innov
/
django1
1
0
Fork 0
Code Issues Pull Requests 1 Projects Releases Wiki Activity
25,303 Commits 25 Branches 361 Tags 501 MiB
Commit Graph

945 Commits

Author SHA1 Message Date
Gavin Wahl 01ae881bb4 Don't hard-code class names when calling static methods 
normalize_email should be called on the instance, not the class. This
has the same effect normally but is more helpful to subclassers. When
methods are called directly on the class, subclasses can't override
them.
 2013-05-29 16:11:26 -06:00
Ramiro Morales 0fa8d43e74 Replaced `and...or...` constructs with PEP 308 conditional expressions. 2013-05-26 23:47:50 -03:00
Preston Holmes d228c1192e Fixed #19866 -- Added security logger and return 400 for SuspiciousOperation. 
SuspiciousOperations have been differentiated into subclasses, and
are now logged to a 'django.security.*' logger. SuspiciousOperations
that reach django.core.handlers.base.BaseHandler will now return a 400
instead of a 500.

Thanks to tiwoc for the report, and Carl Meyer and Donald Stufft
for review.
 2013-05-25 16:27:34 -07:00
Andrew Godwin 1514f17aa6 Rotate CSRF token on login 2013-05-24 22:15:08 +01:00
Baptiste Mispelon 3cb1e9b93c Fix test failure introduced by 980ae2ab29. 2013-05-19 16:51:36 +02:00
Baptiste Mispelon 980ae2ab29 Fix #20447: URL names given to contrib.auth.views are now resolved. 
This commit also adds tests for the redirect feature of most auth views.
It also cleans up the tests, most notably using @override_settings instead
of ad-hoc setUp/tearDown methods.

Thanks to caumons for the report.

Conflicts:
	docs/releases/1.6.txt
 2013-05-19 14:36:38 +02:00
Peter Inglesby cafcc22b01 Typo in comment 2013-05-19 09:28:36 +02:00
Claude Paroz 710c59bf9b Slightly reworked imports in contrib.auth.__init__ 2013-05-18 16:01:47 +02:00
Jorge Bastida dc43fbc2f2 Fixed #18998 - Prevented session crash when auth backend removed 
Removing a backend configured in AUTHENTICATION_BACKENDS should not
raise an exception for existing sessions, but should make already
logged-in users disconnect.
Thanks Bradley Ayers for the report.
 2013-05-18 15:58:29 +02:00
Jacob Burch 340115200f Fixed #20432 -- Test failure in admin_views. 
The failure was triggered by a cache leak.
 2013-05-18 13:13:33 +02:00
Mark Huang 0732c8e8c6 Fixed #20357 -- Allow empty username field label in `AuthentificationForm`. 2013-05-16 11:41:52 -04:00
Donald Stufft 8f0a4665d6 Recommend using the bcrypt library instead of py-bcrypt 
* py-bcrypt has not been updated in some time
* py-bcrypt does not support Python3
* py3k-bcrypt, a port of py-bcrypt to python3 is not compatible
  with Django
* bcrypt is supported on all versions of Python that Django
  supports
 2013-05-13 23:49:00 -04:00
Donald Stufft 3070e8f711 Properly force bytes or str for bcrypt on Python3 2013-05-11 11:16:06 -04:00
Carl Meyer 9012833af8 Fixed #17365, #17366, #18727 -- Switched to discovery test runner. 
Thanks to Preston Timmons for the bulk of the work on the patch, especially
updating Django's own test suite to comply with the requirements of the new
runner. Thanks also to Jannis Leidel and Mahdi Yusuf for earlier work on the
patch and the discovery runner.

Refs #11077, #17032, and #18670.
 2013-05-10 23:08:45 -04:00
Luke Plant f026a519ae Fixed #19733 - deprecated ModelForms without 'fields' or 'exclude', and added '__all__' shortcut 
This also updates all dependent functionality, including modelform_factory
 and modelformset_factory, and the generic views `ModelFormMixin`,
 `CreateView` and `UpdateView` which gain a new `fields` attribute.
 2013-05-09 16:44:36 +01:00
Claude Paroz 9f7a01ef2b Updated translation templates and removed en translations 
"en" translations have been mistakenly committed in 87cc3da81.
 2013-05-02 16:25:23 +02:00
Preston Holmes a49e7dd2a3 Fixed #20114 -- support custom project login_url in tests 
Thanks to Matias Bordese for the patch
 2013-04-05 09:03:28 -07:00
Preston Timmons fde2e4fd6e Modified auth to work with unittest2 discovery. 2013-04-02 21:59:45 -06:00
Alisson 80b658f5aa Remove unnecessary if conditions 
if obj it None, it's None, there's no need to check it
 2013-03-30 12:22:28 +01:00
Claude Paroz 244e765a94 Updated translation templates 2013-03-28 10:06:11 +01:00
Claude Paroz 0a22f7aad2 Added Burmese language 
Thanks to Yhal Htet Aung for the translation work.
 2013-03-28 10:01:30 +01:00
Claude Paroz ab76467d54 Added Ossetic language 
Thanks to Xwybylty Soslan for the translation work.
 2013-03-28 09:54:16 +01:00
Claude Paroz c5084e7557 Updated translations from Transifex 
Polish, Telugu, Georgian, Azerbaijani, Norwegian Bokmål, Basque,
Dutch, Thai, Spanish (Argentina), Afrikaans.
 2013-03-28 09:24:07 +01:00
Jacob Kaplan-Moss 9e462f8101 Fixed #20078: don't allow filtering on password in the user admin. 2013-03-27 11:24:36 -05:00
Donald Stufft 25f2acfed0 Fixed #20138 -- Added BCryptSHA256PasswordHasher 
BCryptSHA256PasswordHasher pre-hashes the users password using
SHA256 to prevent the 72 byte truncation inherient in the BCrypt
algorithm.
 2013-03-26 13:26:57 -04:00
Claude Paroz 2f121dfe63 Fixed #17051 -- Removed some 'invalid' field error messages 
When the 'invalid' error message is set at field level, it masks
the error message raised by the validator, if any.
 2013-03-14 17:03:43 +01:00
Aymeric Augustin 3710a918b2 Switched the admin to use @transaction.atomic. 2013-03-11 19:58:08 +01:00
Loic Bistuer 6983a1a540 Fixed #15363 -- Renamed and normalized to `get_queryset` the methods that return a QuerySet. 2013-03-08 10:11:45 -05:00
Ramiro Morales 03e40140ff Merge pull request #871 from matiasb/ticket_19945 
Fixed #19945 -- Fixed default User model Meta inheritance.
 2013-03-03 14:30:36 -08:00
Claude Paroz 8e8c9b908a Fixed getting default encoding in get_system_username 
Refs #19933.
 2013-03-02 22:41:08 +01:00
matiasb f39fead1c3 Fixed #19945 -- Fixed default User model Meta inheritance. 
Updated default User model Meta class to extend AbstractUser Meta
where translated verbose_name and verbose_name_plural are
defined.
 2013-03-01 19:32:20 -03:00
Aymeric Augustin 2ee21d9f0d Implemented persistent database connections. 
Thanks Anssi Kääriäinen and Karen Tracey for their inputs.
 2013-02-28 15:28:13 +01:00
Claude Paroz 87cc3da814 Merged contrib translations from 1.5 branch 2013-02-26 21:51:06 +01:00
Aymeric Augustin f1255a3c09 Fixed #18144 -- Restored compatibility with SHA1 hashes with empty salt. 
Thanks dahool for the report and initial version of the patch.
 2013-02-25 20:21:58 +01:00
Florian Apolloner f56ca3f0e6 Fixed the usage of the deprecated assertEquals. 2013-02-24 11:15:17 +01:00
Preston Holmes 22d82a7742 Fixed #15198 -- pass request to AuthenticationForm 
Thanks to Ciantic for the report, claudep and slurms for initial work
 2013-02-23 15:28:49 -08:00
Preston Holmes 9d2c0a0ae6 Removed superfluous cookie check from auth login. 
This is ensured through the CSRF protection of the view
 2013-02-23 15:28:49 -08:00
Horst Gutmann 2f4a4703e1 Fixed #19758 -- Avoided leaking email existence through the password reset form. 2013-02-23 14:31:21 +01:00
Carl Meyer d51fb74360 Added a new required ALLOWED_HOSTS setting for HTTP host header validation. 
This is a security fix; disclosure and advisory coming shortly.
 2013-02-19 11:23:29 -07:00
Claude Paroz 5ec0405a09 Fixed #19839 -- Isolated auth tests from customized TEMPLATE_LOADERS 
Thanks limscoder for the report.
 2013-02-18 09:22:25 +01:00
Claude Paroz a8d1421dd9 Avoided unneeded assertion on Python 3 
Fixes failure introduced in 02e5909f7a.
 2013-02-15 16:09:31 +01:00
Claude Paroz 02e5909f7a Fixed #19807 -- Sanitized getpass input in createsuperuser 
Python 2 getpass on Windows doesn't accept unicode, even when
containing only ascii chars.
Thanks Semmel for the report and tests.
 2013-02-15 15:44:27 +01:00
Russell Keith-Magee f5e4a699ca Fixed #19822 -- Added validation for uniqueness on USERNAME_FIELD on custom User models. 
Thanks to Claude Peroz for the draft patch.
 2013-02-15 09:00:55 +08:00
Claude Paroz f1029b308f Fixed a misnamed variable introduced in commit 142ec8b283 
Refs #8404.
 2013-02-14 08:33:10 +01:00
Claude Paroz 142ec8b283 Fixed #8404 -- Isolated auth password-related tests from custom templates 2013-02-13 23:11:49 +01:00
Hiroki Kiyohara e94f405d94 Fixed #18558 -- Added url property to HttpResponseRedirect* 
Thanks coolRR for the report.
 2013-02-13 10:29:32 +01:00
Preston Holmes 0e18fb04ba Made modwsgi groups_for_user consistent with check_password 
2b5f848207 based its changes on #19061
that made the is_active attribute mandatory for user models.
The try/except was not removed for the groups_for_user function.

refs #19780
 2013-02-09 09:31:04 -08:00
Preston Holmes c44d748272 Fixed #19662 -- alter auth modelbackend to accept custom username fields 
Thanks to Aymeric and Carl for the review.
 2013-02-07 16:07:56 -08:00
Florian Apolloner 2b916895a1 Updated createsuperuser to use unicode_literals. Refs #19757. 2013-02-07 14:33:36 +01:00
Claude Paroz 2390fe3f4f Fixed #19745 -- Forced resolution of verbose names in createsupersuser 
Thanks Baptiste Mispelon for the report and Preston Holmes for the review.
 2013-02-06 10:06:21 +01:00
Simon Charette ec469ade2b Fixed #19689 -- Renamed `Model._meta.module_name` to `model_name`. 2013-02-05 04:16:07 -05:00
Claude Paroz 7c5b244826 Fixed #17061 -- Factored out importing object from a dotted path 
Thanks Carl Meyer for the report.
 2013-02-04 16:38:25 +01:00
Claude Paroz 55c585f1c7 Fixed #19725 -- Made createsuperuser handle non-ascii prompts 
Thanks Michisu for the report.
 2013-02-04 10:09:10 +01:00
Claude Paroz 1f8e7bb075 Added missing parentheses in if clause 2013-02-02 12:13:47 +01:00
Claude Paroz 63d6a50dd8 Fixed #18144 -- Added backwards compatibility with old unsalted MD5 passwords 
Thanks apreobrazhensky at gmail.com for the report.
 2013-02-02 12:02:36 +01:00
Claude Paroz 1686e0d184 Fixed #18460 -- Fixed change detection of ReadOnlyPasswordHashField 
Thanks jose.sanchez et ezeep.com for the report and Vladimir Ulupov
for the initial patch.
 2013-01-25 21:27:49 +01:00
Florian Apolloner cc4de61a2b Fixed #19596 -- Use `_default_manager` instead of `objects` in the auth app. 
This is needed to support custom user models which don't define a manager
named `objects`.
 2013-01-22 12:47:34 +01:00
Nick Sandford cdad0b28d4 Fixed #19573 -- Allow override of username field label in AuthenticationForm 2013-01-10 09:06:04 +01:00
Claude Paroz 34ee7d9875 Updated deprecated test assertions 2013-01-08 19:08:15 +01:00
Anssi Kääriäinen a2396a4c8f Fixed #19173 -- Made EmptyQuerySet a marker class only 
The guarantee that no queries will be made when accessing results is
done by new EmptyWhere class which is used for query.where and having.

Thanks to Simon Charette for reviewing and valuable suggestions.
 2013-01-06 19:18:28 +02:00
Aymeric Augustin 4e5369a596 Silenced warnings in the tests of deprecated features. 2012-12-29 22:32:07 +01:00
Aymeric Augustin ef017a5f00 Advanced pending deprecation warnings. 
Also added stacklevel argument, fixed #18127.
 2012-12-29 21:59:07 +01:00
Julien Phalip 35d1cd0b28 Fixed #19505 -- A more flexible implementation for customizable admin redirect urls. 
Work by Julien Phalip.

Refs #8001, #18310, #19505. See also 0b908b92a2.
 2012-12-24 15:44:19 -03:00
Claude Paroz 0dc3fc954f Fixed #19509 -- Fixed crypt/bcrypt non-ascii password encoding 
Also systematically added non-ascii passwords in hashers test suite.
Thanks Vaal for the report.
 2012-12-22 16:04:10 +01:00
Russell Keith-Magee 9facca28b6 Corrected tests depending on the error message on the AuthenticationForm. 
Refs #19368, and the fix introduced in 27f8129d64.
 2012-12-16 07:18:45 +08:00
Russell Keith-Magee 27f8129d64 Fixed #19368 -- Ensured that login error messages adapt to changes in the User model. 
Thanks to un33k for the report.
 2012-12-15 22:44:47 +08:00
Russell Keith-Magee 47e1df896b Fixed #19412 -- Added PermissionsMixin to the auth.User heirarchy. 
This makes it easier to make a ModelBackend-compliant (with regards to
permissions) User model.

