Fixed detection when started non-django modules with "python -m" in autoreloader.
django.utils.autoreload.get_child_arguments() detected when Python was
started with the `-m` option only for `django` module. This commit
changes the logic to check __spec__, see
https://docs.python.org/3/reference/import.html#main-spec

Now packages can implement their own __main__ with the runserver
command.
2021-01-05 21:03:29 +01:00
Alexander Lyabah 415f50298f Fixed #32231 -- Allowed passing None params to QuerySet.raw(). 2021-01-05 10:37:11 +01:00
Akshat1Nar b41d38ae26 Fixed #32298 -- Fixed URLValidator hostname length validation.
URLValidator now validates the maximum length of a hostname without
the userinfo and port.
2021-01-04 09:25:40 +01:00
William Schwartz 0ea1866f6e
Simplified django.db.utils.load_backend().
Previously load_backend() performed search by computing the (sole)
entry of django.db.backends.__path__ manually from
django.db.utils.__file__. Now django.db.backends.__path__ is used
directly.
2021-01-04 07:16:13 +01:00
Tim Graham 060e6bdd1f
Replaced DatabaseFeatures.supports_left_right_lookups with skipUnlessGISLookup. 2021-01-02 21:39:48 +01:00
Mariusz Felisiak e13b71403b
Fixed #32304 -- Fixed prefixing STATIC_URL and MEDIA_URL by SCRIPT_NAME for absolute URLs with no domain.
Thanks Adam Hooper for the report.

Regression in c574bec092.
2020-12-31 13:18:57 +01:00
manav014 a9a7421ab8 Fixed #32294 -- Prevented ManyToManyField's hidden related name collisions between apps. 2020-12-30 13:11:47 +01:00
Mariusz Felisiak 74fd233b14
Fixed #32303 -- Bumped minimum supported SQLite to 3.9.0. 2020-12-30 09:01:56 +01:00
William Schwartz e64c1d8055 Fixed #32302 -- Allowed migrations to be loaded from regular packages with no __file__ attribute.
The migrations loader prevents the use of PEP-420 namespace packages
for holding apps' migrations modules. Previously the loader tested for
this only by checking that app.migrations.__file__ is present. This
prevented migrations' being found in frozen Python environments that
don't set __file__ on any modules. Now the loader *additionally* checks
whether app.migrations.__path__ is a list because namespace packages
use a different type for __path__. Namespace packages continue to be
forbidden, and, in fact, users of normal Python environments should
experience no change whatsoever.
2020-12-29 12:54:08 +01:00
Mariusz Felisiak 98ad327864
Fixed #32299 -- Prevented mutating handlers when processing middlewares marking as unused in an async context.
Thanks Hubert Bielenia for the report.
2020-12-29 09:04:35 +01:00
Mariusz Felisiak 45519937e5 Added app labels to related fields checks messages E302-E305. 2020-12-29 09:01:35 +01:00
Mariusz Felisiak ce30e750e6
Used model's Options.label where applicable.
Follow up to b7a3a6c9ef.
2020-12-29 08:56:39 +01:00
Florian Apolloner c76d51b3ad Refs #31358 -- Fixed decoding salt in Argon2PasswordHasher.
Argon2 encodes the salt as base64 for representation in the final hash
output. To be able to accurately return the used salt from decode(),
add padding, b64decode, and decode from latin1 (for the remote
possibility that someone supplied a custom hash consisting solely of
bytes -- this would require a manual construction of the hash though,
Django's interface does not allow for that).
2020-12-28 11:02:08 +01:00
Florian Apolloner 1b7086b2ea Refs #31358 -- Simplified Argon2PasswordHasher.must_update() by using decode(). 2020-12-28 11:02:03 +01:00
François Freitag b11ec9a69e Fixed #32301 -- Made clearsessions raise CommandError when clear_expired() is not implemented. 2020-12-28 09:30:16 +01:00
Chinmoy Chakraborty 270072c4c2 Fixed #32158 -- Fixed loaddata crash on SQLite when table/column names are SQL keywords. 2020-12-28 08:57:30 +01:00
Jacob Walls 89fc144ded Fixed #27827 -- Used "raise from" when raising InvalidTemplateLibrary exceptions in get_package_libraries().
This change sets the __cause__ attribute to raised exceptions and makes
small cleanups in error messages.
2020-12-28 07:31:37 +01:00
Hannes Ljungberg d23cb83c99 Refs #26167 -- Made DatabaseSchemaEditor._create_index_sql()'s fields argument optional and kwarg-only. 2020-12-23 11:16:13 +01:00
Hasan Ramezani 8b2a30f6f1 Fixed #32285 -- Raised ImproperlyConfigured when AppConfig.label is not a valid Python identifier. 2020-12-22 13:26:30 +01:00
Hasan Ramezani 110001d0bb Refs #32285 -- Made AppConfigStub do not call super().__init__().
Calling super().__init__() is unnecessary and enforces the use of
various workarounds.
2020-12-22 13:26:27 +01:00
starryrbs 2a76f43134 Fixed #32269 -- Fixed parse_duration() for negative days in ISO 8601 format. 2020-12-21 10:28:07 +01:00
Hasan Ramezani 577f2338f1 Fixed #32208 -- Allowed adding lazy() objects.
Co-authored-by: Claude Paroz <claude@2xlibre.net>
2020-12-21 09:24:41 +01:00
Hasan Ramezani 8d582bf510 Fixed #32262 -- Fixed migration optimization for model creation and Meta options removal. 2020-12-18 06:57:57 +01:00
Nick Pope bb64b99b78 Fixed #29867 -- Added support for storing None value in caches.
Many of the cache operations make use of the default argument to the
.get() operation to determine whether the key was found in the cache.
The default value of the default argument is None, so this results in
these operations assuming that None is not stored in the cache when it
actually is. Adding a sentinel object solves this issue.

