p31829507
/
django
mirror of https://github.com/django/django.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
33,050 Commits 28 Branches 411 Tags 641 MiB
Commit Graph

126 Commits

Author SHA1 Message Date
Simon Charette 47f18a7226 Refs #35326 -- Adjusted deprecation warning stacklevel in FileSystemStorage.OS_OPEN_FLAGS. 2024-08-28 11:44:05 -03:00
Mariusz Felisiak a57596e443 Refs #35658 -- Fixed test_create_file_field_from_another_file_field_in_memory_storage when run in reverse. 2024-08-15 08:52:19 +02:00
lucasesposito f16a9a556f Fixed #35658 -- Initialized InMemoryFileNode instances with a name. 2024-08-09 12:27:15 +02:00
Sarah Boyce 8deb6bb1fc
Fixed #35657 -- Made FileField handle db_default values. 2024-08-05 16:36:49 -03:00
Sarah Boyce 8d6a20b656 Fixed #35604, Refs #35326 -- Made FileSystemStorage.exists() behaviour independent from allow_overwrite. 
Partially reverts 0b33a3abc2.

Storage.exists(name) was documented to "return False if
the name is available for a new file." but return True if
the file exists. This is ambiguous in the overwrite file
case. It will now always return whether the file exists.

Thank you to Natalia Bidart and Josh Schneier for the
review.
 2024-07-24 14:55:10 +02:00
Natalia fe4a0bbe20 Fixed CVE-2024-39330 -- Added extra file name validation in Storage's save method. 
Thanks to Josh Schneier for the report, and to Carlton Gibson and Sarah
Boyce for the reviews.
 2024-07-09 09:21:19 -03:00
Ben Cail 0b33a3abc2 Fixed #35326 -- Added allow_overwrite parameter to FileSystemStorage. 2024-05-21 07:28:12 +02:00
nessita 34f329ecac
Added tests for Storage's generate_filename method. 2024-05-10 08:51:47 -03:00
Adam Zapletal eb2d49b734 Fixed #23759 -- Preserved all file extensions in Storage.get_available_name(). 2024-02-20 21:06:39 +01:00
Mariusz Felisiak d88ec42bd0
Used addCleanup() in tests where appropriate. 2023-12-31 10:01:31 +01:00
Mariusz Felisiak f72f420f17 Refs #26029 -- Removed DEFAULT_FILE_STORAGE and STATICFILES_STORAGE settings. 
This also removes django.core.files.storage.get_storage_class().

Per deprecation timeline.
 2023-09-18 22:12:40 +02:00
konsti 48a1929ca0
Removed unnecessary trailing commas in tests. 2023-08-22 12:42:57 +02:00
Liyang Zhang f9f9215d3e
Fixed some typos in comments, docstrings, and tests. 2023-03-20 08:07:23 +01:00
Matt Westcott ef85b6bf0b Fixed #34192 -- Preserved callable storage when it returns default_storage. 2023-01-23 10:29:17 +01:00
Jarosław Wygoda 32940d390a Refs #26029 -- Deprecated DEFAULT_FILE_STORAGE and STATICFILES_STORAGE settings. 2023-01-12 09:58:36 +01:00
Jarosław Wygoda 1ec3f0961f Fixed #26029 -- Allowed configuring custom file storage backends. 2023-01-12 06:20:57 +01:00
Francesco Panico 72efd840a8 Fixed #34110 -- Added in-memory file storage. 
Thanks Paolo Melchiorre, Carlton Gibson, and Mariusz Felisiak for
reviews.
 2023-01-10 10:56:59 +01:00
Francesco Panico 032c09c414 Refs #34110 -- Reorganized django.core.files.storage into a separate module. 2022-11-11 06:59:33 +01:00
Carlton Gibson bb61f0186d Refs #32365 -- Removed internal uses of utils.timezone.utc alias. 
Remaining test case ensures that uses of the alias are mapped
canonically by the migration writer.
 2022-03-24 06:29:50 +01:00
Mariusz Felisiak 7119f40c98 Refs #33476 -- Refactored code to strictly match 88 characters line length. 2022-02-07 20:37:05 +01:00
django-bot 9c19aff7c7 Refs #33476 -- Reformatted code with Black. 2022-02-07 20:37:05 +01:00
Florian Apolloner 6d343d01c5 Fixed CVE-2021-45452 -- Fixed potential path traversal in storage subsystem. 
Thanks to Dennis Brinkrolf for the report.
 2022-01-04 10:04:12 +01:00
David Smith 1024b5e74a Fixed 32956 -- Lowercased spelling of "web" and "web framework" where appropriate. 2021-07-29 06:24:12 +02:00
Jacob Walls ec2727efef Fixed #28154 -- Prevented infinite loop in FileSystemStorage.save() when a broken symlink with the same name exists. 2021-06-02 12:20:22 +02:00
Mariusz Felisiak b55699968f
Fixed #32718 -- Relaxed file name validation in FileField. 
- Validate filename returned by FileField.upload_to() not a filename
  passed to the FileField.generate_filename() (upload_to() may
  completely ignored passed filename).
- Allow relative paths (without dot segments) in the generated filename.

