Commit Graph

29923 Commits

Author SHA1 Message Date
Daniele Procida d79be3ed39 Refs #32880 -- Rearranged logging security notes.
Expanded security notes and moved them under a new explanation heading
of their own for future reference and expansion.

Removed specific reference to Sentry since there are multiple
third-party services that fulfill that role.
2021-06-28 11:46:37 +02:00
Dan Strokirk f5ea9aa2f3 Fixed #32807 -- Fixed JSONField crash when redisplaying None values.
Thanks to Alex Hill for the initial patch.
2021-06-28 11:02:08 +02:00
Nick Pope 66af94d56e Removed unnecessary json.loads() call in test_json_agg_empty(). 2021-06-28 09:22:23 +02:00
Nick Pope e8e8e207e7 Ensured that empty result test for JSONBAgg executes a query.
Use of QuerySet.none() will cause the EmptyQuerySet aggregation
optimisation to be used. Change the test to be implemented like the
other tests for empty results in this file.
2021-06-28 09:21:57 +02:00
Nick Pope 1aca9fc7d2 Corrected test method and variable names for JSONBAgg.
This is probably a hangover from when the aggregate function was
originally called JSONAgg during development.
2021-06-28 09:17:34 +02:00
Chris Jerdonek 5e60c3943b Refs #32800 -- Added CsrfViewMiddleware tests for all combinations of masked/unmasked cookies and tokens. 2021-06-28 08:31:30 +02:00
Chris Jerdonek defa8d3d87 Refs #32800 -- Made CsrfViewMiddlewareTestMixin._csrf_id_cookie and _csrf_id_token different.
This also renames CsrfViewMiddlewareTestMixin._csrf_id to _csrf_id_token.
2021-06-28 08:09:53 +02:00
Chris Jerdonek 2523c32d50 Refs #32800 -- Eliminated the need for separate _get_POST_bare_secret() methods. 2021-06-28 08:08:43 +02:00
Chris Jerdonek c8108591b9 Refs #32800 -- Added to csrf_tests/tests.py the unmasked version of the secret.
This also adds tests that the secret is correct, and updates existing
tests to use the value.
2021-06-28 07:59:22 +02:00
Claude Paroz 495083e3e1 Updated translations from Transifex.
Forwardport of 04b744050f from stable/3.2.x.
2021-06-28 07:08:39 +02:00
Daniele Procida e9fbd73480 Refs #32880 -- Improved some how-to notes in logging topic. 2021-06-26 13:39:07 +02:00
Mateo Radman 8a7ac78b70 Refs #32508 -- Raised ImproperlyConfigured/TypeError instead of using "assert" in various code. 2021-06-25 06:55:47 +02:00
Daniele Procida 64839512a6
Refs #32880 -- Improved some headings and text in logging topic. 2021-06-24 13:41:56 +02:00
Mariusz Felisiak 27e156fa31
Fixed ResourceWarning in test_client.tests.ClientTest.test_uploading_named_temp_file(). 2021-06-24 11:47:29 +02:00
Ben Wilber fff4870bfa Fixed #32727 -- Allowed spaces before time zone offset in parse_datetime(). 2021-06-24 10:07:55 +02:00
Chris Jerdonek fcb75651f9 Fixed #32817 -- Added the token source to CsrfViewMiddleware's bad token error messages. 2021-06-23 16:07:15 +02:00
Chris Jerdonek 1a284afb07 Refs #32817 -- Added tests for bad CSRF token provided via X-CSRFToken or custom header. 2021-06-23 16:07:07 +02:00
Chris Jerdonek 6837bd68a4 Refs #32817 -- Added post_token/meta_token/token_header arguments to _get_POST_csrf_cookie_request(). 2021-06-23 16:07:07 +02:00
Chris Jerdonek 999402f142 Refs #32817 -- Combined the bad-or-missing CSRF token tests. 2021-06-23 16:07:07 +02:00
Peter Inglesby 1bbb98d9a4 Fixed #32363 -- Ensured sys.__interactivehook__ is called in shell
By default, this means that readline is properly registered, so that
.python_history is used.

sys.__interactivehook__ may be set by a $PYTHONSTARTUP file.
2021-06-23 14:53:41 +02:00
tomhamiltonstubber 1e5aa8e1c7 Fixed #32790 -- Ensured test Client handles redirects to domain indexes without a specified trailing slash. 2021-06-23 12:32:29 +02:00
Adam Johnson d54059ebce
Removed options parameter from djangoAdminSelect2.
It seems this parameter has never been used internally, so to avoid
exposing a large surface area in the admin, remove it. As discussed in:
https://groups.google.com/g/django-developers/c/G-fDkNxhxsE/m/--RtGwmtAQAJ
2021-06-23 06:08:10 +02:00
Nicolas Restrepo bbb3965826 Refs #24121 -- Added __repr__() to StreamingHttpResponse and subclasses. 2021-06-22 21:28:48 +02:00
Hasan Ramezani 7a9745fed4 Fixed #32863 -- Skipped system check for specifying type of auto-created primary keys on models with invalid app_label.
Regression in b5e12d490a.

Thanks Iuri de Silvio for the report.
2021-06-22 20:47:15 +02:00
Tim Graham 1697098795
Fixed dash-separated deprecation warning in setup.cfg.
Deprecated in setuptools 54.1.0.
2021-06-22 12:51:04 +02:00
David Smith b9e872b593 Refs #32338 -- Removed 'for ="..."' from RadioSelect's <label>.
This improves accessibility for screen reader users.