Thanks to cdestigter for the report about the relationship between
ModelBackend and permissions, and to the many users on django-dev that
contributed to the discussion about mixins.
 2012-12-15 22:44:47 +08:00
Florian Apolloner a2f2a39956 Fixed #18856 -- Ensured that redirects can't be poisoned by malicious users. 2012-12-10 22:11:39 +01:00
Claude Paroz c91667338a Fixed #19357 -- Allow non-ASCII chars in filesystem paths 
Thanks kujiu for the report and Aymeric Augustin for the review.
 2012-12-08 11:13:52 +01:00
Ramiro Morales b64d30405a Fixed #18697 -- Made values accepted for two customizable admin templates consistent. 
Thanks and at cloverfastfood dot com for the report.
 2012-12-04 01:13:01 -03:00
Claude Paroz a0cd6dd11e Fixed #19349 -- Fixed re-rendering of ReadOnlyPasswordHashWidget 
Thanks tim.bowden at mapforge.com.au for the report, Andreas Hug
for the patch and Anton Baklanov for the review.
 2012-12-01 12:22:43 +01:00
Preston Holmes 84a5294788 Added missing custom user skip decorator 
PermissionDeniedBackendTest references User model.
 2012-11-30 22:54:42 -08:00
Claude Paroz 0eeae15056 Fixed #19354 -- Do not assume usermodel.pk == usermodel.id 
Thanks markteisman at hotmail.com for the report.
 2012-11-29 21:45:43 +01:00
Claude Paroz a962bc7c45 Updated User manager when testing custom AUTH_USER_MODEL 
This is giving more real test conditions when AUTH_USER_MODEL is
set with override_settings.
 2012-11-24 16:00:00 +01:00
Aymeric Augustin a026e480da Fixed #16039 -- Made post_syncdb handlers multi-db aware. 
Also reverted 8fb7a90026. Refs #17055.
 2012-11-22 20:53:59 +01:00
Aymeric Augustin 9e11253497 Merge pull request #511 from ryankask/username-password-admin 
Allowed custom User models to use the UserAdmin's change password view.

Fix #19056 (again).
 2012-11-22 06:50:37 -08:00
Jannis Leidel 1520748dac Fixed #2550 -- Allow the auth backends to raise the PermissionDenied exception to completely stop the authentication chain. Many thanks to namn, danielr, Dan Julius, Łukasz Rekucki, Aashu Dwivedi and umbrae for working this over the years. 2012-11-17 20:24:54 +01:00
Ryan Kaskel bfdedb687a Allow custom User models to use the UserAdmin's change password view. 2012-11-10 15:48:46 +00:00
Aymeric Augustin fc10418fba Fixed #18963 -- Used a subclass-friendly pattern 
for Python 2 object model compatibility methods.
 2012-11-03 22:07:35 +01:00
Preston Holmes 9741912a9a Fixed #17869 - force logout when REMOTE_USER header disappears 
If the current sessions user was logged in via a remote user backend log out
the user if REMOTE_USER header not available - otherwise leave it to other auth
middleware to install the AnonymousUser.

Thanks to Sylvain Bouchard for the initial patch and ticket maintenance.
 2012-10-29 22:58:14 -07:00
Preston Holmes 2b5f848207 Fixed #19057 (again) -- added additional tests 2012-10-29 22:24:42 -07:00
Russell Keith-Magee 81f5d4a1a7 Added some test guards for some recently added auth tests. 
Refs #19061, #19057.
 2012-10-30 10:28:35 +08:00
Claude Paroz b774c5993c Fixed #19172 -- Isolated poisoned_http_host tests from 500 handlers 
Thanks bernardofontes for the report.
 2012-10-29 17:28:04 +01:00
Preston Holmes 4ea8105120 Fixed #19061 -- added is_active attribute to AbstractBaseUser 2012-10-28 23:04:03 -07:00
Russell Keith-Magee 04b53ebfb7 Fixed #19133 -- Corrected regression in form handling for user passwords. 
Thanks to pressureman for the report, and to Preston Holmes for the draft patch.
 2012-10-20 11:41:54 +08:00
Ramiro Morales 0b908b92a2 Fixed #8001 -- Made redirections after add/edit in admin customizable. 
Also fixes #18310.
 2012-10-18 20:58:52 -03:00
Preston Holmes 9305c0e12d Fixed a security issue related to password resets 
Full disclosure and new release are forthcoming
 2012-10-17 14:36:41 -07:00
Russell Keith-Magee bfcda7781a Fixed #19130 -- Made some of the auth forms more flexible for user models. 2012-10-16 16:03:29 +08:00
Claude Paroz 58365401c9 Updated base translation files 2012-10-15 11:17:06 +02:00
Daniele Procida cc83a4af0c Added 'groups' to UserAdmin.filter_horizontal 
Is there some reason it's not there already?

Our list of groups is very cumbersome to use with the standard widget.
 2012-10-13 14:58:36 +01:00
Russell Keith-Magee b3b3db3d95 Fixed #19067 -- Clarified handling of username in createsuperuser. 
Thanks to clelland for the report, and Preston Holmes for the draft patch.
 2012-10-13 13:36:07 +08:00
Russell Keith-Magee c433fcb3fb Fixed #19077, #19079 -- Made USERNAME_FIELD a required field, and modified UserAdmin to match. 2012-10-13 11:44:50 +08:00
Anssi Kääriäinen b5f224e8e2 Fixed tests introduced for #15915 
The tests didn't clean up properly. The commit that introduced the
errors was 8c427448d5.

Thanks to Trac alias rizumu for spotting this.
 2012-10-12 00:10:49 +03:00
Russell Keith-Magee b9039268a1 Fixed #19060 -- Corrected assumptions about the name of the User model in the ModelBackend. 
Thanks to Ivan Virabyan for the report and initial patch.
 2012-10-06 12:43:29 +08:00
Mateusz Haligowski 8c427448d5 Fixed #15915 -- Cleaned handling of duplicate permission codenames 
Previously, a duplicate model, codename for permission would lead to
database integrity error. Cleaned the implementation so that this case
now raises an CommandError instead.
 2012-10-03 23:10:32 +03:00
Russell Keith-Magee 934f35f1f9 Corrected test docstring. 2012-10-03 09:16:33 +08:00
Preston Holmes 5f8b97f9fb Fixed #19057 -- support custom user models in mod_wsgi auth handler 
thanks @freakboy3742 for the catch and review
 2012-10-02 06:42:05 -07:00
Michael Farrell 7cc4068c44 Fixed #18616 -- added user_login_fail signal to contrib.auth 
Thanks to Brad Pitcher for documentation
 2012-09-30 22:34:50 -07:00
Anssi Kääriäinen d5a4f209c3 Fixed #18991 -- Allowed permission lookup by "if in" 
When looking permissions from PermWrapper it is now possible to use
{% if "someapp.someperm" in perms %} instead of
{% if perms.someapp.someperm %}.
 2012-09-30 19:38:16 +03:00
Claude Paroz 82a74dce24 Used TransactionTestCase in ModWsgiHandlerTestCase 
Now the data created in setUp() is not discarded when the connection
is closed in the handler's methods.
 2012-09-29 12:10:52 +02:00
Russell Keith-Magee 15d355d79d Fixed #19041 -- Corrected the handling of default usernames in createsuperuser. 2012-09-29 11:14:16 +08:00
Preston Holmes 373932fa6b fixed #10809 -- add a mod_wsgi authentication handler 
Thanks to baumer1122 for the suggestion and initial 
patch and David Fischer for the contributions and
long term patch maintenance and docs.
 2012-09-27 12:43:37 -07:00
Preston Holmes 01362745ba Fixed a small oversight in auth tests 
Thanks to Vinicius Ruan Cainelli for the catch
closes #392
 2012-09-27 10:24:34 -07:00
Anssi Kääriäinen 50d573d2c0 Fixed #18979 -- Avoid endless loop caused by "val in PermLookupDict" 
Fixed by defining __iter__ which raises TypeError. This was done to
PermWrapper earlier.
 2012-09-27 15:36:30 +03:00
Adrien Lemaire 2c8267bf3d Fixed #17899 -- Rewrote [Ee]-mail to [Ee]mail 2012-09-26 14:14:51 +02:00
Russell Keith-Magee 70a0de37d1 Fixed #3011 -- Added swappable auth.User models. 
Thanks to the many people that contributed to the development and review of
this patch, including (but not limited to) Jacob Kaplan-Moss, Anssi
Kääriäinen, Ramiro Morales, Preston Holmes, Josh Ourisman, Thomas Sutton,
and Roger Barnes, as well as the many, many people who have contributed to
the design discussion around this ticket over many years.

Squashed commit of the following:

commit d84749a0f0
Merge: 531e771 7c11b1a
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Wed Sep 26 18:37:04 2012 +0800

    Merge remote-tracking branch 'django/master' into t3011

commit 531e7715da
Merge: 29d1abb 1f84b04
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Wed Sep 26 07:09:23 2012 +0800

    Merged recent trunk changes.

commit 29d1abbe35
Merge: 8a527dd 54c81a1
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Mon Sep 24 07:49:46 2012 +0800

    Merge remote-tracking branch 'django/master' into t3011

commit 8a527dda13
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Mon Sep 24 07:48:05 2012 +0800

    Ensure sequences are reset correctly in the presence of swapped models.

commit e2b6e22f29
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sun Sep 23 17:53:05 2012 +0800

    Modifications to the handling and docs for auth forms.

commit 98aba856b5
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sun Sep 23 15:28:57 2012 +0800

    Improved error handling and docs for get_user_model()

commit 0229209c84
Merge: 6494bf9 8599f64
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sun Sep 23 14:50:11 2012 +0800

    Merged recent Django trunk changes.

commit 6494bf91f2
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Mon Sep 17 21:38:44 2012 +0800

    Improved validation of swappable model settings.

commit 5a04cde342
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Mon Sep 17 07:15:14 2012 +0800

    Removed some unused imports.

commit ffd535e413
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sun Sep 16 20:31:28 2012 +0800

    Corrected attribute access on for get_by_natural_key

commit 913e1ac84c
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sun Sep 16 20:12:34 2012 +0800

    Added test for proxy model safeguards on swappable models.

commit 280bf19e94
Merge: dbb3900 935a863
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sun Sep 16 18:16:49 2012 +0800

    Merge remote-tracking branch 'django/master' into t3011

commit dbb3900775
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sun Sep 16 18:09:27 2012 +0800

    Fixes for Python 3 compatibility.

commit dfd72131d8
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sun Sep 16 15:54:30 2012 +0800

    Added protection against proxying swapped models.

commit abcb027190
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sun Sep 16 15:11:10 2012 +0800

    Cleanup and documentation of AbstractUser base class.

commit a9491a8776
Merge: fd8bb4e 08bcb4a
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sun Sep 16 14:46:49 2012 +0800

    Merge commit '08bcb4aec1ed154cefc631b8510ee13e9af0c19d' into t3011

commit fd8bb4e3e4
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sun Sep 16 14:20:14 2012 +0800

    Documentation improvements coming from community review.

commit b550a6d06d
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sun Sep 16 13:52:47 2012 +0800

    Refactored skipIfCustomUser into the contrib.auth tests.

commit 52a02f1110
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sun Sep 16 13:46:10 2012 +0800

    Refactored common 'get' pattern into manager method.

commit b441a6bbc7
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sun Sep 16 13:41:33 2012 +0800

    Added note about backwards incompatible change to admin login messages.

commit 08bcb4aec1
Author: Anssi Kääriäinen <akaariai@gmail.com>
Date:   Sat Sep 15 18:30:33 2012 +0300

    Splitted User to AbstractUser and User

commit d9f5e5addb
Author: Anssi Kääriäinen <akaariai@gmail.com>
Date:   Sat Sep 15 18:30:02 2012 +0300

    Reworked REQUIRED_FIELDS + create_user() interaction

commit 579f152e4a
Merge: 9184972 93e6733
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sat Sep 15 20:18:37 2012 +0800

    Merge remote-tracking branch 'django/master' into t3011

commit 918497218c
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sat Sep 15 20:18:19 2012 +0800

    Deprecate AUTH_PROFILE_MODULE and get_profile().

commit 334cdfc1bb
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sat Sep 15 20:00:12 2012 +0800

    Added release notes for new swappable User feature.

commit 5d7bb22e8d
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sat Sep 15 19:59:49 2012 +0800

    Ensure swapped models can't be queried.

commit 57ac6e3d32
Merge: f2ec915 abfba3b
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sat Sep 15 14:31:54 2012 +0800

    Merge remote-tracking branch 'django/master' into t3011

commit f2ec915b20
Merge: 1952656 5e99a3d
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sun Sep 9 08:29:51 2012 +0800

    Merge remote-tracking branch 'django/master' into t3011

commit 19526563b5
Merge: 2c5e833 c4aa26a
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sun Sep 9 08:22:26 2012 +0800

    Merge recent changes from master.

commit 2c5e833a30
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sun Sep 9 07:53:46 2012 +0800

    Corrected admin_views tests following removal of the email fallback on admin logins.

commit 20d1892491
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sun Sep 9 01:00:37 2012 +0800

    Added conditional skips for all tests dependent on the default User model

commit 40ea8b8882
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sat Sep 8 23:47:02 2012 +0800

    Added documentation for REQUIRED_FIELDS in custom auth.

commit e6aaf65970
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sat Sep 8 23:20:02 2012 +0800

    Added first draft of custom User docs.

    Thanks to Greg Turner for the initial text.

commit 75118bd242
Author: Thomas Sutton <me@thomas-sutton.id.au>
Date:   Mon Aug 20 11:17:26 2012 +0800

    Admin app should not allow username discovery

    The admin app login form should not allow users to discover the username
    associated with an email address.

commit d088b3af58
Author: Thomas Sutton <me@thomas-sutton.id.au>
Date:   Mon Aug 20 10:32:13 2012 +0800

    Admin app login form should use swapped user model

commit 7e82e83d67
Merge: e29c010 39aa890
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Fri Sep 7 23:45:03 2012 +0800

    Merged master changes.

commit e29c010beb
Merge: 8e3fd70 30bdf22
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Mon Aug 20 13:12:57 2012 +0800

    Merge remote-tracking branch 'django/master' into t3011

commit 8e3fd703d0
Merge: 507bb50 26e0ba0
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Mon Aug 20 13:09:09 2012 +0800

    Merged recent changes from trunk.

commit 507bb50a92
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Mon Jun 4 20:41:37 2012 +0800

    Modified auth app so that login with alternate auth app is possible.

commit dabe362836
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Mon Jun 4 20:10:51 2012 +0800

    Modified auth management commands to handle custom user definitions.

commit 7cc0baf89d
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Mon Jun 4 14:17:28 2012 +0800

    Added model Meta option for swappable models, and made auth.User a swappable model
 2012-09-26 18:48:09 +08:00
Dan Loewenherz 69ff1b7390 Fixed #16835 -- add groups to auth.user admin list_filter 2012-09-22 00:16:22 -07:00
Florian Apolloner 06f79354d0 Added tests for d21f3d9b17. 2012-09-17 21:56:19 +02:00
Florian Apolloner d21f3d9b17 Only update `last_login` instead of the whole user object in `update_last_login`. 2012-09-17 19:52:22 +02:00
Claude Paroz c7f44ae085 Fixed #17948 -- Isolated auth tests from custom template loaders 
Thanks andrey@kostenko.name for the report.
 2012-09-15 21:39:08 +02:00
Claude Paroz 1aa218b857 Fixed test output check when password is blank 2012-09-12 11:58:02 +02:00
Claude Paroz 703c266682 Fixed #18182 -- Made is_usable_password check if hashing algorithm is correct 
The display of the ReadOnlyPasswordHashWidget has also been improved to
distinguish empty/unusable password from erroneous password.
Fixed #18453 also.
Thanks danielr and Leo for the reports and Moritz Sichert for the
initial patch.
 2012-09-12 11:32:50 +02:00
Carl Meyer 75ef980e20 Fix Python 3 test failure introduced in a78dd109. 2012-09-09 11:37:21 -06:00
Carl Meyer a78dd109e6 Fixed #15552 -- LOGIN_URL and LOGIN_REDIRECT_URL can take URLpattern names. 
Thanks UloPe and Eric Florenzano for the patch, and Malcolm Tredinnick for
review.
 2012-09-08 16:58:35 -06:00
Alex Gaynor 292322f977 [py3k] Silence many warnings while running the tests. 2012-09-07 13:17:34 -04:00
Adrian Holovaty 4193a0f3d5 Negligible spacing fix in auth/forms.py 2012-09-04 16:47:45 -04:00
Claude Paroz ebc773ada3 Replaced many smart_bytes by force_bytes 
In all those occurrences, we didn't care about preserving the
lazy status of the strings, but we really wanted to obtain a
real bytestring.
 2012-08-29 11:20:32 +02:00
Aymeric Augustin 54899d810d [py3] Fixed #18805 -- ported createsuperuser. 
Thanks sunsesh at gmail.com for the report.
 2012-08-20 22:25:41 +02:00
Aymeric Augustin de3ad8bb2d [py3] Avoided passing a lazy string to urlparse. 
This causes an exception under Python 3.

