Commit Graph

12097 Commits

Author SHA1 Message Date
Florian Apolloner d4dcd5b9dd Fixed #30530, CVE-2021-44420 -- Fixed potential bypass of an upstream access control based on URL paths.
Thanks Sjoerd Job Postmus and TengMA(@te3t123) for reports.
2021-12-07 06:28:08 +01:00
Mariusz Felisiak 628b6a6869 Updated translations from Transifex.
This also fixes related i18n tests.

Forwardport of 4c5215ab03 from stable/4.0.x

Co-authored-by: Claude Paroz <claude@2xlibre.net>
2021-12-06 20:31:03 +01:00
Hannes Ljungberg 1eaf38fa87 Fixed #33335 -- Made model validation ignore functional unique constraints.
Regression in 3aa545281e.

Thanks Hervé Le Roy for the report.
2021-12-06 07:59:11 +01:00
Mariusz Felisiak d3a64bea51
Refs #33333 -- Fixed PickleabilityTestCase.test_annotation_with_callable_default() crash on Oracle.
Grouping by LOBs is not allowed on Oracle. This moves a binary field to
a separate model.
2021-12-04 15:55:03 +01:00
Maxim Piskunov d3f4c2b95d Fixed #33078 -- Added support for language regions in i18n_patterns(). 2021-12-03 12:57:06 +01:00
Mariusz Felisiak 4f7bbc6138 Refs #33078 -- Added extra assertions to MiscTests.test_get_language_from_path_real(). 2021-12-03 12:03:30 +01:00
Mariusz Felisiak 2c7846d992
Fixed #33333 -- Fixed setUpTestData() crash with models.BinaryField on PostgreSQL.
This makes models.BinaryField pickleable on PostgreSQL.

Regression in 3cf80d3fcf.

Thanks Adam Zimmerman for the report.
2021-12-03 11:56:22 +01:00
Mariusz Felisiak 5def7f3f74 Updated various links to HTTPS and new locations.
Co-Authored-By: Nick Pope <nick@nickpope.me.uk>
2021-12-02 11:27:29 +01:00
Simon Charette e5a92d400a Fixed #33282 -- Fixed a crash when OR'ing subquery and aggregation lookups.
As a QuerySet resolves to Query the outer column references grouping logic
should be defined on the latter and proxied from Subquery for the cases where
get_group_by_cols is called on unresolved expressions.

Thanks Antonio Terceiro for the report and initial patch.
2021-12-02 07:23:33 +01:00
Przemysław Suliga 4ce59f602e Fixed #30398 -- Added CONN_HEALTH_CHECKS database setting.
The CONN_HEALTH_CHECKS setting can be used to enable database
connection health checks for Django's persistent DB connections.

Thanks Florian Apolloner for reviews.
2021-12-01 07:44:48 +01:00
Claude Paroz 64c3f049ea Fixed #33047 -- Fixed CheckConstraint crash with GIS lookups on PostGIS and MySQL GIS backends.
Thanks Daniel Swain for the report and Arsalan Ghassemi for the initial
patch.

Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2021-11-30 20:06:29 +01:00
Chris Jerdonek 3ff7f6cf07 Refs #32800 -- Renamed _sanitize_token() to _check_token_format(). 2021-11-29 10:48:31 +01:00
Chris Jerdonek 5d80843ebc Fixed #32800 -- Changed CsrfViewMiddleware not to mask the CSRF secret.
This also adds CSRF_COOKIE_MASKED transitional setting helpful in
migrating multiple instance of the same project to Django 4.1+.

Thanks Florian Apolloner and Shai Berger for reviews.

