Commit Graph

10392 Commits

Author SHA1 Message Date
Mariusz Felisiak 0e02e496cd Added tests for using ArrayField's IndexTransform/SliceTransform on expressions with params. 2019-08-05 14:16:25 +02:00
Diederik van der Boor 25f21bd237 Fixed #28393 -- Added helpful error messages for invalid AutoField/FloatField/IntegerField values.
Co-authored-by: Diederik van der Boor <vdboor@edoburu.nl>
Co-authored-by: Nick Pope <nick.pope@flightdataservices.com>
2019-08-05 08:41:29 +02:00
aaktsipetrov 4edad1ddf6 Fixed #30668 -- Made QuerySet.filter() raise NotSupportedError if any of source expressions is not filterable. 2019-08-02 15:06:00 +02:00
Nick Pope 194d1dfc18 Fixed #30661 -- Added models.SmallAutoField. 2019-08-02 11:39:01 +02:00
zeyneloz 955b382600 Fixed #30599 -- Prevented ManifestFilesMixin.read_manifest() from silencing errors other than FileNotFoundError. 2019-08-02 08:35:28 +02:00
zeyneloz 246689452d Added test for handling of non-existent manifest in ManifestFilesMixin.read_manifest(). 2019-08-02 08:35:25 +02:00
Mariusz Felisiak ff111ea5e3 Refs #30664 -- Fixed migrations crash when altering AutoField/BigAutoField with quoted db_column on PostgreSQL. 2019-08-01 12:06:32 +02:00
Ngalim Siregar e4684220af Fixed #30664 -- Fixed migrations crash when altering table on SQLite or altering AutoField/BigAutoField on PostgreSQL for models with quoted db_table. 2019-08-01 12:06:32 +02:00
Florian Apolloner 76ed1c49f8 Fixed CVE-2019-14235 -- Fixed potential memory exhaustion in django.utils.encoding.uri_to_iri().
Thanks to Guido Vranken for initial report.
2019-08-01 09:24:54 +02:00
Mariusz Felisiak 7deeabc7c7 Fixed CVE-2019-14234 -- Protected JSONField/HStoreField key and index lookups against SQL injection.
Thanks to Sage M. Abdullah for the report and initial patch.
Thanks Florian Apolloner for reviews.
2019-08-01 09:24:54 +02:00
Florian Apolloner 4b78420d25 Fixed CVE-2019-14233 -- Prevented excessive HTMLParser recursion in strip_tags() when handling incomplete HTML entities.
Thanks to Guido Vranken for initial report.
2019-08-01 09:24:54 +02:00
Florian Apolloner 7f65974f82 Fixed CVE-2019-14232 -- Adjusted regex to avoid backtracking issues when truncating HTML.
Thanks to Guido Vranken for initial report.
2019-08-01 09:24:54 +02:00
Étienne Beaulé 5f24e7158e Fixed #30665 -- Added support for distinct argument to Avg() and Sum(). 2019-07-31 11:22:50 +02:00
Étienne Beaulé cb3c2da128 Moved test for distinct Count() to a separate test case. 2019-07-31 10:41:17 +02:00
Nick Pope f618e033ac Fixed #30160 -- Added support for LZMA and XZ templates to startapp/startproject management commands. 2019-07-31 10:02:13 +02:00
Nick Pope c95d063e77 Refs #30160 -- Simplified and improved tests for django.utils.archive.
The file executable should have 0o775 permission not only u=x.
The file no_permissions should have 0o644 u=r.
2019-07-31 09:46:24 +02:00
Hasan Ramezani e3fc9af4ab Refs #30593 -- Fixed introspection of check constraints columns on MariaDB. 2019-07-30 16:32:13 +02:00
Hasan Ramezani b2aad9ad4d Refs #30593 -- Added _parse_constraint_columns() hook to introspection on MariaDB. 2019-07-30 16:32:13 +02:00
Nick Pope 421c4cd2ee Removed redundant ArchiveTest.test_extract_method() test.
The extract() function has the same code as used in the test method
for Archive.extract().
2019-07-30 11:33:53 +02:00
Nick Pope 0509148c24 Refs #30160 -- Made destination path a required argument of extract(). 2019-07-30 11:27:56 +02:00
Jerrod Martin c7bef16a74 Fixed #30411 -- Improved formatting of text tracebacks in technical 500 templates.
Co-Authored-By: Daniel Hahler <git@thequod.de>
2019-07-29 11:09:54 +02:00
Claude Paroz 3c6d32e0b2 Fixed #30552 -- Fixed loss of SRID when calling reverse() on LineString/Point.
Thanks Mariusz Felisiak for contributing the Point part.
2019-07-27 20:12:46 +02:00
Jon Dufresne 4122d9d3f1 Refs #28147 -- Fixed setting of OneToOne and Foreign Key fields to None when using attnames.
Regression in 519016e5f2.
2019-07-27 12:04:56 +02:00
Jon Dufresne 619c9a4f49 Added tests for using attnames to assign OneToOne and Foreign Key fields. 2019-07-27 12:03:45 +02:00
Piotr Domanski 4b4e68a7a6 Fixed #30567 -- Made WSGIHandler pass FileResponse.block_size to wsgi.file_wrapper. 2019-07-26 07:31:51 +02:00
Hasan Ramezani 1853383969 Fixed #27995 -- Added error messages on unsupported operations following union(), intersection(), and difference(). 2019-07-25 12:39:55 +02:00
Jon Dufresne 5ed20b3aa3 Fixed #30657 -- Allowed customizing Field's descriptors with a descriptor_class attribute.
Allows model fields to override the descriptor class used on the model
instance attribute.
2019-07-25 08:15:20 +02:00
Tom Forbes fc75694257 Fixed #30647 -- Fixed crash of autoreloader when extra directory cannot be resolved. 2019-07-24 14:08:37 +02:00
Mariusz Felisiak fed5e19369
Removed unused BaseReloader.watch_file().
Unused since its introduction in c8720e7696.
2019-07-24 13:32:02 +02:00
Jon Dufresne d89053585e Improved error message when index in __getitem__() is invalid. 2019-07-23 20:12:08 +02:00
Tom Forbes 2ff517ccb6 Fixed #30506 -- Fixed crash of autoreloader when path contains null characters. 2019-07-23 10:03:23 +02:00
Min ho Kim 9f11939dd1 Fixed typos in comments and a test name. 2019-07-19 18:24:06 +02:00
Hasan Ramezani 1fc2c70f76 Fixed #30593 -- Added support for check constraints on MariaDB 10.2+. 2019-07-19 11:05:06 +02:00
Mads Jensen a3417282ac Fixed #29824 -- Added support for database exclusion constraints on PostgreSQL.
Thanks to Nick Pope and Mariusz Felisiak for review.