Unfortunately the unmaintained python-memcached library does not support
a default argument to .get(), so the previous behavior is preserved for
the deprecated MemcachedCache backend.
2020-12-17 09:57:21 +01:00
Alexey Nigin b9ba85a7ce Fixed #32089 -- Fixed prefetch_related_objects() when some objects are already fetched.
Thanks Dennis Kliban for the report and Adam Johnson for the initial
patch.

Co-authored-by: Adam Johnson <me@adamj.eu>
2020-12-16 10:52:59 +01:00
Tom Forbes b5e12d490a Fixed #31007 -- Allowed specifying type of auto-created primary keys.
This also changes the default type of auto-created primary keys
for new apps and projects to BigAutoField.
2020-12-15 11:25:46 +01:00
Ayush Bansal b960e4ed72 Fixed #32261 -- Added error logging to Signal.send_robust(). 2020-12-15 11:00:26 +01:00
Abhishek Ghaskata 593829a5ab
Fixed typo in django/core/cache/backends/base.py docstring. 2020-12-15 07:05:02 +01:00
Petter Strandmark 772eca0b02 Fixed #32240 -- Made runserver suppress ConnectionAbortedError/ConnectionResetError errors.
See https://bugs.python.org/issue27682 and
https://github.com/python/cpython/pull/9713
2020-12-14 20:46:18 +01:00
Adam Johnson cf2ca22a57 Ensured that registered checks accept keyword arguments. 2020-12-14 18:08:37 +01:00
Adam Johnson ef39a8829b Added docstring to django.utils.inspect.func_accepts_kwargs(). 2020-12-14 18:08:37 +01:00
sage 8d7085e0fd Fixed #32252 -- Fixed __isnull=True on key transforms on SQLite and Oracle.
__isnull=True on key transforms should not match keys with NULL values.
2020-12-11 09:15:42 +01:00
Hasan Ramezani 3f140dde51
Refs #32178 -- Changed BaseDatabaseFeatures.django_test_expected_failures to set(). 2020-12-11 07:24:10 +01:00
Hasan Ramezani 275dd4ebba
Fixed #32178 -- Allowed database backends to skip tests and mark expected failures.
Co-authored-by: Tim Graham <timograham@gmail.com>
2020-12-10 18:00:57 +01:00
Mariusz Felisiak 5ce31d6a71
Fixed #32193 -- Deprecated MemcachedCache. 2020-12-09 21:27:32 +01:00
ᴙɘɘᴙgYmɘᴙɘj 2c5d6dc447
Fixed grammar in HttpResponse docstring. 2020-12-08 12:18:42 +01:00
Florian Apolloner 98e05ccde4 Fixed #32233 -- Cleaned-up duplicate connection functionality. 2020-12-08 08:55:44 +01:00
Florian Apolloner 148702e725 Refs #21012 -- Removed unnecessary _create_cache() hook.
This removes unused (since d038c547b5)
workaround to load a cache backend with its dotted import path and
moves remaining logic to the CacheHandler.