Fixed #18776.
 2012-08-18 16:38:49 +02:00
Ramiro Morales 4c934f3921 Made createsuperuser more robust when getting current OS username. 
Under some versions of OS X, failure in getting the default system
locale during the syncdb operation of the auth app were causing hard to
diagnose problems afterwards.

No solution based on getpreferredencoding() was chosen because it has
its own problems with certain combinations of Python and OS X versions
(e.g. http://bugs.python.org/issue6202).

Thanks prestonsimmons for the report and prestonsimmons and willhardy
for the initial patch.

Fixes #16017.
 2012-08-17 23:15:20 -03:00
Claude Paroz 34ac145796 [py3] Fixed contrib.auth tests 2012-08-14 23:35:12 +02:00
Aymeric Augustin d4a0b27838 [py3] Refactored __unicode__ to __str__. 
* Renamed the __unicode__ methods
* Applied the python_2_unicode_compatible decorator
* Removed the StrAndUnicode mix-in that is superseded by
  python_2_unicode_compatible
* Kept the __unicode__ methods in classes that specifically
  test it under Python 2
 2012-08-12 14:44:40 +02:00
Aymeric Augustin 2bb2eecb63 [py3] Removed redundant __str__ methods. 
These classes already have an identical __unicode__ method, which
will be used after an upcoming refactoring.
 2012-08-12 14:44:40 +02:00
Andrews Medina 87e0a75c03 [py3] Decoded base64-encoded hash in contrib.auth.hashers 2012-08-11 00:20:59 +02:00
Alex Gaynor 5f8da527ab [py3k] use the base64 module, instead of bytes.encode('base64') 2012-08-09 07:26:11 -07:00
Claude Paroz b8e49d70f2 [py3] Replaced raw_input by input 
The six addition has been borrowed from:
https://bitbucket.org/gutworth/six/changeset/733ef740
 2012-08-08 19:53:11 +02:00
Alex Gaynor 4c97101b1f remove a bunch of unnescesarry iterkeys() calls 2012-08-08 07:33:15 -07:00
Claude Paroz 576ec12f8e [py3] Replaced __nonzero__ by __bool__ 
Of course, __nonzero__ alias has been kept for Python 2 compatibility.
 2012-08-08 15:02:31 +02:00
Aymeric Augustin c5ef65bcf3 [py3] Ported django.utils.encoding. 
* Renamed smart_unicode to smart_text (but kept the old name under
  Python 2 for backwards compatibility).
* Renamed smart_str to smart_bytes.
* Re-introduced smart_str as an alias for smart_text under Python 3
  and smart_bytes under Python 2 (which is backwards compatible).
  Thus smart_str always returns a str objects.
* Used the new smart_str in a few places where both Python 2 and 3
  want a str.
 2012-08-07 12:00:22 +02:00
Aymeric Augustin ee191715ea [py3] Fixed access to dict keys/values/items. 2012-08-07 12:00:22 +02:00
Claude Paroz 09a719a4e6 Fixed #7833 -- Improved UserCreationForm password validation 
Make UserCreationForm password validation similar to
SetPasswordForm and AdminPasswordChangeForm, so as the match
check is only done when both passwords are supplied.
Thanks Mitar for the suggestion.
 2012-08-04 14:55:13 +02:00
Alex Gaynor ace9ccfe9f Fixed #18666 -- when upgrading a user's password to a new algorithm only save the password field to the databaes. 2012-07-24 19:03:26 -07:00
Aymeric Augustin ca07fda2ef [py3] Switched to Python 3-compatible imports. 
xrange/range will be dealt with in a separate commit due to the huge
number of changes.
 2012-07-22 09:29:56 +02:00
Aymeric Augustin 0d914d08a0 [py3] Updated urllib/urllib2/urlparse imports. 
Lots of functions were moved. Use explicit imports in all cases
to keey it easy to identify where the functions come from.
 2012-07-22 09:29:55 +02:00
Aymeric Augustin bdca5ea345 [py3] Replaced unicode/str by six.text_type/bytes. 2012-07-22 09:29:54 +02:00
Alex Gaynor 3e8d8bb094 Fixed auth to not use an internal implementation detail of SortedDict 2012-07-14 14:33:13 -07:00
Florian Apolloner 52a9e15794 Fixed a regression in the user admin page introduced in a92e7f37c4. 
a92e7f37c4 switched most of the internal stuff
to format_html. Using format_html in the `render` method of
`ReadOnlyPasswordHashWidget` caused it to generate `SafeString` instances.
Later these safe strings where returned from `BoundField.__unicode__` which
caused force_unicode to loose the "safe" information. This commit fixes that by
ensuring that the render method returns `SafeUnicode` instead of `SafeString`.
 2012-07-07 15:29:20 +02:00
Luke Plant b0eee0ba4b Removed various unnecessary instances of mark_safe applied to URLs 
Also fixed some test breakages introduced in last commit
 2012-07-03 22:20:12 +01:00
Luke Plant a92e7f37c4 Changed a lot of internal code to use 'format_html' where appropriate/possible 2012-07-03 22:20:12 +01:00
Claude Paroz 5318783027 Fixed #17966 -- Isolated ProfileTestCase from custom AUTH_PROFILE_MODULE 
Thanks Rob Golding for helping on the patch.
 2012-06-25 20:26:17 +02:00
Claude Paroz 4a103086d5 Fixed #18269 -- Applied unicode_literals for Python 3 compatibility. 
Thanks Vinay Sajip for the support of his django3 branch and
Jannis Leidel for the review.
 2012-06-07 18:08:47 +02:00
Claude Paroz 70a0351fef Fixed #18184 -- Moved algorithm identification code to hashers module 
Thanks Eli Collins for the report and the patch.
 2012-06-06 11:06:33 +02:00
Claude Paroz eb286aa22f Delayed encoding of password and salt in password checking. 
Applied the rule that string encoding should happen as late as
possible. This is also a preparation for Python 3 compatibility.
 2012-06-06 10:53:16 +02:00
Claude Paroz f2b6763ad7 Fixed #18387 -- Do not call sys.exit during call_command. 
Moved sys.exit(1) so as failing management commands reach it
only when running from command line.
 2012-05-27 20:38:47 +02:00
Claude Paroz 822d6d6dab Fixed #18325 -- Wrapped self.stdout/stderr in OutputWrapper class 2012-05-19 13:51:54 +02:00
Aymeric Augustin b1155adcde Fixed #18093 -- Added a pk to AnonymousUser. 2012-05-10 21:42:13 +02:00
Claude Paroz b52672d778 Replaced deprecated TestCase methods. Refs #17049. 2012-05-03 16:39:16 +02:00
Anssi Kääriäinen 8fad77da95 Ensured tests pass using custom PASSWORD_HASHERS. 2012-04-30 22:10:27 +03:00
Anssi Kääriäinen 2a09404792 Reset password hashers cache on settings_changed. 2012-04-30 22:10:27 +03:00
Claude Paroz 596cb9c7e2 Replaced print statement by print function (forward compatibility syntax). 2012-04-30 20:45:03 +02:00
Claude Paroz 3904b74a3f Fixed #18013 -- Use the new 'as' syntax for exceptions. 
Thanks Clueless for the initial patch.
Note that unittest has been purposely left out (external package only used by Python 2.6).
 2012-04-29 20:57:15 +02:00
Claude Paroz be12c9e908 Fixed #18038 -- Removed the 'supports_inactive_user' backwards-compatibility flag. Thanks Aymeric Augustin for the initial patch and Ramiro Morales for the review. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17938 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2012-04-26 17:15:40 +00:00
Claude Paroz eb351ac9cb Fixed #18037 -- Changed behaviour of url and ssi template tags to the new syntax, as per official deprecation timeline. Thanks Ramiro Morales and Jannis Leidel for the review. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17934 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2012-04-24 19:55:52 +00:00
Claude Paroz 0e01023897 Converted more test assertions to assert[Not]Contains. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17910 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2012-04-14 13:35:25 +00:00
Claude Paroz 883c38c499 Fixed #17848 -- Added setting_changed signal for cases when TEMPLATE_CONTEXT_PROCESSORS is overriden in tests. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17885 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2012-04-09 13:24:57 +00:00
Aymeric Augustin 98e9d1c6ab Used the override_settings decorator in the tests of auth, flatpages, and formtools. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17851 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2012-03-31 16:03:09 +00:00
Claude Paroz d2e273e295 Fixed #18029 -- Removed leftover mod_python files forgotten in r17835. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17849 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2012-03-31 14:50:54 +00:00
Aymeric Augustin eb163f37cb Use the class decorator syntax available in Python >= 2.6. Refs #17965. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17829 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2012-03-30 09:08:29 +00:00
Claude Paroz 9383a2761c Removed with_statement imports, useless in Python >= 2.6. Refs #17965. Thanks jonash for the patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17828 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2012-03-30 08:02:08 +00:00
Claude Paroz 0fe9f3ce27 Make auth test pass even when LANGUAGE_CODE is not 'en'. Refs #17980. Thanks wassup for the report. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17811 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2012-03-26 20:22:02 +00:00
Jannis Leidel ab0617b69b Pulled auth translations updates from Transifex. Refs #17822. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17783 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2012-03-23 02:48:24 +00:00
Jannis Leidel ae1b7e9699 Reverted the introduction of a translation string in r17775 as it happened after string freeze. Refs #17944. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17779 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2012-03-23 02:31:29 +00:00
Aymeric Augustin e78d6b406b Reverted parts of r16963 to fix a regression on the creation of permissions on proxy models. Refs #17904. Thanks koenb for the report and claudep for the patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17776 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2012-03-22 08:49:48 +00:00
Aymeric Augustin a8d0fc1001 Fixed #17944 -- Prevented an error in the user change page of the admin when the content of the password field doesn't match the expected format. Thanks saxix for the report and initial patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17775 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2012-03-22 08:10:19 +00:00
Aymeric Augustin 86f9ab20b0 Fixed a typo in my previous commit. Apologies. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17771 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2012-03-20 21:04:57 +00:00
Aymeric Augustin ed27ae071f Fixed #17940 -- Enforced USE_TZ = False in contrib apps tests that use fixtures containing datetimes. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17770 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2012-03-20 20:51:16 +00:00
James Bennett a673ec80e2 Fixed #17898: Ensure create_superuser honors the 'db' argument from post_sync_db. Thanks to charettes for the patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17738 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2012-03-14 22:23:35 +00:00
Claude Paroz 1235cd376e Reset template context processors cache after tests. Refs #17848. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17736 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2012-03-14 20:46:52 +00:00
Jannis Leidel 9d1d1f06db Added Tatar translation. Refs #17822. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17732 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2012-03-14 09:15:31 +00:00
Jannis Leidel e540f27475 Added Swahili translation. Refs #17822. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17731 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2012-03-14 09:14:48 +00:00
Jannis Leidel 830900c24a Added Nepali translation. Refs #17822. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17730 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2012-03-14 09:14:07 +00:00
Jannis Leidel 661139a29e Added Kazakh translation. Refs #17822. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17729 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2012-03-14 09:13:24 +00:00
Jannis Leidel e47b92dad7 Added Esperanto to the list of languages. Refs #17822. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17728 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2012-03-14 09:12:43 +00:00
Jannis Leidel 67dd5b7d96 Pulled the auth translations updates from Transifex. Refs #17822. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17716 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2012-03-14 08:56:23 +00:00
Claude Paroz 3dc946e49e Fixed #17236 -- Clarified that anonymous session data are retained after login. Thanks krzysiumed for the patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17704 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2012-03-13 19:23:52 +00:00
Adrian Holovaty dd246a62c7 Edited some docs and docstrings until [17685] 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17686 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2012-03-12 20:05:48 +00:00
Paul McMillan bf1112de7d Fixed #17777. Unsalted MD5 display widget correction. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17681 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2012-03-12 10:43:59 +00:00
Ramiro Morales 4cd9b4bb50 Fixed #17327 (again) -- Moved createsuperuser tests added in r17665. 
In their new location they won't cause multi-db-related errors when
users run contrib.auh tests together with their application tests.

Thanks brianriley for the patch.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@17676 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2012-03-10 17:36:41 +00:00
Chris Beaven 8c9b032ea0 Fixes #17327 -- Add --database option to createsuperuser and change password management commands 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17665 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2012-03-05 04:17:55 +00:00
Jannis Leidel 6ad7cf1841 Updated auth base translation files with new strings. Refs #17822. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17657 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2012-03-05 02:23:40 +00:00
Jannis Leidel fcaf8eae14 Fixed #17046 -- Added a check if the username passed to User.objects.create_user is empty or not. Thanks, kwadrat. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17628 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2012-03-02 16:56:20 +00:00
Paul McMillan 413e37481d Fixes #17777 and makes tests run again. 
Adds a salted MD5 hasher for backwards compatibility.
Thanks gunnar@g10f.de for the report.