Co-Authored-By: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2019-07-16 18:04:41 +02:00
Mariusz Felisiak cf79f92abe
Simplified tests for PostgreSQL constraints. 2019-07-16 16:56:44 +02:00
Yann Sionneau e47b8293a7 Fixed #30636 -- Fixed options ordering when cloning test database on MySQL.
--defaults-file must be given before other options.
2019-07-16 07:25:43 +02:00
Hasan Ramezani 402e6d292f Fixed #30602 -- Made Extract raise ValueError when using unsupported lookups for DurationField. 2019-07-12 08:08:35 +02:00
Mariusz Felisiak 7a42cfcfdc
Refs #30557 -- Fixed crash of ordering by ptr fields when Meta.ordering contains F() expressions.
Thanks Can Sarıgöl for the report.

Follow up to 8c5f9906c5.
2019-07-11 13:40:36 +02:00
Hasan Ramezani 8c5f9906c5 Fixed #30557 -- Fixed crash of ordering by ptr fields when Meta.ordering contains expressions. 2019-07-11 11:24:59 +02:00
can 52545e788d Fixed #28289 -- Fixed crash of RawSQL annotations on inherited model fields. 2019-07-11 08:27:15 +02:00
atsuo ishimoto a9c6ab0356 Fixed #30619 -- Made runserver --nothreading use single threaded WSGIServer.
Browsers often use multiple connections with Connection: keep-alive.
If --nothreading is specified, the WSGI server cannot accept new
connections until the old connection is closed, causing hangs.