Thanks Tim Graham for the review.
2020-12-07 17:44:16 +01:00
sage e23484484c
Removed lhs_only argument from KeyTransform.preprocess_lhs(). 2020-12-07 10:14:27 +01:00
Timo Ludwig d8dfff2ab0 Fixed #32235 -- Made ReadOnlyPasswordHashField disabled by default. 2020-12-03 09:32:08 +01:00
Artur Beltsov 48b4bae983 Fixed #32179 -- Added JSONObject database function. 2020-12-02 09:30:50 +01:00
Tim Graham 371022a20d
Added SpatialFeatures.supports_tolerance_parameter. 2020-11-30 07:29:00 +01:00
Mariusz Felisiak 3828427f63 Refs #31978 -- Fixed hint in admin's password reset confirmation form for custom username fields.
Thanks Jaap Roes for the report.
2020-11-30 06:34:22 +01:00
Adam Johnson b9fd09d21b Fixed #32227 -- Prevented crash when setUpTestData() errors with --debug-sql.
Thanks Mariusz Felisiak for the report.
2020-11-28 12:22:59 +01:00
Giannis Adamopoulos 7603036bd0 Fixed #21021 -- Changed BaseGeometryWidget's default geometry type to 'Geometry'. 2020-11-28 09:14:40 +01:00
Mariusz Felisiak 931c6e982c Refs #32230 -- Made LayerMapping support pathlib.Path. 2020-11-28 07:41:54 +01:00
Hasan Ramezani b37be072a2 Fixed #32230 -- Made DataSource support pathlib.Path. 2020-11-28 07:36:19 +01:00
Ian Foote 3828879eee Fixed #32220 -- Added durable argument to transaction.atomic(). 2020-11-27 21:43:15 +01:00
Ian Foote 8b040e3cbb Fixed #25534, Fixed #31639 -- Added support for transform references in expressions.
Thanks Mariusz Felisiak and Simon Charette for reviews.
2020-11-27 20:42:04 +01:00
Hannes Ljungberg 33403bf80f Refs #27095 -- Allowed (non-nested) arrays containing expressions for ArrayField lookups. 2020-11-26 10:57:58 +01:00
Mariusz Felisiak aade2b461a
Fixed #32223 -- Removed strict=True in Path.resolve() in autoreloader.
This reverts commit e286711879 which
caused permission errors when users didn't have permissions to all
intermediate directories in a Django installation path.

Thanks Jakub Szafrański for the report.
2020-11-25 20:39:54 +01:00
sage fe6e582421 Fixed #32203 -- Fixed QuerySet.values()/values_list() crash on key transforms with non-string values on SQLite.
Thanks Gordon Wrigley for the report.
2020-11-25 14:51:35 +01:00
Mariusz Felisiak f5e5aac59e
Fixed #32224 -- Avoided suppressing connection errors in supports_json_field on SQLite.`
Regression in 6789ded0a6.

Thanks Juan Garcia Alvite for the report.
2020-11-25 12:19:45 +01:00
Mariusz Felisiak b996424199 Simplified JSONField key transforms by using JSON_OBJECT() on Oracle. 2020-11-24 18:11:19 +01:00
Thibaud Colas fecfec6deb Improved bidirectionality on the 'Congrats' page.
Follow up to 9012033138.
2020-11-24 13:03:35 +01:00
Daniel Hahler c70cd2a926 Refs #15053 -- Clarified debug message when skipping templates to avoid recursion. 2020-11-21 10:49:31 +01:00
Thibaud Colas a1215a3237 Fixed #32053 -- Fixed accessibility issues on the 'Congrats' page.
- Add lang attribute.
- Use the same text for the page’s main heading, and title.
- Add underlines for all links in copy.
- Stop using h2 for link to the Django page.
- Use h1 for the main heading.
- Remove useless type attribute on style element.
- Remove grey text that fails contrast checks.
- Use a shade of grey that passes AAA contrast requirements.
- Stop using h4 for footer links.
- Add full stop in block-level links so VoiceOver correctly pauses
  between runs of text.
- Hide main artwork for screen reader users.
- Update SVG icons markup to be screen-reader friendly.
- Switch options to be block-level links.
- Remove unused markup.
2020-11-20 19:18:07 +01:00
Author: Nick Pope 20f2b822f8 Added explicit HTMLElement.dir attribute in templates. 2020-11-20 11:09:46 +01:00
Florian Apolloner d10425f9c7 Simplified MessageEncoder instantiation with default separators. 2020-11-20 10:27:09 +01:00
Hasan Ramezani fe9c7ded29 Fixed #32200 -- Fixed grouping by ExpressionWrapper() with Q objects.
Thanks Gordon Wrigley for the report.