Also fixes a bug preventing the hasher tests from being run during
contrib tests.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@17604 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2012-02-29 20:12:16 +00:00
Aymeric Augustin abf2d4295f Fixed #16366 -- Prevented some failures of the django.contrib.auth tests when run within a project. Thanks to everyone who contributed to the patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17598 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2012-02-27 22:54:35 +00:00
Paul McMillan 06da2be00f Fix broken test introduced by r17526. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17527 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2012-02-16 01:37:12 +00:00
Jannis Leidel 875a5ea8d4 Fixed #17504 -- Fixed normalization of email addresses that have '@' in the name when calling `User.objects.create_user`. Thanks, marw85. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17482 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2012-02-09 18:58:53 +00:00
Jannis Leidel bc8875e37c Fixed #16958 -- Correctly use the queryset method in the auth app's UserAdmin class. Thanks, mpaolini. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17474 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2012-02-09 18:57:40 +00:00
Jannis Leidel b46d90c63a Fixed #7758 and #17189 -- Allowed to override the `form_url` context var in the admin change view and the user admin's password change view. Thanks, michal and krzysztof.szczesny. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17466 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2012-02-09 18:56:32 +00:00
Jannis Leidel 954e3b4ad3 Fixed #13914 -- Added natural keys to User and Group models in auth contrib app. Thanks, jbochi and closedbracket. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17429 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2012-02-04 12:48:01 +00:00
Julien Phalip 991d3d6c12 Slightly improved the help text for the "Password" field in the `auth.User` admin form, and PEP8-cleaned up the area while I was there. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17326 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2012-01-02 14:51:25 +00:00
Julien Phalip cb99b598c1 Fixed #11410 -- Moved the "Groups" field to the "Permissions" module in the `auth.User` admin form and modified the help texts for the `user_permissions` and `groups` model fields to reflect that change. Also did a little PEP8 cleanup and improved some docstrings while I was in the area. Thanks to benspaulding and Aymeric Augustin for the suggestions. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17325 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2012-01-02 14:21:50 +00:00
Aymeric Augustin d72c0bdc46 Fixed #17457 -- Marked strings used in hash descriptions for translation. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17270 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-12-24 19:38:37 +00:00
Jannis Leidel 64066a59d9 Fixed #17450 -- Added missing import to auth models module forgotten in r17253. Thanks, aalbrecht. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17260 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-12-23 11:22:13 +00:00
Paul McMillan 90e05aaeac Renovated password hashing, including the forgotten files in r17253. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17254 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-12-23 03:53:56 +00:00
Paul McMillan dce820ff70 Renovated password hashing. Many thanks to Justine Tunney for help with the initial patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17253 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-12-23 03:46:06 +00:00
Jannis Leidel 4c376852fe Updated English base translation files in preparation of the alpha release so Transifex can pick them up. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17250 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-12-22 23:02:28 +00:00
Aymeric Augustin c7534584e8 Explained why UserCreationForm performs custom validation of usernames. Refs #13147. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17225 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-12-17 15:30:55 +00:00
Jannis Leidel 5df31c0164 Fixed #17194 -- Made sure the auth form tests work if a language other than English is activated by moving the error message translation strings into class level dictionaries. Many thanks to Claude Paroz, rabio and Bas Peschier for their initial work on this. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17204 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-12-15 16:12:46 +00:00
Adrian Holovaty 718a5ba1a1 Fixed #16845 -- Admin 'Change user' page no longer shows the password hash. Thanks, dstufft 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17185 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-12-09 22:10:03 +00:00
Aymeric Augustin 658abb0859 Removed redundant definition of urls in the auth tests. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17142 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-11-22 07:44:26 +00:00
Aymeric Augustin 03cfad4198 Upgraded django.contrib.auth to be compatible with time zone support. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17122 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-11-20 10:50:18 +00:00
Karen Tracey f4f61baa8c Fix #16813: Restore checking whether a backend supports inctive users before sending inactive users in for permission checking. Thanks apollo13 for the report and poirier for the patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17084 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-11-12 17:23:07 +00:00
Julien Phalip 51b8f0a240 Removed a small useless piece of code from `contrib.auth`. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17016 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-10-20 04:23:34 +00:00
Paul McMillan 67565a5379 Remove comments referencing encryption. Django doesn't do encryption. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17012 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-10-18 20:28:52 +00:00
Aymeric Augustin d75337fc7b Fixed a test that was broken at r16978. Refs #17055. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16993 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-10-16 09:46:01 +00:00
Alex Gaynor 6c91521902 Remove the usage of deprecated function in Django. Also simplify the fallback code. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16985 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-10-14 00:20:50 +00:00
Aymeric Augustin 06d9b82a27 Fixed #16906 -- Format datetimes with str/unicode instead of strftime where possible: it's faster and it works for all dates. 
Also ensured that datetime_safe is used wherever strftime is called on dates/datetimes that may be before 1900.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@16978 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-10-13 19:23:45 +00:00
Alex Gaynor f04af7080b Introduce `ContentType.objects.get_for_models(*models)` and use it in the the auth permissions code. This is a solid performance gain on the test suite. Thanks to ptone for the profiling to find this hotspot, and carl for the review. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16963 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-10-12 20:51:59 +00:00
Ramiro Morales 4c457bca85 Fixed #16789 -- Added names to URLs in convenience contrib.auth urls.py. 
Thanks wim AT go2people DOT nl for the report, cmheisel for the patch and
fcurella for reviewing it.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@16901 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-09-24 19:48:27 +00:00
Ramiro Morales 26b8122087 Fixed #14675 -- Completed removal of `from django.conf.urls.default import *` usage. 
This applies to both our own [test] code and documentation examples. Also:
 * Moved the functions and handlers from `django.conf.urls.defaults` up to
   `django.conf.urls` deprecating the former module.
 * Added documentation for `handler403`.
 * Tweaked the URLs topic document a bit.

Thanks to pupeno and cdestigter for their great work contributing patches.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@16818 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-09-11 22:36:16 +00:00
Alex Gaynor e130dc3275 Removed the deprecated-since-1.2 "supports_object_permissions" and "supports_anonymous_user" flags on authentication backends. If you have an authenication backend it now *must* suport these. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16789 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-09-10 21:00:32 +00:00
Alex Gaynor 7deb25b8dd Fixed #7596. Added Model.objects.bulk_create, and make use of it in several places. This provides a performance benefit when inserting multiple objects. THanks to Russ for the review, and Simon Meers for the MySQl implementation. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16739 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-09-09 19:22:28 +00:00
Julien Phalip 09fc775f42 Fixed #16412 -- Prevented a `contrib.auth` test from failing in the potential case where `contrib.sites` was not installed. Thanks to haras for the report and to Aymeric Augustin for the patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16717 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-09-03 12:53:08 +00:00
Chris Beaven 0e3d8bcb26 Removing the old url resolution method in contrib.auth.admin.UserAdmin which was deprecated in Django 1.1 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16621 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-08-17 04:06:42 +00:00
Jannis Leidel 283526a5a6 Fixed #15206 -- Added select_related call to the permissions field of the GroupAdmin to lower the number of queries. Thanks, Chris Adams. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16620 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-08-15 09:01:12 +00:00
Jannis Leidel 351d5da69b Fixed #4617 -- Added `raise_exception` option to `permission_required` decorator to be able to raise a PermissionDenied exception instead of redirecting to the login page. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16607 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-08-12 14:15:41 +00:00
Jannis Leidel 56775c23ee Added yet another import from the future. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16577 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-07-31 17:01:57 +00:00
Ramiro Morales ff9a666753 Removed deprecated admin contrib app AdminSite root_path attribute. Refs #15294, r11250, r16136. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16575 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-07-30 19:09:23 +00:00
Jannis Leidel 6b80640fd7 Fixed #16413 -- Stopped an auth test from failing if LOGIN_URL is set to a non-default value. Thanks, Aymeric Augustin. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16552 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-07-26 08:27:23 +00:00
Jannis Leidel 24f4764a48 Fixed #16225 -- Removed unused imports. Many thanks to Aymeric Augustin for the work on the patch and Alex for reviewing. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16539 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-07-13 09:35:51 +00:00
Jannis Leidel 230dab85c5 Removed stale import from auth tests. Thanks, Ramiro. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16483 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-06-28 14:04:36 +00:00
Jannis Leidel f4aa39837a Reverted parts of r14891 and r16400 due to inherent brokenness of tests. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16482 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-06-28 13:42:46 +00:00
Jannis Leidel 0278947128 Fixed #16363 -- Fixed tests introduced in r16472. Thanks, EnTeQuAk. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16478 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-06-28 10:17:36 +00:00
Chris Beaven f54135fa4d Make the email parameter of User.objects.create_user optional. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16472 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-06-28 04:29:48 +00:00
Jannis Leidel 4a10338986 Fixed #14390 and #16262 -- Moved password related functions from auth models to utils module and stopped check_password from throwing an exception. Thanks, subsume and lrekucki. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16456 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-06-26 16:51:46 +00:00
Jannis Leidel 2619dc8285 Fixed #14674 -- Prevent user accounts with an unusable password from resetting passwords. Thanks, summerisgone, thejaswi_puthraya and lrekucki. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16455 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-06-26 16:51:34 +00:00
Jannis Leidel 821d8aaaaa Fixed #15266 -- Applied login_required decorator to password_change_done view. Thanks, lasko. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16454 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-06-26 16:51:25 +00:00
Jannis Leidel 650739ef17 Fixed #13969 -- Extended length of salt used when setting the password. Thanks to cyounkins for the initial patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16453 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-06-26 16:51:12 +00:00
Jannis Leidel 656360c240 Fixed #12202 -- Removed hardcoded password reset subject and added a subject_template_name parameter to the password_reset view. Thanks, Ramiro Morales, Claude Paroz and agabel. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16438 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-06-19 11:24:39 +00:00
Jannis Leidel 3f37d1673b Fixed #16183 -- Fixed an ignored auth test. Thanks, desh. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16400 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-06-14 10:45:49 +00:00
Luke Plant 45e55b9143 Fixed #14614 - filtering of sensitive information in 500 error reports. 
This adds a flexible mechanism for filtering what request/traceback
information is shown in 500 error emails and logs. It also applies
screening to some views known to be sensitive e.g. views that handle
passwords.

Thanks to oaylanc for the report and many thanks to Julien Phalip for the
patch and the rest of the work on this.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@16339 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-06-08 22:18:46 +00:00
Luke Plant d14eb13992 Removed an unnecessary import 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16332 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-06-06 12:11:48 +00:00
Alex Gaynor 1cfb00dc41 Cleaned up how ``request.user`` is set, this is a follow up to [16297]. Thanks for the review Luke. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16305 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-05-31 15:43:19 +00:00
Luke Plant 4531767700 Fixed auth context processor tests, which were not running at all previously. 
It seems they were accidentally disabled following being moved from
regressiontests in [15990]

git-svn-id: http://code.djangoproject.com/svn/django/trunk@16304 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-05-31 15:19:19 +00:00
Luke Plant dc4c2f3add Fixed #15929 - test.client.RequestFactory keeps state/AuthMiddleware does monkey patching 
Thanks to m.vantellingen for the report and tests, and to aaugustin for
work on the tests.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@16297 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-05-30 16:33:23 +00:00
Chris Beaven 161b94ef7b Fixes #15778 -- createsuperuser fails on international characters in system user names. Thanks for the patch, Hynek Cernoch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16182 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-05-09 01:10:40 +00:00
Chris Beaven 367e51e6a1 Tiny grammar fix in createsuperuser command. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16154 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-05-04 22:56:20 +00:00
Jannis Leidel c8092b840b Fixed #15008 -- Replaced all calls in the admin to render_to_response with TemplateResponses for easier customization. Thanks to Chris Adams for the initial patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16087 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-04-22 18:17:16 +00:00
Luke Plant 8d4b414760 Fixed #15757 - removed remaining instances of get_and_delete_messages 
Thanks to void for the report, and julien for the bulk of the patch.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@16022 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-04-07 22:01:23 +00:00
Russell Keith-Magee 4c468800ee Updates to the test suite to allow for newly deprecated and removed features 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15990 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-04-02 08:44:47 +00:00
Russell Keith-Magee d60ae0b721 Removed deprecated 'no' translation 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15988 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-04-02 08:43:43 +00:00
Russell Keith-Magee 5d5149cd18 Advanced deprecation of user-based messages and the LegacyFallbackStorage in contrib.messages. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15975 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-04-02 08:36:04 +00:00
Russell Keith-Magee 48edaf17a3 Advanced deprecations in contrib.auth. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15970 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-04-02 08:33:01 +00:00
Adrian Holovaty 94af19c43f Changed e-mail to email throughout documentation and codebase. The one exception is translation strings, which I didn't want to disrupt 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15967 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-04-01 16:10:22 +00:00
Luke Plant 25aaa359a2 Removed Django 1.2 compatibility fallback for password reset hash 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15950 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-03-30 17:34:38 +00:00
Adrian Holovaty a87be3554f Removed a bunch of Python 2.4 workarounds now that we don't support it. Refs #15702 -- thanks to jonash for the patch. Splitting this over muliple commits to make it more manageable. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15926 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-03-28 01:40:43 +00:00
Jannis Leidel ada8e2a6fa Pulled translation updates from Transifex again. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15886 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-03-20 22:16:14 +00:00
Ramiro Morales 5347bbd514 Fixed plural forms formula for the Croatian (hr) localization by manually overriding the header of affected .po files and re-generating .mo files, this seems to be a quirck in Transifex export to PO functionality. Thanks bmihelac fot the report. Refs #15634. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15875 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-03-17 22:56:10 +00:00
Russell Keith-Magee a0878b5f95 Fixed #15627 -- Use constant time comparison for password checks. Thanks to hvdklauw for the report and patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15870 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-03-17 11:51:07 +00:00
Russell Keith-Magee b49ee91eb3 Fixed #15142 -- Force test views to be non-cached so that projects with caching middleware enabled don't cause test failures. Thanks to jsdalton for the report and patch 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15865 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-03-17 08:07:40 +00:00
Jannis Leidel ffe88a7a6c Pulled auth translation updates from Transifex. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15826 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-03-15 20:06:58 +00:00
Carl Meyer 7d71a9e45f Fixed #9213 - Added check to prevent inactive users from resetting their password. Thanks to John Scott for report and draft patch, and Evgeny Fadeev for final patch with test. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15805 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-03-14 21:14:10 +00:00
Jannis Leidel 90564a156c Fixed Hungarian, Russian, Serbian and Ukranian plural forms introduced in r15680. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15752 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-03-04 01:07:11 +00:00
Jannis Leidel c11140d04b Fixed plural forms of Irish translation introduced in r15680. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15751 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-03-04 01:05:10 +00:00
Jannis Leidel 53b2a25396 Fixed plural forms of Welsh translation introduced in r15680. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15750 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-03-04 01:04:31 +00:00
Jannis Leidel bef353873e Fixed plural forms of Bosnian translation introduced in r15680. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15749 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-03-04 01:03:14 +00:00
Russell Keith-Magee afd040d4d3 Updated test assertions that have been deprecated by the move to unittest2. In summary, this means: 
assert_ -> assertTrue
 assertEquals -> assertEqual
 failUnless -> assertTrue