Co-Authored-By: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2021-11-29 10:47:39 +01:00
Shubh1815 05e29da421 Fixed #32545 -- Improved admin widget for raw_id_fields for UUIDFields.
Co-Authored-By: Jerome Leclanche <jerome@leclan.ch>
2021-11-29 07:16:26 +01:00
Hannes Ljungberg ed2018037d Fixed #33322 -- Fixed loss of assigned related object when saving relation with bulk_update(). 2021-11-29 06:27:22 +01:00
Baptiste Mispelon 9ac92b1efc Refs #33301 -- Made SimpleTestCase.assertFormError()/assertFormsetErrors() raise ValueError for non test client responses. 2021-11-26 13:10:43 +01:00
Baptiste Mispelon 68144f4049 Added tests for SimpleTestCase.assertFormError()/assertFormsetErrors(). 2021-11-26 12:36:25 +01:00
Hasan Ramezani 24b316536a Fixed #33303 -- Changed messages' level tags on MESSAGE_TAGS setting change. 2021-11-26 07:09:31 +01:00
Ad Timmering 9a6e2df3a8 Fixed #32397 -- Made startapp/startproject management commands set User-Agent.
This sets User-Agent to 'Django/<version>'.
2021-11-25 20:36:04 +01:00
Shubh1815 51c24d8799 Fixed #33024 -- Fixed height of admin selector boxes in collapsed fieldset.
Thanks Tom Carrick for the review.
2021-11-25 07:57:19 +01:00
Ad Timmering 59f4796918 Fixed #4282 -- Made startapp/startproject management commands honor umask.
Co-authored-by: Christian Schmitt <c.schmitt@briefdomain.de>
2021-11-24 13:10:45 +01:00
mgaligniana 7f8f69fb38 Fixed #33298 -- Added docs and tests for using Q objects with get_object_or_404()/get_list_or_404(). 2021-11-24 09:28:21 +01:00
Tim Graham ddf321479b
Removed unneeded @skipUnlessDBFeature('supports_combined_alters').
The test acts a regression test for 715ccfde24
if the feature is True, but it works on other backends too.
2021-11-24 09:13:28 +01:00
Tim Graham 9772eaa6c0
Fixed typo in delete test docstring. 2021-11-24 09:04:54 +01:00
arsalan.ghassemi bdcda1ca9b Fixed #33309 -- Fixed QuerySet.distinct() crash on mixed case annotation. 2021-11-23 20:43:20 +01:00
Simon Charette aec71aaa5b Fixed #33304 -- Allowed passing string expressions to Window(order_by). 2021-11-23 07:58:44 +01:00
Baptiste Mispelon e6e664a711 Fixed #33302 -- Made element_id optional argument for json_script template filter.
Added versionchanged note in documentation
2021-11-22 11:52:19 +01:00
Baptiste Mispelon a0ed3cfad1 Fixed #33305 -- Fixed autodetector crash for ForeignKey with hardcoded "to" attribute.
Co-authored-by: Simon Charette <charette.s@gmail.com>
2021-11-22 06:46:25 +01:00
SwastikTripathi a7e7043c87 Fixed #33229 -- Fixed BaseDatabaseOperations.adapt_datetimefield_value()/adapt_timefield_value() crash with expressions. 2021-11-19 09:47:57 +01:00
Jonny Park 6fa2930573 Refs #24121 -- Added __repr__() to BaseDatabaseWrapper, JoinPromoter, and SQLCompiler. 2021-11-19 07:57:02 +01:00
Shubh1815 bb223c6f78 Fixed #28357 -- Fixed ModelAdmin.prepopulated_fields on newly added stacked inline.
Thanks Jakob Köhler for the initial patch.
2021-11-16 12:24:56 +01:00
Chris Jerdonek 3f0025c18a Refs #32800 -- Avoided use of _does_token_match() in some CSRF tests. 2021-11-16 11:21:30 +01:00
Chris Jerdonek 0820175d81 Refs #32800 -- Added CSRF tests for masked and unmasked secrets during GET. 2021-11-16 11:02:32 +01:00
SwastikTripathi 76f07b4fcf Fixed #33278 -- Improved error for connection/query attempts against disallowed databases in tests. 2021-11-15 11:46:10 +01:00
Simon Charette 483e30c3d5 Fixed #33288 -- Made SQLite introspection use information schema for relations.
Previous solution was using brittle and complex parsing rules to
extract them from the SQL used to define the tables.