Force Connection: close when --nothreading option is used.
2019-07-10 13:22:17 +02:00
Johannes Hoppe 00d4e6f8b5 Updated Select2 to version 4.0.7. 2019-07-10 12:31:16 +02:00
Hasan Ramezani ed668796f6 Fixed #30543 -- Fixed checks of ModelAdmin.list_display for fields accessible only via instance.
Co-Authored-By: Andrew Simons <andrewsimons@bubblegroup.com>
2019-07-10 10:37:34 +02:00
Mariusz Felisiak 7991111af1
Fixed #30621 -- Fixed crash of __contains lookup for Date/DateTimeRangeField when the right hand side is the same type.
Thanks Tilman Koschnick for the report and initial patch.
Thanks Carlton Gibson the review.

Regression in 6b048b364c.
2019-07-10 10:33:36 +02:00
Simon Charette ee6e93ec87 Fixed #30628 -- Adjusted expression identity to differentiate bound fields.
Expressions referring to different bound fields should not be
considered equal.

Thanks Julien Enselme for the detailed report.

Regression in bc7e288ca9.
2019-07-10 07:46:08 +02:00
can febe136d4c Fixed #30397 -- Added app_label/class interpolation for names of indexes and constraints. 2019-07-08 14:57:56 +02:00
Mariusz Felisiak 8233144ca0 Changed django.db.models.indexes.Index imports to django.db.models.Index. 2019-07-08 14:19:46 +02:00
Johannes Hoppe bc91f27a86 Refs #29444 -- Added support for fetching a returned non-integer insert values on Oracle.
This is currently not actively used, since the ORM will ask the
SQL compiler to only return auto fields.
2019-07-08 08:53:08 +02:00
can 53209f7830 Fixed #30613 -- Moved index name validation to system checks. 2019-07-05 09:30:21 +02:00
Chason Chaffin c238e65e29 Fixed #30596 -- Fixed SplitArrayField.has_changed() for non-string base fields.
Thanks to Evgeniy Krysanov for the report and the idea to use to_python.
Thanks to Mariusz Felisiak for the test case.
2019-07-03 13:35:51 +02:00
Benjamin Woodruff 54dcfbc367 Fixed #29744 -- Fixed caching of URLResolver for a default URLconf.
get_resolver() for a default URLconf (passing no argument) and for
settings.ROOT_URLCONF should return the same cached object.
2019-07-03 11:37:28 +02:00
Chason Chaffin 55b68de643 Fixed #30608 -- Fixed non-unicode EmailMessage crash when domain name for localhost is non-ASCII.
Assisted by felixxm.
2019-07-03 10:49:03 +02:00
Hasan Ramezani a5308514fb Fixed #27801 -- Made createsuperuser fall back to environment variables for password and required fields. 2019-07-02 12:55:09 +02:00
Min ho Kim fbb83fefd4 Fixed typos in comments and docs. 2019-07-02 09:36:17 +02:00
Hasan Ramezani 090ca6512f Fixed #30604 -- Made mail_admins()/mail_managers() raise ValueError if ADMINS/MANAGERS is set incorrectly. 2019-07-02 07:34:07 +02:00
Hasan Ramezani 5d03f2bc01 Fixed #30595 -- Added error message when no objects found to sql* management commands. 2019-07-01 13:47:54 +02:00
Carlton Gibson 54d0f5e62f Fixed CVE-2019-12781 -- Made HttpRequest always trust SECURE_PROXY_SSL_HEADER if set.
An HTTP request would not be redirected to HTTPS when the
SECURE_PROXY_SSL_HEADER and SECURE_SSL_REDIRECT settings were used if
the proxy connected to Django via HTTPS.

HttpRequest.scheme will now always trust the SECURE_PROXY_SSL_HEADER if
set, rather than falling back to the request scheme when the
SECURE_PROXY_SSL_HEADER did not have the secure value.