For full details, see http://www.voidspace.org.uk/python/articles/unittest2.shtml#deprecations

git-svn-id: http://code.djangoproject.com/svn/django/trunk@15728 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-03-03 15:04:39 +00:00
Russell Keith-Magee 22347c89d8 Fixed #15532 -- Clarified the error message for unknown auth backends. Thanks to kmike for the report. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15713 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-03-03 00:25:02 +00:00
Jannis Leidel 751888ece3 Fixed #11223 -- Fixed logout view to use the 'next' GET parameter correctly as described in the docs, while only allowing redirection to the same host. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15706 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-03-02 12:47:44 +00:00
Jannis Leidel ec193224d3 Fixed #12534 -- Loosened the the security check for "next" redirects after logins slightly to allow paths that contain spaces. Thanks for the patch, jnns and aaugustin. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15702 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-03-01 22:49:18 +00:00
Jannis Leidel f3ed462822 Updated auth translations from transifex.net. Refs #15300. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15684 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-03-01 08:56:02 +00:00
Ramiro Morales 4b13e76deb Fixed #14012 (again) -- Admin app: Don't show the full user edition view after adding a user in a FK popup. Thanks dburke for reporting this regression introduced in r14628. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15637 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-02-24 01:00:57 +00:00
Russell Keith-Magee 7aa84917a4 Fixed #15299 -- Started the process of migrating the auth context processor support classes into the auth context processor module. Thanks to shailesh for the report, and v1v3kn for the draft patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15635 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-02-23 13:36:58 +00:00
Russell Keith-Magee b9a20d1e3b Fixed #15371 -- Ensure that a superuser created with the createsuperuser management command with --noinput has an invalid password, not a blank password. Thanks to yishaibeeri for the report and patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15631 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-02-22 11:33:04 +00:00
Russell Keith-Magee 7536f63b32 Fixed #14768 -- Added an es_MX locale and initial translation. Thanks to Alonso Bautista Villalobos and the rest of the Mexican translation team. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15433 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-02-06 06:06:29 +00:00
Russell Keith-Magee 7a60b41130 Fixed #15111 -- Ensured that the auth, contenttypes and sitemaps tests will run when the sites app isn't installed. Thanks to Waldemar Kornewald for the report and draft patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15418 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-02-05 03:49:03 +00:00
Russell Keith-Magee d053624aa8 Fixed #15067 -- Modified the range checks on base36_to_int so you are guaranteed to always get an int, avoiding possible OverflowErrors. Thanks to Garthex for the report, jboutros for the patch, and kfrazier for the feedback. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15288 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-01-24 08:02:40 +00:00
Jannis Leidel b3ab63d66b Added new translation files to auth contrib app. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15261 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-01-21 17:59:27 +00:00
Chris Beaven faa4a98f27 Change the lack of supports_inactive_user on an auth backend to a 
!PendingDeprecationWarning (refs #14249), fixing some bad links in the
1.3 release docs and a typo.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@15204 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-01-14 08:31:14 +00:00
Russell Keith-Magee 8781ea6cd7 Fixed #14975, #14925 -- Added some cache flushing to avoid some cross-test effects. Thanks to jsdalton and rpbarlow for the reports. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15192 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-01-13 16:22:03 +00:00
Jannis Leidel 937548bba4 Fixed #15043 -- Updated the login function to send the user_logged_in signal after the user's session got recycled instead of before. Thanks, Rob Hudson. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15168 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-01-10 08:15:52 +00:00
Alex Gaynor 6819be1ea1 Fix a security issue in the auth system. Disclosure and new release forthcoming. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15032 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-12-23 03:45:08 +00:00
Jannis Leidel 745c255a19 Fixed #14249 -- Added support for inactive users to the auth backend system. Thanks, Harro van der Klauw. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15010 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-12-21 19:18:12 +00:00
Russell Keith-Magee 059d9205d4 Fixed #14920 -- Fixed some test failures caused by caching contenttypes that were loaded during a contenttype fixture test. Thanks to Karen for the report. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14985 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-12-19 13:01:51 +00:00
Jannis Leidel 674c671cae Fixed #14731 -- Respect ordering when creating the default permissions. Thanks, chipx86. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14891 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-12-12 22:59:28 +00:00
Jannis Leidel 867e935c51 Fixed #14446 -- Prevented the password reset confirmation view to be cached. Thanks, Paul and Gabriel. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14890 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-12-12 22:59:03 +00:00
Russell Keith-Magee 5b8ef18dcc Fixed #14795 -- Ensure that get_all_permissions() returns the right result (i.e., all permissions) for superusers. Thanks to jay.halleaux@gmail.com for the report, and Brett Haydon for the patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14797 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-12-04 05:59:56 +00:00
Russell Keith-Magee 34a386378f Fixed #13190 -- Improved error handling for the case where no authentication backends are defined. Thanks to Joel3000 for the report, and Łukasz Rekucki for the final patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14793 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-12-04 04:47:59 +00:00
Jannis Leidel cc64fb5c4b Fixed #8342 -- Removed code from the admin that assumed that you can't login with an email address (nixed by r12634). Also refactored login code slightly to be DRY by using more of auth app's forms and views. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14769 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-12-02 00:44:35 +00:00
Jannis Leidel 07705ca129 Fixed #5298 -- Added extra_context to contrib auth views. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14768 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-12-02 00:43:52 +00:00
Chris Beaven dceaa82dec Fixed #14809 -- broken login related tests after r14733. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14764 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-12-01 22:25:17 +00:00
Chris Beaven e74edb4d53 Fixes #11025 -- ability to specify LOGIN_URL as full qualified absolute URL. 
auth.views.login now allows for login redirections for different schemes
with the same host (or no host even, e.g. 'https:///login/')

auth.decorators.login_required can now use lazy urls (refs #5925)

git-svn-id: http://code.djangoproject.com/svn/django/trunk@14733 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-11-27 22:43:33 +00:00
Jannis Leidel 132afbf8ee Fixed #5612 -- Added login and logout signals to contrib auth app. Thanks SmileyChris and pterk. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14710 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-11-26 13:33:27 +00:00
Ramiro Morales 0e26f58dae Corrected change in behavior regarding the page shown after the 'Save' button is pressed when adding a user through the admin. 
It had been introduced in trunk (r13503) and between 1.2.1 and 1.2.2 (r13504). The original fix intended to correct a similar problem introduced between 1.1 and 1.2 (r12218) this time in the 'Save and add another' button.
We have now tests for the three buttons present in the Add User admin form to avoid future regressions.
Thanks to Juan Pedro Fisanotti and Cesar H. Roldan for their work.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@14628 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-11-19 22:45:51 +00:00
Jannis Leidel 9b6535b894 Fixed #7077 and #7431 -- Use getpass.getuser instead of pwd.getpwuid to determine the current system user's username in the createsuperuser management command to enable the feature on Windows. getpass.getuser automatically falls back to the previous method. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14607 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-11-17 20:28:33 +00:00
Luke Plant 02fc6276d7 Fixed #14508 - test suite silences warnings. 
Utility functions get_warnings_state and save_warnings_state have been added
to django.test.utils, and methods to django.test.TestCase for convenience.

The implementation is based on the catch_warnings context manager from
Python 2.6.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@14526 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-11-11 15:06:20 +00:00
Luke Plant 6feef0c13e Fixed #14612 - Password reset page leaks valid user ids publicly. 
Thanks to PaulM for the report.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@14456 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-11-04 12:36:55 +00:00
Luke Plant 7d4a3991f3 Fixed a test setup and isolation bug that was causing PasswordResetTest to fail when run individually 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14455 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-11-04 12:31:57 +00:00
Alex Gaynor 877033b479 Sped up the create_permissions signal handler (and thus the test suite) by restructuring its queries. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14446 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-11-04 00:01:54 +00:00
Alex Gaynor 34e545a938 Restructure the create_permission signal handler to perform fewer SQL queries, this speeds up the test suite dramatically. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14413 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-11-01 20:54:39 +00:00
Alex Gaynor 282e53b499 Reflow django/contrib/auth/management/__init__.py for readability. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14408 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-10-31 16:49:36 +00:00
Alex Gaynor 15b3350d30 Fixed the auth tests so they work when the AUTHENTICATION_BACKENDS setting is a list. Thanks to Patrick Altman for the report. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14406 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-10-31 16:25:29 +00:00
Luke Plant 45c7f427ce Fixed #14445 - Use HMAC and constant-time comparison functions where needed. 
All adhoc MAC applications have been updated to use HMAC, using SHA1 to
generate unique keys for each application based on the SECRET_KEY, which is
common practice for this situation. In all cases, backwards compatibility
with existing hashes has been maintained, aiming to phase this out as per
the normal deprecation process. In this way, under most normal
circumstances the old hashes will have expired (e.g. by session expiration
etc.) before they become invalid.

In the case of the messages framework and the cookie backend, which was
already using HMAC, there is the possibility of a backwards incompatibility
if the SECRET_KEY is shorter than the default 50 bytes, but the low
likelihood and low impact meant compatibility code was not worth it.

All known instances where tokens/hashes were compared using simple string
equality, which could potentially open timing based attacks, have also been
fixed using a constant-time comparison function.

There are no known practical attacks against the existing implementations,
so these security improvements will not be backported.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@14218 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-10-14 20:54:30 +00:00
Russell Keith-Magee 03f00bcd42 Fixed #14447 -- Modified the auth and sitemaps tests to remove some assumptions about the environment in which the tests are run. Thanks to Gabriel Hurley for the report and patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14184 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-10-12 07:15:47 +00:00
Russell Keith-Magee 1070c57b83 Fixed #14436 -- Escalated 1.2 PendingDeprecationWarnings to DeprecationWarnings, and removed 1.1 deprecated code. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14138 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-10-11 12:20:07 +00:00
Luke Plant f3429da6a0 Converted contrib/auth/tokens doctests to unittests. We've always said "no more" to doctests. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14100 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-10-10 01:06:42 +00:00
Russell Keith-Magee a904e55859 Fixed #11509 -- Modified usage of "Web" to match our style guide in various documentation, comments and code. Thanks to timo and Simon Meers for the work on the patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14069 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-10-09 08:12:50 +00:00
Russell Keith-Magee 8755fb1549 Fixed #14354 -- Normalized the handling of empty/null passwords in contrib.auth. This also updates the createsuperuser command to be more testable, and migrates some auth doctests. Thanks to berryp for the report, and Laurent Luce for the patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14053 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-10-09 03:34:08 +00:00
Russell Keith-Magee f53491db6e #14374 -- Added some missing template files to ensure that contrib.auth tests will pass when admin isn't installed. Thanks to henriquebastos for the report and patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14003 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-10-08 13:50:54 +00:00
Luke Plant 667d832e90 Fixed #14386, #8960, #10235, #10909, #10608, #13845, #14377 - standardize Site/RequestSite usage in various places. 
Many thanks to gabrielhurley for putting most of this together.  Also to
bmihelac, arthurk, qingfeng, hvendelbo, petr.pulc@s-cape.cz, Hraban for
reports and some initial patches.

The patch also contains some whitespace/PEP8 fixes.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@13980 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-10-04 14:20:47 +00:00
Jannis Leidel 1df1378f9e Fixed #13827 -- Cleaned up a few unnecessary function calls. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13876 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-09-26 21:36:22 +00:00
Malcolm Tredinnick 4084bc7354 Permit custom from-email address in auth forms email. 
Patch from cassidy and Rob Hudson. Fixed #11300.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@13817 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-09-12 22:38:01 +00:00
Jannis Leidel bb00b28399 Added login_url argument to login_required decorator. Thanks mhlakhani and ericflo for the report and patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13723 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-09-10 19:38:57 +00:00
Luke Plant 303bdc85a7 Fixed #14242 - UserChangeForm subclasses without 'user_permissions' field causes KeyError 
This was a regression introduced by [13683]

Thanks to adammckerlie@gmail.com for report.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@13702 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-09-09 23:31:54 +00:00
Luke Plant 801bb146e8 Converted tests for contrib.auth.forms to unit tests. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13701 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-09-09 23:21:16 +00:00
Luke Plant bdd13a4daa Fixed #14090 - Many sql queries needed to display change user form 
Thanks to Suor for report and patch.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@13683 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-09-03 18:56:12 +00:00
Jannis Leidel 286ce85e45 Fixed #13569 -- Fixed createsuperuser management command to work with the new relaxed requirements for usernames. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13297 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-05-21 14:08:49 +00:00
Russell Keith-Magee 5211f48ae3 Fixed #12164 -- Removed the Python 2.3 compatibility imports and workarounds. Thanks to timo and claudep for the patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13094 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-05-04 14:00:30 +00:00
Russell Keith-Magee 056c940f0d Fixed #13304 -- Updated auth decorators so they can be used with callable classes. Thanks to Horst Gutmann for the report and patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12938 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-04-09 11:07:17 +00:00
Jannis Leidel 7989a78baf Fixed #13000 - Use a dictionary for the error messages definition in user creation and change form. Thanks for the patch, lgs. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12785 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-03-15 12:16:01 +00:00
Russell Keith-Magee 4dfe6190fa Fixed #13108 -- Corrected an ambiguity in test data with the potential to cause test failures out of the box. Thanks to benreynwar for the report. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12778 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-03-15 06:55:56 +00:00
Jacob Kaplan-Moss 973bf6f485 Fixed #5605: only lowercase the domain portion of an email address in `UserManager.create_user`. 
Thanks, Leo.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@12641 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-03-01 20:30:44 +00:00
Jacob Kaplan-Moss 6e748b5db4 Fixed #11457: tightened the security check for "next" redirects after logins. 
The new behavior still disallows redirects to off-site URLs, but now allows
redirects of the form `/some/other/view?foo=http://...`.

Thanks to brutasse.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@12635 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-03-01 19:58:53 +00:00
Jacob Kaplan-Moss c8015052d9 Fixed #5786: relaxed the validation for usernames to allow more common characters '@', etc. 
This is really just a stop-gap until we come up with a improved way of handling
disparate auth data, but it should help us stretch a bit more milage out of the
current system.