Regression in df32fd42b8.
2020-11-19 21:00:04 +01:00
Carlton Gibson ead37dfb58
Fixed #32202 -- Fixed autoreloader argument generation for Windows with Python 3.7-. 2020-11-19 12:07:15 +01:00
Seamus Quinn 9f72b0970d
Fixed #32201 -- Removed obsolete isort:skip's.
Obsolete as of isort 5.
2020-11-19 06:35:41 +01:00
David-Wobrock ba42569d5c Fixed #31507 -- Added QuerySet.exists() optimizations to compound queries. 2020-11-16 20:29:13 +01:00
Hasan Ramezani 4cce1d13cf Fixed #32197 -- Improved error message when loading a database backend fails. 2020-11-16 06:05:03 +01:00
David-Wobrock 464a4c0c59 Fixed #31496 -- Fixed QuerySet.values()/values_list() crash on combined querysets ordered by annotations. 2020-11-14 10:22:09 +01:00
Nick Pope 67a1ae68a8
Refs #24474 -- Changed AdminSite.empty_value_display property to an attribute.
This was implemented with a property getter and setter when introduced
in 0207bdd2d4.

There is nothing special occurring here though - a simple read from and
assign to the underlying private attribute.
2020-11-14 07:24:07 +01:00
Nick Pope fed8129276
Unified admin action description generation.
Actions added to AdminSite.actions would not have the first character
of their description capitalized.

Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2020-11-13 21:41:18 +01:00
manav014 f63f3cdf09 Fixed #29712 -- Made makemessages warn if locales have hyphens and skip them. 2020-11-13 09:25:42 +01:00
Nick Pope 0cbccaebeb
Simplified TimeFormat.g(). 2020-11-12 15:19:17 +01:00
Sam 895f6e4992 Fixed #32149 -- Added support for years < 1000 to DateFormat.y(). 2020-11-12 12:43:06 +01:00
MinchinWeb f1585c54d0
Fixed #31216 -- Added support for colorama terminal colors on Windows.
Modern setups on Windows support terminal colors.
The colorama library may also be used, as an
alternative to the ANSICON library.
2020-11-11 14:27:10 +01:00
Artem Kosenko b7f500396e Fixed #31757 -- Adjusted system check for SECRET_KEY to warn about autogenerated default keys.
Thanks Nick Pope, René Fleschenberg, and Carlton Gibson for reviews.
2020-11-11 12:45:34 +01:00
Carles Pina i Estany 721c95ba0b Fixed #32180 -- Added system check for file system caches absolute location. 2020-11-11 11:04:52 +01:00
William Schwartz c0fc5ba380 Fixed #32183 -- Fixed shell crash when passing code with nested scopes. 2020-11-11 09:18:26 +01:00
Hasan Ramezani 50c3ac6fa9 Fixed #31762 -- Made reloading the database for tests use the base manager.
Co-authored-by: Eugene Kulak <kulak.eugene@gmail.com>
2020-11-11 08:33:30 +01:00
Tim Graham c9e8544321
Added SpatialFeatures.unsupported_geojson_options. 2020-11-11 07:39:15 +01:00
Vishnu Ks f90fcc222b
Updated Malayalam language name. 2020-11-10 21:37:13 +01:00
Claude Paroz 187482d743
Avoided direct styles in admin templates.
Direct styles might be forbidden by Content Security Policies.
2020-11-10 21:32:15 +01:00
Hasan Ramezani 4cd77f97a2 Refs #31672 -- Made technical 500 debug page include exceptions without tracebacks. 2020-11-10 13:21:50 +01:00
Mariusz Felisiak 1fd9b44a6b Refs #32074 -- Fixed handling memoryview content by HttpResponse on Python 3.10+.
An iterator was added to memoryview in Python 3.10,
see https://bugs.python.org/issue41732