Thanks to Jakub Kleň for the report and review.
Thanks to all folks for checking this patch on existing projects.
Thanks Florian Apolloner and Markus Holtermann for the discussion and
implementation idea.

Regression in 0b79eb3691.
 2021-05-13 08:53:44 +02:00
Carlton Gibson a708f39ce6 Refs CVE-2021-31542 -- Skipped mock AWS storage test on Windows. 
The validate_file_name() sanitation introduced in
0b79eb3691 correctly rejects the example
file name as containing path elements on Windows. This breaks the test
introduced in 914c72be2a to allow path
components for storages that may allow them.

Test is skipped pending a discussed storage refactoring to support this
use-case.
 2021-05-06 07:04:52 +02:00
Florian Apolloner 0b79eb3691 Fixed CVE-2021-31542 -- Tightened path & file name sanitation in file uploads. 2021-05-04 08:44:42 +02:00
Daniyal 474cc420bf Refs #32508 -- Raised Type/ValueError instead of using "assert" in django.core. 2021-03-19 08:04:37 +01:00
Brian Helba 2d42e23b6d Fixed #31941 -- Corrected FileField.deconstruct() with a callable storage. 2020-09-02 11:06:18 +02:00
Mariusz Felisiak 8d7271578d Fixed CVE-2020-24583, #31921 -- Fixed permissions on intermediate-level static and storage directories on Python 3.7+. 
Thanks WhiteSage for the report.
 2020-09-01 09:17:23 +02:00
Carlton Gibson 94b32a20ef Refs #28184 -- Added test for FileField storage default. 
Co-authored-by: miigotu <miigotu@gmail.com>
 2020-04-08 11:26:17 +02:00
miigotu 210657b791 Fixed #28184 -- Allowed using a callable for FileField and ImageField storage. 2020-04-08 11:26:17 +02:00
Jon Dufresne 39791c8e6d Harmonized Windows checks in tests to a single style. 2019-11-06 15:14:30 +01:00
Hasan Ramezani 17752003a8 Refs #28428 -- Made FileSystemStorage.save() to support pathlib.Path. 2019-10-31 09:06:05 +01:00
Hasan Ramezani 0f2975534d Refs #28428 -- Added tests for using FileSystemStorage with pathlib.Path. 2019-10-31 08:52:15 +01:00
Oleg Kainov c574bec092 Fixed #25598 -- Added SCRIPT_NAME prefix to STATIC_URL and MEDIA_URL set to relative paths. 
Thanks Florian Apolloner for reviews.

Co-authored-by: Joel Dunham <Joel.Dunham@technicalsafetybc.ca>
 2019-09-25 19:47:03 +02:00
Claude Paroz d1c2e6dd04 Refs #28428 -- Made FileField.upload_to support pathlib.Path. 2019-08-18 20:34:58 +02:00
Claude Paroz af69842dbd Refs #28428 -- Added test for a callable FileField.upload_to that returns pathlib.Path. 2019-08-18 20:34:54 +02:00
Min ho Kim 65e86948b8 Corrected several typos in string literals and test names. 2019-08-07 11:23:14 +02:00
Jon Dufresne 290d8471bb Fixed #30147 -- Simplified directory creation with os.makedirs(..., exist_ok=True). 2019-01-31 12:53:36 -05:00
Jon Dufresne 7785e03ba8 Fixed #30137 -- Replaced OSError aliases with the canonical OSError. 
Used more specific errors (e.g. FileExistsError) as appropriate.
 2019-01-28 11:15:06 -05:00
Tim Graham 043bd70942 Updated test URL patterns to use path() and re_path(). 2018-12-31 10:47:32 -05:00
Tim Graham 98ef3829e9 Fixed #29890 -- Fixed FileSystemStorage crash if concurrent saves try to create the same directory. 
Regression in 632c4ffd9c.
 2018-10-31 19:28:11 -04:00
Jon Dufresne e90af8bad4 Capitalized "Python" in docs and comments. 2018-10-09 09:26:07 -04:00
Sergey Fedoseev 8ef8bc0f64 Refs #28909 -- Simplifed code using unpacking generalizations. 2018-09-28 09:57:12 -04:00
Jon Dufresne e7d7d47b93 Fixed ResourceWarning from unclosed test files. 
When running Django tests with Python warnings enabled.
 2018-07-10 12:26:19 +02:00
Jon Prindiville b4cba4ed62 Fixed #28144 -- Added FileSystemStorage.OS_OPEN_FLAGS to allow customization. 2018-06-29 15:51:59 -04:00
Claude Paroz 8e960c5aba Removed urllib2 reference in file storage tests 2018-04-27 14:02:39 +02:00
Jon Dufresne 2c69824e5a Refs #23968 -- Removed unnecessary lists, generators, and tuple calls. 2017-06-01 19:08:59 -04:00
Rajesh Veeranki 67e1afb4a8 Fixed #28224 -- Tested for SuspiciousOperation subclasses in Django's tests. 2017-05-25 08:19:01 -04:00