Thanks to alextreme, lbruno, and clayg.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@12634 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-03-01 19:49:05 +00:00
Russell Keith-Magee 6b2f125b80 Fixed #12729 -- Replaced a hard-coded SQL statement with an ORM query so that the contrib.auth ModelBackend will work on a routed multi-db setup. Thanks to dhageman for the report. 
Historical note: The SQL that was removed predates Django being open sourced.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@12509 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-02-23 12:02:41 +00:00
Justin Bronn 1d5165e3be Fixed #12776 -- `User.get_profile` now raises `SiteProfileNotAvailable` instead of `AttributeError` in certain circumstances. Thanks, Bruno Renié. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12506 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-02-23 05:52:37 +00:00
Russell Keith-Magee eb67e449dd Fixed #12864 -- Corrected handling of new user creation when a multi-database router is in place. Thanks to haris@dubizzle.com for the report. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12488 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-02-22 13:09:02 +00:00
Jannis Leidel 67d4289c2e Fixed #12066 - Moved auth context processor from core to the auth app. Thanks, Rob Hudson. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12466 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-02-21 23:40:47 +00:00
Russell Keith-Magee b794441951 Fixed #10976 -- Isolated contrib.auth tests so they will always pass, regardless of any local templates. Thanks to aarond10 for the report, and SmileyChris for turning that into a patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12420 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-02-13 12:02:11 +00:00
Luke Plant 4bff194633 Fixed #12804 - regression with decorating admin views. 
This is a BACKWARDS INCOMPATIBLE change, because it removes the flawed
'auto_adapt_to_methods' decorator, and replaces it with 'method_decorator'
which must be applied manually when necessary, as described in the 1.2
release notes.

For users of 1.1 and 1.0, this affects the decorators:

 * login_required
 * permission_required
 * user_passes_test

For those following trunk, this also affects:

 * csrf_protect
 * anything created with decorator_from_middleware 

If a decorator does not depend on the signature of the function it is
supposed to decorate (for example if it only does post-processing of the
result), it will not be affected.
 



git-svn-id: http://code.djangoproject.com/svn/django/trunk@12399 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-02-09 15:02:39 +00:00
Russell Keith-Magee 47acb1d659 Fixed #6273 -- Added a 'changepassword' management command. Thanks to Ludvig Ericson and Justin Lilly for their work on this patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12351 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-01-29 08:10:29 +00:00
Luke Plant 8daec78cfd Fixed #12557 - AnonymousUser should check auth backends for permissions 
Thanks to hvdklauw for the idea and work on the patch.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@12316 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-01-28 01:47:23 +00:00
Russell Keith-Magee 1b3dc8ad9a Fixed #12540, #12541 -- Added database routers, allowing for configurable database use behavior in a multi-db setup, and improved error checking for cross-database joins. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12272 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-01-22 14:30:06 +00:00
Jannis Leidel 5cd4c3e559 Fixed #12644 - Allow overriding the admin user creation form based on r12216. Thanks, minmax. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12265 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-01-19 22:19:26 +00:00
Jannis Leidel 373076a3cc Fixed #12606 - Removed stray print statement. Thanks, Sean Brant. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12225 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-01-14 11:12:24 +00:00
Jannis Leidel f4998574d3 Fixed #11796 - Tweaked ordering of permissions a little more to be even nicer. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12219 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-01-12 23:35:54 +00:00
Jannis Leidel c4470e5ced Make use of new ability to override admin add form templates and removed a litle bit of redundancy in the templates. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12218 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-01-12 23:35:29 +00:00
Joseph Kocherhans 2f9853b2dc Fixed #12512. Changed ModelForm to stop performing model validation on fields that are not part of the form. Thanks, Honza Kral and Ivan Sagalaev. 
This reverts some admin and test changes from [12098] and also fixes #12507, #12520, #12552 and #12553.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@12206 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-01-12 02:29:45 +00:00
Adrian Holovaty 71e8d5dd87 Fixed #11409 -- Reordered the permissions checkboxes in the admin into a more natural progression. Thanks, benspaulding 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12203 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-01-10 21:58:01 +00:00
Adrian Holovaty 5ceed0a053 Changed a whole bunch of places to raise exception instances instead of old-style raising exception classes plus a comma. Good for the future Python 3 conversion 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12180 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-01-10 18:36:20 +00:00
Adrian Holovaty 19b72077f7 Fixed #8049 -- Fixed inconsistency in admin site is_active checks. Thanks for patch and tests, isagalaev 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12159 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-01-10 16:51:13 +00:00
Joseph Kocherhans 471596fc1a Merged soc2009/model-validation to trunk. Thanks, Honza! 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12098 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-01-05 03:56:19 +00:00
Jannis Leidel 57d7181caa Fixed #12462 - Fixed edge case with auth backends that don't support object permissions. Thanks to Florian Apolloner for catching it. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12032 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-12-30 22:12:57 +00:00
Russell Keith-Magee ff60c5f9de Fixed #1142 -- Added multiple database support. 
This monster of a patch is the result of Alex Gaynor's 2009 Google Summer of Code project.
Congratulations to Alex for a job well done.

Big thanks also go to:
 * Justin Bronn for keeping GIS in line with the changes,
 * Karen Tracey and Jani Tiainen for their help testing Oracle support
 * Brett Hoerner, Jon Loyens, and Craig Kimmerer for their feedback.
 * Malcolm Treddinick for his guidance during the GSoC submission process.
 * Simon Willison for driving the original design process
 * Cal Henderson for complaining about ponies he wanted.

... and everyone else too numerous to mention that helped to bring this feature into fruition.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@11952 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-12-22 15:18:51 +00:00
Russell Keith-Magee 35cc439228 Fixed #7052 -- Added support for natural keys in serialization. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11863 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-12-14 12:39:20 +00:00
Jannis Leidel 9bf652dfd6 Fixed #11010 - Add a foundation for object permissions to authentication backends. Thanks to Florian Apolloner for writing the initial patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11807 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-12-10 01:05:35 +00:00
Luke Plant 25020ddb05 Fixed #4604 - Configurable message passing system, supporting anonymous users 
This deprecates User.message_set in favour of a configurable messaging
system, with backends provided for cookie storage, session storage and
backward compatibility.

Many thanks to Tobias McNulty for the bulk of the work here, with
contributions from Chris Beaven (SmileyChris) and lots of code review from
Russell Keith-Magee, and input from many others.  Also credit to the authors
of various messaging systems for Django whose ideas may have been pinched
:-)



git-svn-id: http://code.djangoproject.com/svn/django/trunk@11804 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-12-09 16:57:23 +00:00
Luke Plant 7230a995ce Moved contrib.csrf.* to core code. 
There is stub code for backwards compatiblity with Django 1.1 imports.

The documentation has been updated, but has been left in
docs/contrib/csrf.txt for now, in order to avoid dead links to
documentation on the website.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@11661 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-10-27 00:36:34 +00:00
Luke Plant 8e70cef9b6 Fixed #9977 - CsrfMiddleware gets template tag added, session dependency removed, and turned on by default. 
This is a large change to CSRF protection for Django.  It includes:

 * removing the dependency on the session framework.
 * deprecating CsrfResponseMiddleware, and replacing with a core template tag.
 * turning on CSRF protection by default by adding CsrfViewMiddleware to
   the default value of MIDDLEWARE_CLASSES.
 * protecting all contrib apps (whatever is in settings.py)
   using a decorator.

For existing users of the CSRF functionality, it should be a seamless update,
but please note that it includes DEPRECATION of features in Django 1.1,
and there are upgrade steps which are detailed in the docs.

Many thanks to 'Glenn' and 'bthomas', who did a lot of the thinking and work
on the patch, and to lots of other people including Simon Willison and
Russell Keith-Magee who refined the ideas.

Details of the rationale for these changes is found here:

http://code.djangoproject.com/wiki/CsrfProtection

As of this commit, the CSRF code is mainly in 'contrib'.  The code will be
moved to core in a separate commit, to make the changeset as readable as
possible.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@11660 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-10-26 23:23:07 +00:00
Luke Plant c161bf21f0 Fixed #6552, #12031 - Make django.core.context_processors.auth lazy to avoid "Vary: Cookie" 
Thanks to olau@iola.dk, Suor for the report



git-svn-id: http://code.djangoproject.com/svn/django/trunk@11623 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-10-14 18:09:13 +00:00
Luke Plant c46ddbf1fc Fixed #8274 - allow custom forms for auth 'login' and 'password_change' views 
Thanks to julien for the suggestion and patch, and SmileyChris for work on the patch.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@11618 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-10-12 15:32:24 +00:00
Luke Plant af02f38e02 Rewrote user_passes_test to use auto_adapt_to_methods, removing the need for _CheckLogin 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11587 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-09-21 22:34:45 +00:00
Luke Plant 4a5630fe75 Removed unnecessary keys in django.contrib.auth.test.__test__ 
Only doctest tests, and not TestCases, need to be in __test__ AFAICS.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@11481 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-09-10 09:51:27 +00:00
Russell Keith-Magee e91deca779 Fixed #10521 -- Modified the Remote User tests so that it isn't dependent on particular deployed URLs. Thanks to Kegan and Ramiro Morales for their contributions. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10674 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-05-04 07:05:44 +00:00
Malcolm Tredinnick 5a57a7f006 Fixed #8752 -- Fixed django.contrib.auth tests to be locale-independent. 
Patch from Koen Biermans.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@10599 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-04-19 03:41:33 +00:00
Jacob Kaplan-Moss ab562bf954 Fixed #10694: correctly check permissions in the change password admin. Thanks, jturnbull. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10591 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-04-18 21:04:40 +00:00
Jacob Kaplan-Moss 9faa1cd9b5 Fixed #10747: fixed the auth tests to ignore broken user-supplied login/logout templates. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10482 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-04-10 15:50:51 +00:00
Jacob Kaplan-Moss 6d5492630d Fixed a sloppy test auth test. [10400] revealed that the auth test was relying on the weird difference between calling a management from the shell and from `call_command`. That this worked in the first case was pretty much an accident. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10404 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-04-05 19:00:27 +00:00
Jacob Kaplan-Moss 2a994716a1 Fixed #10265: fixed a bug when generating a password reset token for a user created on the same request. Thanks, crucialfelix. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10341 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-04-01 21:25:24 +00:00
Jacob Kaplan-Moss 3e6f4674e2 Fixed #10460: the logout view can now redirect like the rest of the auth views. Thanks, chronos and steingrd. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10332 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-04-01 17:02:32 +00:00
Jacob Kaplan-Moss 35a1f22bc2 Fixed #10106: added is_active to user admin's list_display. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10331 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-04-01 16:43:01 +00:00
Jacob Kaplan-Moss 19b9211a3b Fixed #9881: Added the to the login view context, not just the site's name. Thanks, nessita. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10330 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-04-01 16:37:48 +00:00
Jacob Kaplan-Moss e6ad4fb901 Fixed #9474: user_passes_test may now be applied multiple times. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10328 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-04-01 16:17:38 +00:00
Gary Wilson Jr b4f5655c86 Fixed #10553 -- Corrected several uses of `URLconf` in documentation and comments, according to the Django style guide. Based on patch from rduffield. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10256 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-03-31 16:07:07 +00:00
Gary Wilson Jr 3989a7ae11 Fixed #8140 -- Made `UserManager.create_superuser` return the new `User` object, based on patch from ericholscher. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10217 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-03-30 22:00:07 +00:00
Jacob Kaplan-Moss c485e236bd Fixed #8193: all dynamic imports in Django are now done correctly. I know this because Brett Cannon borrowed the time machine and brought Python 2.7's '`importlib` back for inclusion in Django. Thanks for the patch-from-the-future, Brett! 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10088 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-03-18 16:55:59 +00:00
Gary Wilson Jr b994387d8d Fixed #689 -- Added a middleware and authentication backend to contrib.auth for supporting external authentication solutions. Thanks to all who contributed to this patch, including Ian Holsman, garthk, Koen Biermans, Marc Fargas, ekarulf, and Ramiro Morales. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10063 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-03-15 05:54:28 +00:00
Luke Plant 1306079a02 Fixed #10017 - PasswordResetForm.clean_email was not returning the value. 
Thanks Zak Johnson, Leo


git-svn-id: http://code.djangoproject.com/svn/django/trunk@9906 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-02-26 17:11:28 +00:00
Russell Keith-Magee 39dd44570c Fixed #10025 -- Corrected two minor typos in source documentation. Thanks to Tarken for the report. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9861 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-02-22 06:08:37 +00:00
Jacob Kaplan-Moss 1f84630c87 Fixed #6470: made the admin use a URL resolver. 
This *is* backwards compatible, but `admin.site.root()` has been deprecated. The new style is `('^admin/', include(admin.site.urls))`; users will need to update their code to take advantage of the new customizable admin URLs.

Thanks to Alex Gaynor.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@9739 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-01-14 20:22:25 +00:00
Adrian Holovaty be2697209b Improved the auth admin site to raise Http404 with a helpful error message if DEBUG is True, explaining why permission isn't denied. Refs #9866, and see also [9682] 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9683 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-12-25 06:17:42 +00:00
Adrian Holovaty 62362c6175 Added comment to UserAdmin.add_view() explaining why we disallow users without change permissions from adding other users. Refs #9866 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9682 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-12-25 06:04:11 +00:00
Karen Tracey bcd63cbfb0 Fixed #6160, #9111 -- Consistently apply conditional_escape to form errors and labels when outputing them as HTML. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9365 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-11-06 19:49:24 +00:00
Malcolm Tredinnick fb62bcc69e Fixed #8321 -- Change django.contrib.auth.models to use django.utils.hashcompat 
for consistency with other code. Thanks, magneto.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@9160 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-10-06 05:14:17 +00:00
Malcolm Tredinnick c58c1f43cf Fixed #5753 -- Allow createsuperuser to work in situations where there 
might be a valid password database entry for the current user id.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@9158 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-10-06 04:54:14 +00:00
Malcolm Tredinnick 2f0be0faae Fixed #8660 -- Small database query optimisation in User.get_profile. 
When calling User.get_profile(), we now tell the profile object about the
related User object right away. This can save a database lookup later if
something in the user profile object wants to refer to the user object.