Thanks to Gavin Wahl for the report and initial patch suggestion, and
Shai Berger for review.
2019-07-01 07:48:04 +02:00
Mariusz Felisiak 8fc8c958a5
Fixed broken selenium tests after 42b9a23267. 2019-06-30 20:35:05 +02:00
Jon Dufresne 42b9a23267 Fixed #30400 -- Improved typography of user facing strings.
Thanks Claude Paroz for assistance with translations.
2019-06-28 16:46:18 +02:00
Hasan Ramezani 2b03e8e9e8 Fixed #30584 -- Fixed management command when using subparsers with dest parameter. 2019-06-28 12:51:26 +02:00
can f03b7bd114 Fixed #28408 -- Added error message when updating with annotated expressions on joined fields.
Co-Authored-By: Simon Charette <charette.s@gmail.com>
2019-06-28 07:55:32 +02:00
Nadège Michel fb54aca540 Added test for serializing child model without inherited fields. 2019-06-27 15:10:22 +02:00
Nadège Michel 895b15771e Fixed #28725 -- Prevented serializing inherited ManyToManyFields in child model. 2019-06-27 15:10:22 +02:00
Mariusz Felisiak 4305fbe8b1
Fixed GeoIPTest.test04_city() failure with the latest GeoIP2 database. 2019-06-27 15:09:28 +02:00
Shubham Bhagat 26d16c07fd Fixed #30578 - Made SelectDateWidget respect a custom date format when USE_L10N is disabled. 2019-06-26 11:07:11 +02:00
nsasaki128 a289e79679 Fixed #30594 -- Added 'private' Cache-Control directive to never_cache() decorator. 2019-06-26 09:25:24 +02:00
Tom Forbes 8454f6dea4 Fixed #30588 -- Fixed crash of autoreloader when __main__ module doesn't have __file__ attribute. 2019-06-26 06:44:10 +02:00
Tim Gates 698df6a009 Fixed typos in test comments. 2019-06-25 11:12:45 +02:00
can 325d5d6445 Fixed #30477 -- Made reverse lookup use Field.get_db_prep_value() from the target field. 2019-06-25 10:20:33 +02:00
daniel a rios 76b993a117 Fixed #26431 -- Prevented django.urls.resolve() from returning missing optional parameters.
Previous behavior was inconsistent with django.urls.reverse() and
caused that translate_url() created an incorrect URL when an optional
parameter was missing.
2019-06-24 11:47:56 +02:00
daniel a rios d640c71fa3 Refs #26431 -- Added tests for resolving URL and translate_url() with provided optional parameter. 2019-06-24 11:30:26 +02:00
daniel a rios b24e763846 Added tests for terminated path with optional arguments in django.urls.reverse(). 2019-06-24 11:30:26 +02:00
Mariusz Felisiak 19895e897c
Refs #30451 -- Added asgiref to the tests requirements. 2019-06-24 08:10:23 +02:00
Nadège Michel 87b1ad6e73 Fixed #30421 -- Allowed symmetrical intermediate table for self-referential ManyToManyField. 2019-06-21 15:03:17 +02:00
Mariusz Felisiak a9179ab032
Fixed typo in BasicExpressionsTests.test_object_update_fk() test. 2019-06-21 12:00:42 +02:00
Mariusz Felisiak 7f19e37135 Refs #30451 -- Added more tests for ASGIRequest and ASGIHandler. 2019-06-20 12:29:58 +02:00
Andrew Godwin a415ce70be Fixed #30451 -- Added ASGI handler and coroutine-safety.
This adds an ASGI handler, asgi.py file for the default project layout,
a few async utilities and adds async-safety to many parts of Django.
2019-06-20 12:29:43 +02:00
Chris Jerdonek cce47ff65a Fixed #30565 -- Closed HttpResponse when wsgi.file_wrapper closes file-like object. 2019-06-20 11:48:49 +02:00
Jon Dufresne b903bb438f Refs #30485 -- Removed non-representative test that emitted a warning.
Previously, when running the Django test suite with warnings enabled,
the following was emitted:

    /usr/lib64/python3.7/urllib/parse.py:915: BytesWarning: str() on a bytearray instance
      v = quote_via(str(v), safe, encoding, errors)

This occurred due to the bytearray() being passed to
urllib.parse.urlencode() which eventually calls str() on it. The test
does not represent desired real world behavior. Rather than test for and
assert strange unspecified behavior that emits a warning, remove it.

