Commit Graph

2197 Commits

Author SHA1 Message Date
Florian Apolloner 67b46ba701 Fixed CVE-2016-2513 -- Fixed user enumeration timing attack during login.
This is a security fix.
2016-03-01 11:25:28 -05:00
Tim Graham 22d2a5b00a Corrected a run on sentence in doc/topics/db/models.txt. 2016-02-25 14:22:41 -05:00
Tim Graham 7a7e403325 Refs #26270 -- Reorganized TestCase docs. 2016-02-25 07:58:22 -05:00
Olivier Le Thanh Duong 10781b4c6f Fixed #12233 -- Allowed redirecting authenticated users away from the login view.
contrib.auth.views.login() has a new parameter `redirect_authenticated_user`
to automatically redirect authenticated users visiting the login page.

Thanks to dmathieu and Alex Buchanan for the original code and to Carl Meyer
for the help and review.
2016-02-25 07:18:33 -05:00
Tim Graham 441c537b66 Fixed a function signature in docs/topics/auth/default.txt. 2016-02-24 16:24:33 -05:00
Tim Graham 6637cd0ef2 Removed docs of deprecated SimpleTestCase warnings behavior.
Removed in Django 1.7 (4f6be9a0c4).
2016-02-24 09:57:39 -05:00
Tim Graham 47b5a6a43c Fixed #26187 -- Removed weak password hashers from PASSWORD_HASHERS. 2016-02-22 18:59:23 -05:00
Markus Holtermann b14470c7b7 Fixed spelling error 2016-02-23 10:24:38 +11:00
Tim Graham 5a541e2e6c Fixed #26188 -- Documented how to wrap password hashers. 2016-02-22 17:21:45 -05:00
Daniel Quinn de7edc005f Fixed import location of check_password() in docs. 2016-02-22 12:42:47 -05:00
Tim Graham 032f5a7896 Refs #25735 -- Made @tag decorator importable from django.test. 2016-02-19 14:21:00 -05:00
Berker Peksag f0425c7260 Refs #19353 -- Added tests for using custom user models with built-in auth forms.
Also updated topics/auth/customizing.txt to reflect that subclasses of
UserCreationForm and UserChangeForm can be used with custom user models.

Thanks Baptiste Mispelon for the initial documentation.
2016-02-17 10:26:07 -05:00
Jakub Paczkowski d4dc775620 Fixed #25735 -- Added support for test tags to DiscoverRunner.
Thanks Carl Meyer, Claude Paroz, and Simon Charette for review.
2016-02-17 09:44:18 -05:00
Jon Dufresne fcd08c1757 Fixed #11665 -- Made TestCase check deferrable constraints after each test. 2016-02-13 06:53:39 -05:00
Camilo Nova a6f856df52 Added import in docs/topics/email.txt example. 2016-02-12 13:44:38 -05:00
Tim Graham 004ba0f99e Removed unneeded hint=None/obj=None in system check messages. 2016-02-12 13:01:25 -05:00
Markus Holtermann 228427ab1a Fixed allow_migrate() signature in documentation 2016-02-12 14:16:03 +11:00
Johannes Linke 02430ef19d Fixed #26111 -- Clarified that fixtures are loaded once per TestCase. 2016-02-11 18:45:40 -05:00
Becka R cf48962b36 Clarified "database column type" explanation. 2016-02-11 18:26:46 -05:00
Tim Graham 1d86d4c72b Updated instructions for gettext on Windows. 2016-02-11 08:45:55 -05:00
Tim Graham f2b45ddd99 Fixed #26206 -- Fixed docs comments causing empty code blocks. 2016-02-11 07:58:15 -05:00
Hugo Osvaldo Barrera dcee1dfc79 Fixed #12405 -- Added LOGOUT_REDIRECT_URL setting.
After a user logs out via auth.views.logout(), they're redirected
to LOGOUT_REDIRECT_URL if no `next_page` argument is provided.
2016-02-04 10:35:37 -05:00
Tim Graham 1e9150443e Refs #26089 -- Removed obsolete docs about custom user model testing. 2016-02-02 08:12:08 -05:00
Harry 0fb1185538 Fixed #26152 -- Documented how to avoid django.setup() deadlock in standalone scripts. 2016-02-01 13:40:53 -05:00
Tim Graham 8ce8beb3f2 Unified some doc links to OneToOneField and ManyToManyField. 2016-02-01 11:02:26 -05:00
rowanv a6ef025dfb Fixed #26124 -- Added missing code formatting to docs headers. 2016-02-01 10:42:05 -05:00
Tim Graham 9a5c94588e Added a missing session setting in docs. 2016-01-29 15:04:49 -05:00
James Pulec f05722a08a Fixed #25354 -- Added class/app_label interpolation for related_query_name. 2016-01-28 11:10:47 -05:00
Yoong Kang Lim 31817dd2eb Fixed #26136 -- Removed URL reversing by dotted path from JavaScript catalog example. 2016-01-27 08:58:12 -05:00
Tim Graham 8e6a08e937 Refs #26142 -- Documented that Formset's extra=0 doesn't prevent creating objects. 2016-01-26 19:12:01 -05:00
Chris Lamb abc0777b63 Fixed #25968 -- Changed project/app templates to use a "py-tpl" suffix.
Debian packages unconditionally byte-compile .py files on installation and
do not silence errors by design. Therefore, we need a way of shipping these
invalid .py files without a .py extension but ensuring that when we
template them, they end up as .py.