Patch from Mike Malone.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@9152 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-10-05 12:07:10 +00:00
Brian Rosner ab13303ea4 Fixed #8433 -- Deal with the add user popup on models that foreign key to User correctly. Thanks sorl for the report and fix. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8776 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-08-31 21:24:33 +00:00
Gary Wilson Jr c2ba59fc1d Removed oldforms, validators, and related code: 
* Removed `Manipulator`, `AutomaticManipulator`, and related classes.
 * Removed oldforms specific bits from model fields:
   * Removed `validator_list` and `core` arguments from constructors.
   * Removed the methods:
     * `get_manipulator_field_names`
     * `get_manipulator_field_objs`
     * `get_manipulator_fields`
     * `get_manipulator_new_data`
     * `prepare_field_objs_and_params`
     * `get_follow`
   * Renamed `flatten_data` method to `value_to_string` for better alignment with its use by the serialization framework, which was the only remaining code using `flatten_data`.
 * Removed oldforms methods from `django.db.models.Options` class: `get_followed_related_objects`, `get_data_holders`, `get_follow`, and `has_field_type`.
 * Removed oldforms-admin specific options from `django.db.models.fields.related` classes: `num_in_admin`, `min_num_in_admin`, `max_num_in_admin`, `num_extra_on_change`, and `edit_inline`.
 * Serialization framework
   * `Serializer.get_string_value` now calls the model fields' renamed `value_to_string` methods.
   * Removed a special-casing of `models.DateTimeField` in `core.serializers.base.Serializer.get_string_value` that's handled by `django.db.models.fields.DateTimeField.value_to_string`.
 * Removed `django.core.validators`:
   * Moved `ValidationError` exception to `django.core.exceptions`.
   * For the couple places that were using validators, brought over the necessary code to maintain the same functionality.
 * Introduced a SlugField form field for validation and to compliment the SlugField model field (refs #8040).
 * Removed an oldforms-style model creation hack (refs #2160).

git-svn-id: http://code.djangoproject.com/svn/django/trunk@8616 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-08-27 07:19:44 +00:00
Malcolm Tredinnick 157dbe2fff Fixed #8552 -- Use the LOGIN_REDIRECT_URL setting in the auth tests, rather than hard-coding the value. 
This enables things to work properly when installed in other configurations.
Patch from aeby.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@8613 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-08-27 06:02:13 +00:00
Jacob Kaplan-Moss 78d13fb1c2 Fixed #8379: the admin user change form now properly validates the username. Thanks, kratorius. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8544 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-08-25 17:10:20 +00:00
Jacob Kaplan-Moss 9a1e4cedde Fixed #8344: make User.get_profile() work when settings.AUTH_PROFILE_MODULE is unset. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8543 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-08-25 16:56:59 +00:00
Jacob Kaplan-Moss 15ed0d65b0 Fixed #7833: the user creation form now works when password1 isn't set. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8542 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-08-25 16:55:57 +00:00
Russell Keith-Magee 96d12748a9 Added app_label to the context for the add user admin view. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8510 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-08-24 06:46:53 +00:00
Malcolm Tredinnick aa78a05e69 Fixed #8359 -- Add an admin log entry when creating a new user. 
Patch from evan_schulz.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@8503 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-08-23 21:45:36 +00:00
Malcolm Tredinnick abb1c508cc Tests for password change process. Thanks, Mike Richardson. Fixed #8402. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8497 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-08-23 18:20:49 +00:00
Brian Rosner ab26efc952 Fixed #8493 -- Fixed a NoReverseMatch when redirecting to password_change/done/ in the admin. Added the ability to override redirects to other password change views for consistency. Thanks for the report mtrichardson. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8473 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-08-23 03:26:01 +00:00
Malcolm Tredinnick c8c159cbba When logging in, change the session key whilst preserving any existing 
sesssion. This means the user will see their session preserved across a login
boundary, but somebody snooping the anonymous session key won't be able to view
the authenticated session data.

This is the final piece of the session key handling changes.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@8459 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-08-21 13:54:53 +00:00
Gary Wilson Jr 3bb50169d9 Removed unused and redefined imports. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8386 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-08-15 17:42:13 +00:00
Gary Wilson Jr 415bf3efb3 Fixed #7364 -- Never cache the contrib.auth login view. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8383 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-08-15 17:10:14 +00:00
Malcolm Tredinnick 97a7dab2b1 Fixed #6941 -- When logging a user out, or when logging in with an existing 
session and a different user id to the current session owner, flush the session
data to avoid leakage. Logging in and moving from an anonymous user to a
validated user still keeps existing session data.

Backwards incompatible if you were assuming sessions persisted past logout.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@8343 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-08-14 03:58:00 +00:00
Jacob Kaplan-Moss bb30805452 Fixed #8131: use reverse() in auth views. Patch from davenaff. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8334 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-08-12 23:31:31 +00:00
Gary Wilson Jr f09f14d0ae Fixed #8226 -- Fixed a Python 2.3 incompatibility in a unicode string substitution, thanks nfg. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8302 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-08-11 15:13:00 +00:00
Gary Wilson Jr 0b01d50076 Refs #7742 -- Removed unused `validator_list` argument (this is already being checked by the `UserCreationForm`). 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8293 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-08-11 04:30:30 +00:00
Brian Rosner a7d3c92767 Fixed #8202 -- Moved user_change_password to UserAdmin. This enables seamless integration of a custom UserAdmin. Thanks ElliottM for catching this. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8283 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-08-10 09:43:48 +00:00
Brian Rosner baac791c4b Fixed #7932 -- Made it easier to use a custom User model with the admin. Added add_form attribute to UserAdmin and removed hard-coded dependancies to User. Thanks ElliottM for the patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8280 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-08-10 04:22:21 +00:00
Jacob Kaplan-Moss 19bbc74e46 Fixed #7115: tweaked ordering on Permission to more closely match the pre-QSRF behavior, which was nice. Thanks, Matthew Flanagan. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8246 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-08-08 21:24:02 +00:00
Jacob Kaplan-Moss 34a3bd5225 Major refactoring of django.dispatch with an eye towards speed. The net result is that signals are up to 90% faster. 
Though some attempts and backwards-compatibility were made, speed trumped compatibility. Thus, as usual, check BackwardsIncompatibleChanges for the complete list of backwards-incompatible changes.

Thanks to Jeremy Dunck and Keith Busell for the bulk of the work; some ideas from Brian Herring's previous work (refs #4561) were incorporated.

Documentation is, sigh, still forthcoming.

Fixes #6814 and #3951 (with the new dispatch_uid argument to connect).


git-svn-id: http://code.djangoproject.com/svn/django/trunk@8223 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-08-06 15:32:46 +00:00
Luke Plant 8e24b37610 Cleaned up whitespace 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8214 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-08-05 16:36:20 +00:00
Russell Keith-Magee bf65fd0a80 Fixed #8901 -- Corrected typo in docstring. Thanks to Hayley Bonham <djangocode@vortex.cx> for the report. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8207 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-08-04 12:11:04 +00:00
Gary Wilson Jr c85c8f8891 Fixed #7919 -- md5 and sha modules are deprecated since Python 2.5, use hashlib module when available. Patch from Karen Tracey. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8193 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-08-02 05:56:57 +00:00
Luke Plant 8dff194e9b Fixed #3062 - removed arbitrary and unneeded max_length on password fields in auth forms. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8180 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-08-01 21:18:17 +00:00
Luke Plant 64f5ab67a5 Changed some URL conf regexes to rawstrings for consistency 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8172 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-08-01 16:18:24 +00:00
Luke Plant 079e5bf1ec Added a login link to the password reset completion screen. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8171 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-08-01 16:13:12 +00:00
Luke Plant fcd837cd0f Fixed #7723 - implemented a secure password reset form that uses a token and prompts user for new password. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8162 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-07-31 20:47:53 +00:00
Russell Keith-Magee 99e34c1846 Fixed #8042 -- Modified the password reset form so that the email field length matches the User model. Thanks to Bob Thomas <bthomas@ncircle.com> for the report. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8159 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-07-31 09:08:55 +00:00
Adrian Holovaty 29f0e8182f Fixed #7847 -- Removed a whole bunch of unused imports from throughout the codebase. Thanks, julien 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8046 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-07-22 03:24:09 +00:00
Adrian Holovaty 8bc442e771 Fixed #7304 -- Gave AnonymousUser a has_perms() method, which it was lacking 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8044 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-07-22 03:05:40 +00:00
Jacob Kaplan-Moss 46786b4193 Fixed #7741: django.newforms is now django.forms. This is obviously a backwards-incompatible change. There's a warning upon import of django.newforms itself, but deeper imports will raise errors. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@7971 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-07-19 01:22:26 +00:00
Brian Rosner a19ed8aea3 Merged the newforms-admin branch into trunk. 
This is a backward incompatible change. The admin contrib app has been
refactored. The newforms module has several improvements including FormSets
and Media definitions.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@7967 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-07-18 23:54:34 +00:00
Gary Wilson Jr 56e1cdc8bc Fixed a long and complex line by breaking into a for loop, with the added benefit that the method will now exit as soon as a matching 
permission is found instead of checking all of the user's permissions and putting them into a temporary list.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@7823 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-07-02 05:05:50 +00:00
Gary Wilson Jr 73dfef8771 Added docstring and other minor style fixes. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@7822 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-07-02 05:00:09 +00:00
Russell Keith-Magee 8cb128e57c Refs #7521 -- Re-reverted [7716] (originally reverted in [7726]), now modified to use the new TestCase urlpattern framework. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@7808 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-06-30 13:11:12 +00:00
Malcolm Tredinnick 339df5ce44 Fixed #6089 -- Removed default ordering on the User class. 
Admin users are still ordered, since we add it in specially for Admin. Slightly
backwards incompatible.

Patch from Erik Karulf.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@7806 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-06-30 12:52:46 +00:00
Adrian Holovaty fbef599f60 Fixed #6306 -- redirect_to_login() helper function now quotes the URL arguments correctly. Thanks, SmileyChris 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@7749 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-06-26 04:11:53 +00:00
Adrian Holovaty 54f7da3a27 Fixed #7274 -- Improved the django.contrib.auth password_reset() view not to require the Sites framework. Thanks, joshrl 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@7748 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-06-26 04:09:29 +00:00
Russell Keith-Magee c8d39f15cb Fixed #7521 -- Reverted [7716]. Fixed URLs in test case broke any application that deployed contrib.auth. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@7726 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-06-23 12:17:57 +00:00
Luke Plant fad8e8f7c2 Added basic tests for auth.views.password_reset 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@7716 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-06-20 17:43:12 +00:00
Jacob Kaplan-Moss 2b62e945b0 Fixed #3393: login view no longer assumes that set_test_cookie has been called. This is mildly backwards-incompatible, but in the "now it works the way it should have all along" sense. Thanks to James and lcordier for the patches. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@7692 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-06-18 16:13:14 +00:00
Jacob Kaplan-Moss b0ebcfe15a Fixed #7394: fixed bug with syncdb and createsuperuser introduced in [7590]. Thanks, av0000@mail.ru 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@7598 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-06-08 18:18:01 +00:00
Russell Keith-Magee 8398ea6603 Fixed #7392 -- Corrected a typo in the backwards-compatibility layer to the new createsuperuser command. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@7596 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-06-08 08:45:14 +00:00
Jacob Kaplan-Moss 5675ae4443 Fixed #5614: added 'manage.py createsuperuser'. Thanks, programmerq. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@7590 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-06-08 05:31:16 +00:00
Malcolm Tredinnick 6dfe245f02 Updated the inline help text for User.is_active. 
Fixed #6881. Refs #7011.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@7414 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-04-13 01:50:29 +00:00
Gary Wilson Jr a75e58be58 Fixed #5922 -- Turned `ModelBackend` authentication backend into a new-style class, thanks `Honza_Kral`. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@7201 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-03-08 03:09:29 +00:00
Gary Wilson Jr 5ca0b9203b Fixed #5701 -- Fixed decorators to take the name, attributes, and docstring of the function they decorate by adding a modified version of the `functools.wraps` function from Python 2.5. `wraps` has been altered to work with Django's `curry` function and with Python 2.3, which doesn't allow assignment of a function's `__name__` attribute. This fixes severaly annoyances, such as the online documentation for template filters served by the admin app. This change is backwards incompatible if, for some reason, you were relying on the name of a Django decorator instead of the function it decorates. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@7153 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-02-25 06:02:35 +00:00
Gary Wilson Jr 298d76aed4 Fixed #3165 -- Really allow underscores when making a superuser, thanks `SmileyChris`. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@7018 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-01-13 04:03:36 +00:00
Gary Wilson Jr a4478ee9c6 Fixed #6174 -- Made `AnonymousUser.is_active` False instead of True since `AnonymousUser`s can't login. Thanks, `SmileyChris`. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6912 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2007-12-11 06:37:07 +00:00
Luke Plant 8c9b65429a Fixed bug in /admin/doc/views/ caused by [6658] 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6659 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2007-11-09 15:27:49 +00:00
Luke Plant 8eeb9feab0 Fixed #4376 -- login_required now works with bound methods. Thanks, Steven Bethard. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6658 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2007-11-07 22:45:07 +00:00
Malcolm Tredinnick 212aa32e2a Fixed #5798 -- Added a missing translation marker. Thanks, maru. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6617 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2007-10-27 04:34:50 +00:00
Russell Keith-Magee d95c0fd017 Fixed #5636 -- Added missing Set import for Python2.3 support. Thanks, wangchun@exoweb.net. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6438 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2007-09-30 04:11:29 +00:00
Jacob Kaplan-Moss f857e37776 Fixed $5457 - the auth system now delegates permission checking to auth backend(s). As an added bonus, the auth backends now have some unit tests! Thanks, Florian Apolloner. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6375 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2007-09-19 16:50:30 +00:00
Adrian Holovaty bcfaa73514 Fixed #3604 -- django.contrib.auth password checking now uses hashlib if it's available. Thanks, Rob Hudson 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6318 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2007-09-15 19:45:33 +00:00
Jacob Kaplan-Moss 40702fe2f0 Small change to modpython auth handler to support Apache 2.2 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6305 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2007-09-15 18:36:31 +00:00
Malcolm Tredinnick 388182b622 Fixed #3032 -- Added some useful methods and attributes so that AnonymousUser can proxy for a User a bit more logically. Patch from semenov. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6299 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2007-09-15 18:01:29 +00:00
Adrian Holovaty ddd3d7c71f Fixed #5308 -- Redirect from pages that need login and have Unicode URL no longer causes error. Thanks, webjunkie 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6226 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2007-09-14 21:53:15 +00:00
Adrian Holovaty 55d6aebfec Fixed #5394 -- REDIRECT_FIELD_NAME is now configurable. Thanks, Petr Marhoun, DavidReynolds and effbot 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6206 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2007-09-14 19:25:37 +00:00
Adrian Holovaty 375c88d2bc Fixed #5227 -- Made the redirect security check in django.contrib.auth.views.login() tighter. Thanks, Sander Dijkhuis 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6004 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2007-08-25 18:34:28 +00:00
Adrian Holovaty 221f99ed58 Refactored quote_name() to DatabaseOperations.quote_name(). Refs #5106 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@5967 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2007-08-20 01:03:33 +00:00
Adrian Holovaty b38375ee4c Fixed bug in [5885] 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@5886 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2007-08-14 22:26:34 +00:00
Adrian Holovaty 6aae9b2aa4 Changed django.contrib.auth.views.login to use RequestSite if the sites framework is not installed -- i.e., the sites framework is no longer required to use this view. See also [5654] 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@5885 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2007-08-14 22:08:11 +00:00
Gary Wilson Jr 212ee65be7 Fixed #2101 -- Renamed `maxlength` argument to `max_length` for oldforms `FormField`s and db model `Field`s. This is fully backwards compatible at the moment since the legacy `maxlength` argument is still supported. Using `maxlength` will, however, issue a `PendingDeprecationWarning` when used. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@5803 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2007-08-05 05:14:46 +00:00
Simon Willison fd2b99b5f1 After discussing with Malcolm, added set_unusable_password() and has_usable_password() methods to the User object, plus tests and updated documentation 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@5771 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2007-07-28 18:30:40 +00:00
Russell Keith-Magee 6335317a42 Fixed #3505 -- Added handling for the error raised when the user forgets the comma in a single element tuple when defining AUTHENTICATION_BACKENDS. Thanks for the help identifying this problem, Mario Gonzalez <gonzalemario@gmail.com>. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@5678 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2007-07-13 05:03:33 +00:00
Malcolm Tredinnick 953badbea5 Merged Unicode branch into trunk (r4952:5608). This should be fully 
backwards compatible for all practical purposes.