Co-authored-by: Thibaud Colas <thibaudcolas@gmail.com>
2021-06-22 10:59:29 +02:00
Russell Keith-Magee 4f0a034b9e
Added a note about %autoawait off for IPython. 2021-06-22 10:23:03 +02:00
manav014 d718d99017 Refs #29898 -- Moved django.db.migrations.operations.utils to django.db.migrations.utils. 2021-06-22 09:26:18 +02:00
Igor Fernandes e85d9c02ad Fixed #32870 -- Improved error message when URLconf is empty. 2021-06-22 08:09:53 +02:00
Chris Jerdonek ee408309d2
Fixed #32842 -- Refactored out CsrfViewMiddleware._check_token(). 2021-06-22 07:42:28 +02:00
Mariusz Felisiak e07609a0d1 Refs #32858, Refs #32392 -- Restored using :: shortcut syntax in Cast() on PostgreSQL.
This partly reverts commit fdfbc66331
unnecessary since b69b0c3fe8.
2021-06-22 06:28:42 +02:00
Lucidiot b69b0c3fe8 Fixed #32858 -- Fixed ExclusionConstraint crash with index transforms in expressions. 2021-06-22 06:09:16 +02:00
Jacob Walls 501a371411 Fixed typo in makemessages error message. 2021-06-21 21:23:59 +02:00
Timothy McCurrach 4659a790cf Fixed #32860 -- Made docs permalinks focusable to improve accessibility. 2021-06-21 13:47:26 +02:00
Illia Volochii 5a468b4c08 Fixed #32859 -- Simplified compress_string() by using gzip.compress(). 2021-06-21 13:19:11 +02:00
Carlton Gibson 225d96533a Fixed #30427, Fixed #16176 -- Corrected setting descriptor in Field.contribute_to_class().
Co-authored-by: Jarek Glowacki <jarekwg@gmail.com>
2021-06-15 12:01:28 +02:00
Carlton Gibson 0c0240aba8 Refs #30427, Refs #16176 -- Added test for abstract model inheritance. 2021-06-15 11:42:52 +02:00
Chris Jerdonek 316cc34d04 Fixed comment in CsrfViewMiddleware to say _reject instead of reject. 2021-06-12 16:46:42 +02:00
Keryn Knight 854e9b0668 Fixed #32824 -- Improved performance of NodeList.render().
This avoids the following:
 - checking that each item in the nodelist is a subclass of Node,
 - calling str() on the render_annotated() output, because it's
   documented that Node.render() must return a string,
 - calling mark_safe() on the output, when the value to be wrapped is
   definitively known to be a string because the result of ''.join()
   is always of that type,
 - using an intermediate list to store each individual string.
2021-06-11 12:22:06 +02:00
Jacob Walls 2dfc1066a0 Fixed #25250 -- Clarified partially recorded state of squashed migrations in showmigrations --list. 2021-06-11 09:35:42 +02:00
Chris Jerdonek de4f620183 Fixed #32609 -- Updated runtests.py to support directory path test labels.
For example, with this change, the following now works from the tests
directory:

    $ ./runtests.py view_tests/tests/
2021-06-10 20:19:30 +02:00
Mariusz Felisiak fa0433d05f Fixed #32832 -- Fixed adding BLOB/TEXT nullable field with default on MySQL 8.0.13+.
Regression in d4ac23bee1.

Thanks Omkar Deshpande for the report.
2021-06-10 20:03:43 +02:00
Mariusz Felisiak 57bc16b38e Refs #32503 -- Added release notes for 5e04e84d67. 2021-06-10 20:03:43 +02:00
Mariusz Felisiak 8b4983cfd4
Fixed typo in tests/test_runner/test_discover_runner.py. 2021-06-10 13:25:05 +02:00
saeedblanchette 66ed03e7c9 Refs #24121 -- Added __repr__() to AdminForm, BlockContext, BlockTranslateNode, and IncludeNode. 2021-06-10 12:47:53 +02:00
Ceesjan Luiten cb6c19749d Refs #27734 -- Prevented creation of more parallel workers than TestCases.
The parallel test runner uses multiple workers to distribute the
workload. These workers are assigned a worker ID using a globally
incremented variable, which determines what test database to connect
to. When the worker ID surpasses the test database IDs Django will
crash.

This reduce likelihood of crashing parallel tests because
ParallelTestSuite will no longer create more workers than TestCases.

It won't eliminate the problem completely though because there are
other circumstances in which new workers can be created which can then
be assigned an "illegal" worker ID.
2021-06-10 07:32:15 +02:00
Hasan Ramezani ed3af3ff4b
Fixed #32829 -- Updated help text for clearsessions management command.
Obsolete since 5fec97b9df.
2021-06-09 12:08:59 +02:00
Angus Holder 3e73c65ffc Fixed #32195 -- Added system check for invalid view in path() and improved error messages. 2021-06-09 09:06:42 +02:00
Mariusz Felisiak 8f89454bbc Refs #32195 -- Added path() test for invalid view. 2021-06-09 08:58:41 +02:00
Mariusz Felisiak fcd44b889f
Refs #14357 -- Updated docs about interaction between aggregations and QuerySet.order_by().
Obsolete since 0ddb4ebf7b.
2021-06-08 16:39:00 +02:00