Commit Graph

5698 Commits

Author SHA1 Message Date
Florian Apolloner 968a3d01fa Fixed CVE-2021-45115 -- Prevented DoS vector in UserAttributeSimilarityValidator.
Thanks Chris Bailey for the report.

Co-authored-by: Adam Johnson <me@adamj.eu>
2022-01-04 10:02:05 +01:00
Shubh1815 aecfc40c88 Fixed #33300 -- Ensured hidden elements are not displayed on small screens. 2021-12-30 07:57:36 +01:00
Mariusz Felisiak 361bb8f786
Refs #26872 -- Fixed wrapping of long choices in ModelAdmin.list_filter.
Regression in 269a767146.
2021-12-29 10:57:23 +01:00
David Smith 950d697b95
Refs #31617 -- Removed redundant title text in filter.html.
Unnecessary since 269a767146.

Title text should provide advisory information and should not be the
same or very similar to the element text.
2021-12-28 13:42:35 +01:00
Hannes Ljungberg 59a66f0512 Refs #33342 -- Deprecated ExclusionConstraint.opclasses. 2021-12-27 08:55:18 +01:00
Hannes Ljungberg 0e656c02fe Fixed #33342 -- Added support for using OpClass() in exclusion constraints. 2021-12-24 11:39:00 +01:00
David Smith a0d43a7a6e
Refs #31617 -- Changed dark mode primary-fg to give higher contrast to secondary. 2021-12-23 21:10:25 +01:00
Brenton Partridge 19fb838803 Fixed #32600 -- Fixed Geometry collections and Polygon segmentation fault on macOS ARM64. 2021-12-21 13:00:09 +01:00
Adam Johnson b0d16d0129 Changed signatures of setting_changed signal receivers. 2021-12-17 13:07:04 +01:00
ahmadekhalili bf7afe9c4e Fixed admin CSS for calendar widget for RTL languages.
Thanks Theodore Ni and Shai Berger for reviews.
2021-12-16 08:11:13 +01:00
mgaligniana ac5cc6cf01 Fixed #33316 -- Added pagination to admin history view. 2021-12-15 10:54:08 +01:00
mgaligniana ff0b81b56b Refs #33316 -- Moved paginator styles to base.css. 2021-12-15 10:54:08 +01:00
Jacob Walls 76ccce64cc Fixed #16063 -- Adjusted admin changelist searches spanning multi-valued relationships.
This reduces the likelihood of admin searches issuing queries with
excessive joins.
2021-12-15 08:14:19 +01:00
Adam Johnson 41329b9852
Improved wording in password validators docs and docstrings. 2021-12-13 18:53:07 +01:00
Shreya Bamne 8a4e506760 Fixed #19721 -- Allowed admin filters to customize the list separator. 2021-12-08 15:25:52 +01:00
Claude Paroz da7062be45
Removed unused map_options JS variable.
map_options is not referenced at all in OLMapWidget.js.

Unused since 2ebfda38e6.
2021-12-07 08:59:56 +01:00
Mariusz Felisiak 628b6a6869 Updated translations from Transifex.
This also fixes related i18n tests.

Forwardport of 4c5215ab03 from stable/4.0.x

Co-authored-by: Claude Paroz <claude@2xlibre.net>
2021-12-06 20:31:03 +01:00
Nick Pope 97e9a84d27 Removed unused country argument from GeoIP2._check_query().
Unused since its introduction in 79e68c225b.
2021-12-02 11:30:42 +01:00
Nick Pope 7d5058d870 Removed redundant GeoIP2._check_query() calls. 2021-12-02 11:30:42 +01:00
Nick Pope adcb3a7a27 Removed unused GeoIP2._cache attribute.
Unused since its introduction in 79e68c225b.
2021-12-02 11:30:32 +01:00
Nick Pope 31bef51d8e Moved unnecessary inner import in GeoIP2.geos(). 2021-12-02 11:27:33 +01:00
Mariusz Felisiak 5def7f3f74 Updated various links to HTTPS and new locations.
Co-Authored-By: Nick Pope <nick@nickpope.me.uk>
2021-12-02 11:27:29 +01:00
Claude Paroz 64c3f049ea Fixed #33047 -- Fixed CheckConstraint crash with GIS lookups on PostGIS and MySQL GIS backends.
Thanks Daniel Swain for the report and Arsalan Ghassemi for the initial
patch.

Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2021-11-30 20:06:29 +01:00
Claude Paroz 322a1a037d
Refs #25706 - Removed inline JavaScript from OpenLayers template.
This allows setting a Content-Security-Policy HTTP header.
2021-11-30 06:35:15 +01:00
Shubh1815 05e29da421 Fixed #32545 -- Improved admin widget for raw_id_fields for UUIDFields.
Co-Authored-By: Jerome Leclanche <jerome@leclan.ch>
2021-11-29 07:16:26 +01:00
Hasan Ramezani 24b316536a Fixed #33303 -- Changed messages' level tags on MESSAGE_TAGS setting change. 2021-11-26 07:09:31 +01:00
Shubh1815 51c24d8799 Fixed #33024 -- Fixed height of admin selector boxes in collapsed fieldset.
Thanks Tom Carrick for the review.
2021-11-25 07:57:19 +01:00
Álvaro Pelegrina Fernández 98352ddf3a
Fixed #33310 -- Removed unused rule from admin CSS.
Unused since 30e59705fc.
2021-11-23 21:14:36 +01:00
Simon Charette e06dc4571e Refs #33304 -- Enclosed aggregate ordering logic in an expression.
This greatly simplifies the implementation of contrib.postgres'
OrderableAggMixin and allows for reuse in Window expressions.
2021-11-23 07:28:27 +01:00
Shubh1815 bb223c6f78 Fixed #28357 -- Fixed ModelAdmin.prepopulated_fields on newly added stacked inline.
Thanks Jakob Köhler for the initial patch.
2021-11-16 12:24:56 +01:00
Maxim Piskunov 12fe3224f5 Fixed #33287 -- Made GeoJSON serializer use json.loads() instead of eval().
Thanks David Wyde for the report.
2021-11-15 20:34:33 +01:00
Claude Paroz 78163d1ac4 Moved RequestSite import to the toplevel. 2021-11-12 06:41:48 +01:00
Lie Ryan 05cde4764d Fixed #33269 -- Made AnonymousUser/PermissionsMixin.has_perms() raise ValueError on string or non-iterable perm_list. 2021-11-11 20:26:29 +01:00
Keryn Knight 4f8c7fd9d9 Fixed #32980 -- Made models cache related managers. 2021-11-08 08:44:12 +01:00
Mariusz Felisiak ba9ced3e9a
Fixed #33253 -- Reverted "Fixed #32319 -- Added ES module support to ManifestStaticFilesStorage."
This reverts commit 91e21836f6.

`export` and `import` directives have several syntax variants and not
all of them were properly covered.

Thanks Hervé Le Roy for the report.
2021-11-05 12:11:18 +01:00
Carlton Gibson 4816dc9428 Fixed #33237 -- Fixed detecting source maps in ManifestStaticFilesStorage for multiline files.
Switched regex to multiline mode in order to match per-line, rather
than against the whole file.

Thanks to Joseph Abrahams for the report.

Regression in 781b44240a.
2021-11-04 20:28:35 +01:00
Guilherme Martins Crocetti fc565cb539 Fixed #27147 -- Allowed specifying bounds of tuple inputs for non-discrete range fields. 2021-11-04 19:08:57 +01:00
Hannes Ljungberg a934d377af Fixed #33262 -- Fixed crash of conditional aggregation on Exists(). 2021-11-04 06:31:32 +01:00
Keryn Knight a697424969 Fixed #32996 -- Cached PathInfos on relations.
PathInfo values are ostensibly static over the lifetime of the object
for which they're requested, so the data can be memoized, quickly
amortising the cost over the process' duration.
2021-11-03 11:27:04 +01:00
Matteo Vitali 3f1f8b9376 Fixed #33182 -- Moved admin dark mode vars to separate stylesheet and template block. 2021-10-27 10:34:01 +02:00
David Smith 480191244d Fixed #25916 -- Added lastmod support to sitemap index view.
Co-authored-by: Matthew Downey <matthew.downey@webit.com.au>
2021-10-21 15:26:22 +02:00
Carlton Gibson 2ccc0b22db Fixed #33211 -- Updated tests for Selenium 4.0.0.
Replaced deprecated `find_element[s]_by_*()` usages, in favour of
`find_element[s]()` with an explicit `By`.
2021-10-21 14:37:16 +02:00
Carlton Gibson 8fa974fcdd Refs #33211 -- Added assertCountSeleniumElements() test helper. 2021-10-21 14:37:16 +02:00
Martin Svoboda cc4cb95bef Fixed #33008 -- Fixed prefetch_related() for deleted GenericForeignKeys.
Thanks Simon Charette for the implementation idea.
2021-10-14 12:37:03 +02:00
Ade Lee d10c7bfe56 Fixed #28401 -- Allowed hashlib.md5() calls to work with FIPS kernels.
md5 is not an approved algorithm in FIPS mode, and trying to instantiate
a hashlib.md5() will fail when the system is running in FIPS mode.

md5 is allowed when in a non-security context. There is a plan to add a
keyword parameter (usedforsecurity) to hashlib.md5() to annotate whether
or not the instance is being used in a security context.

In the case where it is not, the instantiation of md5 will be allowed.
See https://bugs.python.org/issue9216 for more details.

Some downstream python versions already support this parameter. To
support these versions, a new encapsulation of md5() has been added.
This encapsulation will pass through the usedforsecurity parameter in
the case where the parameter is supported, and strip it if it is not.

Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2021-10-12 08:58:27 +02:00
Christophe Henry b1b26b37af Fixed #33178 -- Made createsuperuser validate required fields passed in options in interactive mode. 2021-10-12 08:08:05 +02:00
Christophe Henry 4ff500f294 Refs #21755 -- Fixed createsuperuser crash for required foreign keys passed in options in interactive mode.
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2021-10-12 06:59:46 +02:00
Mariusz Felisiak da266b3c5c
Refs #29628, Refs #33178 -- Made createsuperuser validate password against required fields passed in options. 2021-10-12 06:21:14 +02:00
Christophe Henry df2d2bc95c Fixed #33151 -- Fixed createsuperuser crash for many-to-many required fields in non-interactive mode. 2021-10-07 12:37:16 +02:00
Maxim Milovanov 1c802ca2a9
Fixed #33156 -- Used sessionStorage to preserve quick filter for admin's navigation sidebar. 2021-10-06 09:01:31 +02:00