Refs #30294
2020-11-10 09:56:15 +01:00
William Schwartz cc22693505 Fixed #32177 -- Made execute_from_command_line() use program name from the argv argument.
This caused crash in environments where sys.argv[0] is incorrectly set
to None.
2020-11-10 08:16:53 +01:00
Hannes Ljungberg 0773837e15 Fixed #32182 -- Fixed crash of JSONField nested key transforms with subquery annotations on PostgreSQL. 2020-11-10 07:09:58 +01:00
Tim Graham dbb4a86fa7 Renamed BaseSpatialOperations.geography to BaseSpatialFeatures.supports_geography. 2020-11-09 08:12:00 +01:00
Tim Graham 69ffaa297c Removed BaseSpatialOperations.geometry.
Unused since 26996e2d55.
2020-11-09 07:57:02 +01:00
Hasan Ramezani 3f7b327562 Fixed #31235 -- Made assertQuerysetEqual() compare querysets directly.
This also replaces assertQuerysetEqual() to
assertSequenceEqual()/assertCountEqual() where appropriate.

Co-authored-by: Peter Inglesby <peter.inglesby@gmail.com>
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2020-11-06 09:24:50 +01:00
Tom Forbes 658bcc16f1 Fixed #25791 -- Implement autoreload behaviour for cached template loader. 2020-11-05 15:30:52 +01:00
Tom Forbes 29845ecf69 Refs #25791 -- Added get_dirs() method to cached template loader. 2020-11-05 15:30:52 +01:00
Jon Dufresne 859cd7c6b4
Fixed #22276 -- Fixed crash when formset management form is invalid.
Co-authored-by: Patryk Zawadzki <patrys@room-303.com>
2020-11-05 10:40:41 +01:00
Artur Beltsov 18c8ced81e Fixed #32169 -- Added distinct support to JSONBAgg. 2020-11-04 21:22:54 +01:00
christa c36075ac1d Fixed #31983 -- Added system check for file system caches location.
Thanks Johannes Maron and Nick Pope for reviews.
2020-11-04 20:30:23 +01:00
Carlton Gibson ebb08d1942
Fixed #32159 -- Ensured AsyncRequestFactory correctly sets headers. 2020-11-04 11:07:15 +01:00
Simon Charette c2d4926702 Fixed #31910 -- Fixed crash of GIS aggregations over subqueries.
Regression was introduced by fff5186 but was due a long standing issue.

AggregateQuery was abusing Query.subquery: bool by stashing its
compiled inner query's SQL for later use in its compiler which made
select_format checks for Query.subquery wrongly assume the provide
query was a subquery.

This patch prevents that from happening by using a dedicated
inner_query attribute which is compiled at a later time by
SQLAggregateCompiler.

Moving the inner query's compilation to SQLAggregateCompiler.compile
had the side effect of addressing a long standing issue with
aggregation subquery pushdown which prevented converters from being
run. This is now fixed as the aggregation_regress adjustments
demonstrate.

Refs #25367.

Thanks Eran Keydar for the report.
2020-11-04 09:54:58 +01:00
Patrick Arminio 542b4b3ab4 Fixed #32162 -- Fixed setting Content-Length header in AsyncRequestFactory. 2020-11-03 10:12:40 +01:00
Claude Paroz b03b19b585
Refs #29113 -- Simplified formset validation.
Thanks Nick Pope for review and complement.
2020-11-03 09:57:10 +01:00
David-Wobrock cfc7cd6513 Fixed #32132 -- Fixed column types in m2m intermediary tables for Positive(Big/Small)IntegerFields. 2020-11-02 20:11:58 +01:00
Vitaliy Yelnik d1791539a7
Simplified DeclarativeFieldsMetaclass.__new__() a bit. 2020-11-02 10:46:56 +01:00
Daniel Hahler ab943f031c Protected Watchman autoreloader against busy loops.
With an error in the loop above (e.g. using query without args), this
would trigger a busy loop. While this was caused due to changes to the
loop itself, it seems to be just good practice to protect against this.
2020-11-02 07:18:39 +01:00
Hasan Ramezani f06beea929 Fixed #32153 -- Fixed management commands when using required list options.
Thanks Mark Gajdosik for the report and initial patch.
2020-10-30 12:01:33 +01:00
Nick Pope 966b5b49b6 Updated MultiValueDict.update() to mirror dict.update() behavior.
Changes in behavior include:

- Accepting iteration over empty sequences, updating nothing.
- Accepting iterable of 2-tuples providing key-value pairs.
- Failing with the same or comparable exceptions for invalid input.

Notably this replaces the previous attempt to catch TypeError which was
unreachable as the call to .items() resulted in AttributeError on
non-dict objects.
2020-10-30 10:44:44 +01:00
Nick Pope 1a8ad8a5c6 Removed unused custom exception support for ImmutableList.
If the warning provided was an instance of Exception, then it would be
used as-is. In practice this is untested, unused and ImmutableList is
an undocumented internal datastructure.
2020-10-30 10:44:44 +01:00
Simon Charette 384ac0990f Refs #32061 -- Prevented password leak on MySQL dbshell crash.
The usage of the --password flag when invoking the mysql CLI has the
potential of exposing the password in plain text if the command happens
to crash due to the inclusion of args provided to
subprocess.run(check=True) in the string representation of the
subprocess.CalledProcessError exception raised on non-zero return code.

Since this has the potential of leaking the password to logging
facilities configured to capture crashes (e.g. sys.excepthook, Sentry)
it's safer to rely on the MYSQL_PWD environment variable instead even
if its usage is discouraged due to potential leak through the ps
command on old flavors of Unix.

Thanks Charlie Denton for reporting the issue to the security team.

Refs #24999.
2020-10-30 10:12:52 +01:00
Simon Charette bbe6fbb876 Refs #32061 -- Unified DatabaseClient.runshell() in db backends. 2020-10-29 22:22:58 +01:00
Christian Klus 4ac2d4fa42 Fixed #32152 -- Fixed grouping by subquery aliases.
Regression in 42c08ee465.

Thanks Simon Charette for the review.
2020-10-29 09:56:09 +01:00
Martin Thoma 302caa40e4 Made small readability improvements. 2020-10-28 20:20:20 +01:00
Hasan Ramezani 4eb756793b
Refs #28215 -- Marked auth credentials as sensitive variables.
Co-authored-by: Collin Anderson <collin@onetencommunications.com>
2020-10-28 14:21:53 +01:00
Gagan Deep 982e860b73 Fixed #32062 -- Added %b support to Date.strftime.
This enables the admin to display the month as locale's abbreviated
name if %b is used in the date format.
2020-10-28 11:11:37 +01:00
Simon Charette 8593e162c9 Fixed #32143 -- Used EXISTS to exclude multi-valued relationships.
As mentioned in the pre-existing split_exclude() docstring EXISTS is
easier to optimize for query planers and circumvents the IN (NULL)
handling issue.
2020-10-28 07:22:00 +01:00
Simon Charette bbf141bcdc Refs #27149 -- Fixed sql.Query identity.
By making Query subclass BaseExpression in
3543129822 the former defined it's
identity based off _construct_args which is not appropriate.
2020-10-28 07:21:53 +01:00
alvinshaita 556fa4bbba Fixed #1891, Fixed #11707 -- Prevented duplicates with limit_choices_to on multi-value relations. 2020-10-27 20:40:04 +01:00
Josh Santos 36bc47069c Fixed #32127 -- Fixed admin change-form textarea layout for mid-sized displays. 2020-10-27 16:06:11 +01:00
Carlton Gibson e17ee44688 Fixed #32128 -- Added asgiref 3.3 compatibility.
Thread sensitive parameter is True by default from asgiref v3.3.0.
Added an explicit thread_sensitive=False to previously implicit uses.
2020-10-27 11:24:07 +01:00
Nguyen You 0b4fe82c74
Improved naming consistency in BaseManage.contribute_to_class().
Matches signatures of other contribute_to_class() methods.
2020-10-27 10:51:03 +01:00