This was also discussed in PR #11374.
2019-06-19 13:03:52 +02:00
can 2cbd3967e0 Fixed #29834 -- Fixed column mismatch crash with QuerySet.values()/values_list() and order_by() on combined querysets. 2019-06-19 12:11:28 +02:00
Mariusz Felisiak 14d026cccb
Fixed #30572 -- Prevented values()/values_list() on combined queryset from mutating the list of columns in querysets. 2019-06-19 10:44:53 +02:00
Mariusz Felisiak b08a18f17b
Fixed LiveWidgetTests.test_textarea_trailing_newlines() crash on Chrome 75+. 2019-06-18 11:38:51 +02:00
Min ho Kim 6e8303d49b Fixed typos in FakePayload docstring and SimplifiedURLTests test name. 2019-06-17 12:38:04 +02:00
Sanyam Khurana 87f5d07eed Fixed #12952 -- Adjusted admin log change messages to use form labels instead of field names. 2019-06-14 18:20:29 +02:00
Carlton Gibson 1564e42ad3 Refs #30512, #15042 -- Added local-only address to sanitize_email() tests cases.
email.headerregistry.parser.get_mailbox() returns a token with a `token_type` attribute.

If `token_type` is `’invalid-mailbox’` then RFC violations have been detected. Emails with only the local part, and no domain,  are correctly parsed but are marked as `’invalid-mailbox’`.

As per #15042, local-only are supported, to enable sending to addresses on localhost.

sanitize_email() does not currently check `token_type`. This test is added to avoid a regression in case this is revisited in the future.
2019-06-13 17:29:58 +02:00
Joachim Jablon 2628ea9515 Fixed #30512 -- Used email.headerregistry.parser for parsing emails in sanitize_address(). 2019-06-13 16:22:15 +02:00
can fde9b7d35e Fixed #30128 -- Fixed handling timedelta timezone in database functions. 2019-06-13 09:29:43 +02:00
Mariusz Felisiak 3dca8738cb
Simplified GISFunctionsTests.test_point_on_surface(). 2019-06-12 12:59:02 +02:00
Mariusz Felisiak b616f65855
Added missing support for PointOnSurface function on MariaDB. 2019-06-12 10:51:43 +02:00
Mariusz Felisiak 198a0adef2 Removed obsolete comment from GISFunctionsTests.test_asgeojson(). 2019-06-12 09:43:03 +02:00
Mariusz Felisiak 2e00119e39 Fixed GISFunctionsTests.test_asgeojson() crash on MariaDB 10.2+. 2019-06-12 09:43:03 +02:00
Jon Dufresne 9e38ed0536 Fixed #27486 -- Fixed Python 3.7 DeprecationWarning in intword and filesizeformat filters.
intword and filesizeformat passed floats to ngettext() which is
deprecated in Python 3.7. The rationale for this warning is documented
in BPO-28692: https://bugs.python.org/issue28692.

For filesizeformat, the filesize value is expected to be an int -- it
fills %d string formatting placeholders. It was likely coerced to a
float to ensure floating point division on Python 2. Python 3 always
does floating point division, so coerce to an int instead of a float to
fix the warning.

For intword, the number may contain a decimal component. In English, a
decimal component makes the noun plural. A helper function,
round_away_from_one(), was added to convert the float to an integer that
is appropriate for ngettext().
2019-06-11 20:34:59 +02:00
Jon Dufresne 53ea535f13 Refs #27486 -- Added tests for filesizeformat filter. 2019-06-11 20:18:36 +02:00
CruxBox 34f8eeea4a Fixed #30548 -- Improved exception when expression contains mixed types. 2019-06-10 19:48:53 +02:00
Aymeric Augustin 3ee0834a46 Fixed #30556 -- Avoided useless query and hasher call in ModelBackend.authenticate() when credentials aren't provided.
There's no need to fetch a user instance from the database unless
a username and a password are provided as credentials.
2019-06-10 11:12:31 +02:00
Jon Dufresne e065b29387 Refs #27804 -- Used subTest() in filesizeformat tests and HumanizeTests. 2019-06-10 08:46:11 +02:00
Hasan Ramezani dcb8f00d06 Fixed #29379 -- Added autocomplete attribute to contrib.auth.forms fields.
Thank you to Nick Pope for review.

Co-authored-by: CHI Cheng <cloudream@gmail.com>
2019-06-07 12:44:39 +02:00
Alexandre Varas c498f088c5 Fixed #30521 -- Fixed invalid HTML in default error pages. 2019-06-07 07:51:45 +02:00
Mariusz Felisiak 3fb0a1a67f Refs #30521 -- Added tests for content of default error pages. 2019-06-07 07:49:17 +02:00
Jon Dufresne d6ea4898c4 Fixed #30550 -- Fixed decoding of non-UTF-8 bytes objects in response.json(). 2019-06-07 06:40:15 +02:00