Removed a now unnecessary unit test that ensured the removed parsing
logic accounted for optional spacing.
2021-11-15 08:07:07 +01:00
Simon Charette 30ec7fe89a Refs #33288 -- Made SQLite introspection raise DatabaseError on nonexistent tables.
All the other backends behave this way and we had to make adjustments
to our test suite to account for this discrepancy.

This also allows SQLite's get_relations() not to raise on a nonexistent
table while making sure the InspectDBTestCase.test_introspection_errors
test which ensures an error during introspection is surfaced in
generated models files still passes.
2021-11-15 07:57:00 +01:00
Krzysztof Jagiello 8d9827c06c Fixed #33161 -- Enabled durability check for nested atomic blocks in TestCase.
Co-Authored-By: Adam Johnson <me@adamj.eu>
2021-11-12 13:05:56 +01:00
Can Sarigol 661316b066 Fixed #33279 -- Fixed handling time zones with "-" sign in names.
Thanks yakimka for the report.

Regression in fde9b7d35e.
2021-11-12 07:30:02 +01:00
Lie Ryan 05cde4764d Fixed #33269 -- Made AnonymousUser/PermissionsMixin.has_perms() raise ValueError on string or non-iterable perm_list. 2021-11-11 20:26:29 +01:00
Ad Timmering 4bfe8c0eec Fixed #6106 -- Prevented makemessages from changing .po files when up to date.
Co-authored-by: Daniyal Abbasi <abbasi.daniyal98@gmail.com>
2021-11-11 09:12:05 +01:00
Mariusz Felisiak 0b95a96ee1
Removed DatabaseIntrospection.get_key_columns().
Thanks Simon Charette for the report.
2021-11-10 16:38:43 +01:00
Mariusz Felisiak 6bc437c0d8
Refs #33263 -- Added warning to BaseDeleteView when delete() method is overridden.
Follow up to 3a45fea083.
2021-11-09 09:03:40 +01:00
Jacob Walls 948d6d8805 Refs #16063 -- Added tests for searching against multiple related fields in admin changelist. 2021-11-09 07:00:36 +01:00
Baptiste Mispelon 91acfc3514 Fixed #33264 -- Made test runner return non-zero error code for unexpected successes. 2021-11-08 20:19:21 +01:00
Matthijs Kooijman 1a5023883b Fixed #33257 -- Fixed Case() and ExpressionWrapper() with decimal values on SQLite. 2021-11-08 18:02:56 +01:00
Keryn Knight 4f8c7fd9d9 Fixed #32980 -- Made models cache related managers. 2021-11-08 08:44:12 +01:00
Mariusz Felisiak ba9ced3e9a
Fixed #33253 -- Reverted "Fixed #32319 -- Added ES module support to ManifestStaticFilesStorage."
This reverts commit 91e21836f6.

`export` and `import` directives have several syntax variants and not
all of them were properly covered.

Thanks Hervé Le Roy for the report.
2021-11-05 12:11:18 +01:00
David Smith c6c6cd3c5a Fixed #33235 -- Removed "for = ..." from MultiWidget's <label>.
This improves accessibility for screen reader users.
2021-11-05 11:05:52 +01:00
Carlton Gibson 4816dc9428 Fixed #33237 -- Fixed detecting source maps in ManifestStaticFilesStorage for multiline files.
Switched regex to multiline mode in order to match per-line, rather
than against the whole file.

Thanks to Joseph Abrahams for the report.

Regression in 781b44240a.
2021-11-04 20:28:35 +01:00
Guilherme Martins Crocetti fc565cb539 Fixed #27147 -- Allowed specifying bounds of tuple inputs for non-discrete range fields. 2021-11-04 19:08:57 +01:00