We don't special-case .py files so that the all the TemplateCommand
command-line options (eg. extra_files and extensions) still work entirely
as expected and it may even be useful for other formats too.
2016-01-25 12:39:06 -05:00
Tim Graham 9c43d8252a Fixed Sphinx highlight warnings in docs. 2016-01-25 11:57:14 -05:00
Tim Graham b0b45f9a83 Fixed #26132 -- Discouraged use of TransactionTestCase.fixtures. 2016-01-25 06:51:39 -05:00
Elif T. Kus bca9faae95 Fixed #26020 -- Normalized header stylings in docs. 2016-01-22 12:12:17 -05:00
Tim Graham e519aab43a Fixed #23868 -- Added support for non-unique django-admin-options in docs.
Also documented missing short command line options to fix #24134. This bumps
the minimum sphinx version required to build the docs to 1.3.4.

Thanks Simon Charette for review.
2016-01-14 18:21:33 -05:00
Tim Graham 5b94b17fef Fixed #25999 -- Removed promotion of RemovedInNextVersionWarning to loud by default. 2016-01-14 09:05:43 -05:00
pp b34ff66e5b Added missing period to "etc.". 2016-01-11 18:05:15 -05:00
Tim Graham 294d0d8815 Fixed #26048 -- Made admin selenium tests use implicitly_wait() 2016-01-11 14:16:17 -05:00
Varun Sharma 3d6474e1a5 Fixed #25385 -- Allowed importing views.generic.View from views.View. 2016-01-11 08:18:44 -05:00
Flavio Curella 0bc5cd6280 Fixed #25684 -- Made runserver use logging for request/response output.
Thanks andreif for the contributing to the patch.
2016-01-11 07:35:17 -05:00
bmsleight 8715205c5c Fixed a typo in a modelforms docs example. 2016-01-09 13:00:59 -05:00
anabelensc 4c1fab0f29 Added a missing bracket in a queries docs example. 2016-01-09 12:17:21 -05:00
Paulo Poiati b643386668 Fixed #24855 -- Allowed using contrib.auth.login() without credentials.
Added an optional `backend` argument to login().
2016-01-07 08:56:07 -05:00
Jarek Glowacki d8b651a544 Added missing step to transitioning squashed migrations. 2016-01-04 10:35:45 -05:00
Tim Graham 98839e9066 Removed British/Austrialian word: whilist. 2015-12-31 14:29:52 -05:00
Marten Kenbeek 16411b8400 Fixed #26013 -- Moved django.core.urlresolvers to django.urls.
Thanks to Tim Graham for the review.
2015-12-31 14:21:29 -05:00
Tim Graham dbb0df2a0e Fixed #25985 -- Updated signature of ModelAdmin.formfield_for_* to make request a positional argument. 2015-12-29 12:49:14 -05:00
Alexander Sosnovskiy 2a7ce34600 Fixed #14286 -- Added models.BigAutoField. 2015-12-25 20:01:31 -05:00
Varun Sharma 483e0091e3 Fixed #25959 -- Updated logging example to use the django logger. 2015-12-24 10:07:21 -05:00
Chris Lamb 77b8d8cb6d Discouraged use of /tmp with predictable names.
The use of predictable filenames in /tmp often leads to symlink attacks
so remove the most obvious use of them in the docs.
2015-12-24 09:54:33 -05:00