Fixed #2391, #2489, #2996, #3322, #3344, #3370, #3406, #3432, #3454, #3492, #3582, #3690, #3878, #3891, #3937, #4039, #4141, #4227, #4286, #4291, #4300, #4452, #4702


git-svn-id: http://code.djangoproject.com/svn/django/trunk@5609 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2007-07-04 12:11:04 +00:00
Malcolm Tredinnick 179f478ffe Fixed #4751 -- Fixed that AnonymousUser.__str__ to always return a string 
object, as required by Python.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@5590 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2007-07-03 12:24:46 +00:00
Malcolm Tredinnick 17145eef4c Removed unneeded import. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@5536 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2007-06-25 16:10:33 +00:00
Malcolm Tredinnick 08aa5c585b Fixed #4607 -- Tweaked checks for features missing in Python 2.3 to not assume 
things Python does not guarantee. Patch from SmileyChris.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@5514 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2007-06-23 03:18:22 +00:00
Luke Plant 18619a11ee Fixed behaviour of contrib.auth.forms.PasswordResetForm when more than 
one User have the same e-mail address.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@5493 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2007-06-19 20:04:54 +00:00
Malcolm Tredinnick 44dd91ec6d Fixed #4015 -- Changed login() and logout() messages to update request.user if 
it is relevant. Thanks James Bennett, Vinay Sajip and Gary Wilson.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@5472 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2007-06-15 01:53:40 +00:00
Malcolm Tredinnick 74bab89178 Fixed #3379 -- Changed login() so that we update last_login when a user 
logs in. Thanks, arvin.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@5074 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2007-04-25 09:44:06 +00:00
Malcolm Tredinnick 2a7d9ef23f Fixed #3316 -- Added support for crypt hashing of passwords, mostly to support 
easy porting from existing Unix-based legacy apps. Thanks, axiak@mit.edu.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@5073 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2007-04-25 09:34:29 +00:00
Malcolm Tredinnick 5dfe74f221 Fixed #3185 -- Made values for login, logout and post-login redirect URLs 
configurable. This is a combined patch from Vasily Sulatskov, Marc Fargas and
Collin Grady.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@5072 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2007-04-25 08:49:57 +00:00
Malcolm Tredinnick 00cb6a1ba8 Fixed #4107 -- Marked a few more strings for translation. Thanks, Baptiste. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@5061 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2007-04-23 05:51:29 +00:00
Russell Keith-Magee bbeb62c9af Backwards-incompatible change -- Removed LazyDate helper class. To preserve existing functionality, query arguments can now be callable. Callable query arguments are evaluated with the query is evaluated. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@4985 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2007-04-09 13:28:09 +00:00
Adrian Holovaty c7f6cd0243 Added blank lines around Meta and Admin classes in django.contrib.auth.models 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@4945 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2007-04-07 04:21:31 +00:00
Adrian Holovaty 796b2304f3 Fixed #3773 -- Added app_label to Permission.__str__(), so that the admin permission list is easier to use with multiple permissions of the same name. Thanks, mrmachine 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@4823 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2007-03-25 21:28:59 +00:00
Malcolm Tredinnick 6c4757729b Revert [4485] in order to fix accidental mod_python breakage. Refs #2920. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@4486 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2007-02-11 23:50:35 +00:00
Russell Keith-Magee 0e924c70b1 Refs #2920 -- Replaced implicit uses of _() with explicit imports or calls to gettext(). At some point post 0.96, we need to remove the calls that put _ into the builtins. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@4485 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2007-02-11 06:20:52 +00:00
Russell Keith-Magee f9cdde0cb4 Fixed #3162 -- Added coded to catch and rethrow exceptions that are thrown by the views visited by the test client. Thanks, Ben <afternoon@uk2.net>. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@4482 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2007-02-11 00:23:31 +00:00
Adrian Holovaty 7180207328 Fixed #3166 -- Added admin 'Change user password' view. Thanks for the patch, SmileyChris 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@4266 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2006-12-30 07:16:25 +00:00
Adrian Holovaty 706fcec164 Copied django.forms to django.oldforms and changed all code to reference django.oldforms instead of django.forms. Updated docs/forms.txt to add 'Forwards-compatibility' section that says you should not be using django.oldforms for any new projects. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@4208 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2006-12-15 18:00:50 +00:00
Adrian Holovaty 41d11a685f Fixed #2968 -- Changed arguments to __import__ to use empty dictionary instead of empty string, for stricter compliance with Python library reference. Thanks for the patch, Yasushi Masuda 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@3951 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2006-10-30 20:50:27 +00:00
Adrian Holovaty fa49edc7bd Fixed #2890 -- Added default values of False for auth.User is_staff and is_superuser. Thanks for the suggestion, dummy@habmalnefrage.de 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@3930 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2006-10-24 20:45:28 +00:00
Adrian Holovaty 179d410a7a Fixed #2937 -- Added __eq__, __ne__ and __hash__ for AnonymousUser. Thanks, favo@exoweb.net 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@3924 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2006-10-24 16:42:03 +00:00
Russell Keith-Magee c3c090ab13 Fixes #2915 -- Fixed typo in validation error message. Thanks, Matt Riggott. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@3908 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2006-10-17 00:45:46 +00:00
Russell Keith-Magee fa4bb1b093 Clarified documentation to indicate that authenticating a user doesn't imply that they are active. Reinforced the fact that has_perm only returns true if user is active, and fixed a minor bug to that effect. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@3885 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2006-09-30 01:21:03 +00:00
Adrian Holovaty 2170110df9 Fixed #2704 -- Fixed error in create_superuser. It was failing for invalid usernames. Thanks for reporting, jmu 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@3864 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2006-09-26 15:28:07 +00:00
Malcolm Tredinnick 6b4eb8bb70 Removed an unnecessary import from r3857. I'd forgotten that _() was put into 
the global namespace.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@3863 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2006-09-26 13:59:10 +00:00
Malcolm Tredinnick 9b034d2746 Fixed #2816 -- Marked a couple more translatable strings. Thanks, ramiro. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@3847 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2006-09-26 03:42:27 +00:00
Adrian Holovaty 227626dcd0 Fixed typos and improved documentation for permission_required decorator addition from [3779] 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@3835 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2006-09-25 17:33:17 +00:00
Georg Bauer 182b5c5b5c fixed #2731: updated password change form to allow translation 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@3828 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2006-09-25 13:53:41 +00:00
Malcolm Tredinnick 9e05fc1598 Fixed #2770 -- Fixed a database connection leak in 
django.contrib.auth.handlers.modpython.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@3789 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2006-09-22 12:01:15 +00:00
Malcolm Tredinnick 6be701eba1 Fixed #2629 -- Added a permission_required decorator to 
django.contrib.auth.decorator. Thanks, dummy@habmalnefrage.de.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@3779 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2006-09-22 01:44:28 +00:00
Adrian Holovaty 3c5782287e Fixed #2702 -- Fixed LazyUser to store cache as attribute of request, not class. Thanks for the patch, jkocherhans 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@3754 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2006-09-12 17:30:47 +00:00
Adrian Holovaty a4bd32770c Fixed #2624 -- Fixed typo in docstring for Permission model. Thanks, david@dawninglight.net 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@3681 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2006-08-30 16:39:18 +00:00
Russell Keith-Magee 77ab11be45 Refs #2333 - Added 'test' target to django-admin script. Includes addition of --verbosity and --noinput options to django-admin, and a new TEST_RUNNER setting to control the tool used to execute tests. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@3660 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2006-08-27 12:46:39 +00:00
Adrian Holovaty fd5d923c6b Fixed #61 -- No more editing hashes when creating users via the admin. Created a special-case 'Add user' admin view. The change form still displays the hash, for the moment. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@3520 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2006-08-04 04:18:12 +00:00
Adrian Holovaty 954050c196 Removed bug from [3461] -- __name__ is not assignable 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@3478 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2006-07-28 21:24:19 +00:00
Adrian Holovaty 2a0af00524 Fixed #2375 -- Changed password_reset auth view to make e-mail template name variable. Thanks, treborhudson@gmail.com 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@3462 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2006-07-27 17:48:35 +00:00
Adrian Holovaty c7fa1fa56f Fixed #2388 -- login_required decorator now preserves docstring and name of decorated function. Thanks, derekgr@gmail.com 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@3461 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2006-07-27 17:41:28 +00:00
Adrian Holovaty 564d556519 Fixed #2405 -- Fixed recursion error in auth.views.logout(), caused by [3402]. Thanks, Jay Skabber 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@3431 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2006-07-23 23:14:36 +00:00
Jacob Kaplan-Moss 17d0bd1512 Fixed a bunch of spurious imports, typos, and other small errors turned up by a pass through PyFlakes. This covers about the first third of the errors. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@3411 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2006-07-21 17:11:13 +00:00
Adrian Holovaty c19ef69c5c Fixed #2368 -- Fixed KeyError when trying to log out more than once. Thanks, Gary Wilson 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@3402 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2006-07-20 20:26:10 +00:00
Malcolm Tredinnick c072c8dcd3 Fixed #2377 -- Imported ImproperlyConfigured exception into django.auth.models. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@3376 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2006-07-19 12:48:30 +00:00
Malcolm Tredinnick 51705f60b1 Fixed #2332 -- Introduced is_authenticated() method on User and AnonymousUser classes. Recommended its use over is_anonymous in the docs. Changed internal Django use to match this recommendation. Thanks to SmileyChris and Gary Wilson for the patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@3360 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2006-07-19 02:09:26 +00:00
Malcolm Tredinnick bd13190499 Fixed #2325 -- fix the authentication framework to work with new-style classes. 
Patch from Joseph Kocherhans.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@3346 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2006-07-14 03:09:02 +00:00
Adrian Holovaty f3a586a557 Fixed #2326 -- Fixed exception catching in django.contrib.auth.models. Thanks, mir@noris.de 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@3328 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2006-07-11 14:03:24 +00:00
Adrian Holovaty 435e8910ae Small edits to comments in contrib/auth/__init__.py 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@3257 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2006-07-03 02:12:59 +00:00
Jacob Kaplan-Moss aab3a418ac Merged multi-auth branch to trunk. See the authentication docs for the ramifications of this change. Many, many thanks to Joseph Kocherhans for the hard work! 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@3226 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2006-06-28 16:37:02 +00:00
Adrian Holovaty fb1c01b103 Fixed #1802 -- Fixed database integrity error when creating permission objects after renaming a model 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@3172 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2006-06-20 04:44:27 +00:00
Adrian Holovaty f67b629ada Fixed comma splice in auth.User model docstring 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@3169 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2006-06-20 04:14:10 +00:00
Malcolm Tredinnick b2e5c4ef02 Fixed #1422 -- Docstring improvements for the models in the admin app. Thanks 
akaihola.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@3167 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2006-06-20 04:07:32 +00:00
Adrian Holovaty 551a0272e6 Fixed #2189 -- Optimized auth.User.get_all_permissions() to use select_related behind the scenes to avoid multiple queries. Thanks, konrad@gwu.edu 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@3162 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2006-06-20 03:08:48 +00:00
Malcolm Tredinnick 2da4c4111e Fixed #1856 -- install content-type entries and auth permissions for 
models regardless of the presence of an inner Admin class. Patch from Mathew
Flanagan.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@3148 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2006-06-19 12:50:53 +00:00
Adrian Holovaty 29f55c8dbb Fixed #2106 -- Made collapse-block JavaScript translatable. Thanks, ramiro 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@3114 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2006-06-08 05:04:10 +00:00
Adrian Holovaty 2abfd5dd58 Fixed #2109 -- Convert old-style classes to new-style classes throughout Django. Thanks, Nicola Larosa 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@3113 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2006-06-08 05:00:13 +00:00
Adrian Holovaty 6dfea737f6 Made template names in django.contrib.auth.views passable as template_name argument to the view 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@3087 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2006-06-06 05:16:05 +00:00
Adrian Holovaty 16a07fe95b Fixed #1991 -- Changed AuthenticationForm to disallow users with is_active=False from logging in. Thanks, dave@rightround.com and germish@gmail.com 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@3058 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2006-06-02 04:42:10 +00:00
Adrian Holovaty a2fceea1e3 Changed auth.Permission.__str__() to use str() of self.content_type, not repr() 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@3035 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2006-06-01 03:33:34 +00:00
Adrian Holovaty 2f513e0f0e Added support to django/contrib/auth/handlers/modpython.py for setting DJANGO_SETTINGS_MODULE via a PythonOption instead of SetEnv 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@3012 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2006-05-31 02:09:07 +00:00
Adrian Holovaty be57a7fd1a Fixed #849 -- Improved login_required view decorator to save query-string parameters. Also added documentation on the django.contrib.auth.views.login view to docs/authentication.txt 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@2954 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2006-05-22 02:46:55 +00:00
Adrian Holovaty f94f0555bc Fixed #1726 -- Made django/contrib/auth/create_superuser.py a command-line function, and added docs 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@2841 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2006-05-05 03:08:29 +00:00
Adrian Holovaty f69cf70ed8 MERGED MAGIC-REMOVAL BRANCH TO TRUNK. This change is highly backwards-incompatible. Please read http://code.djangoproject.com/wiki/RemovingTheMagic for upgrade instructions. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@2809 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2006-05-02 01:31:56 +00:00
Adrian Holovaty 0c548516bc Fixed #1185 -- Fixed Python 2.4 bug in Django authentication mod_python handler. Thanks, Brian Ray 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@1853 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2006-01-08 05:10:51 +00:00
Adrian Holovaty 3cb20c45c7 Moved Apache auth handler to django/contrib/auth/handlers/modpython.py 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@1500 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2005-11-30 01:14:23 +00:00
Adrian Holovaty 5066fe528c Added django.contrib.auth, in preparation for moving stuff to it 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@1499 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2005-11-30 01:09:47 +00:00