Commit Graph

12297 Commits

Author SHA1 Message Date
Mariusz Felisiak a46bc327e7
Refs #11293 -- Added test for filtering aggregates with negated & operator. 2022-03-04 09:51:52 +01:00
Adam Johnson b811364421 Refs #33446 -- Allowed variable whitespace in CSS source map references.
Follow up to dc8bb35e39.

The Webpack default is to output CSS source map comments like
`/*# sourceMappingURL=main.css.map*/`. Also, Chromium allows tabs.
2022-03-04 06:22:28 +01:00
Keryn Knight 9bde906fb2 Refs #10188 -- Added tests for BadHeaderErrors when HTTP header with newlines cannot be encoded/decoded. 2022-03-02 20:23:39 +01:00
Mariusz Felisiak 445b075def
Fixed #33547 -- Fixed error when rendering invalid inlines with readonly fields in admin.
Regression in de95c82667.

Thanks David Glenck for the report.
2022-03-01 08:09:58 +01:00
Hrushikesh Vaidya 119f227aa6 Fixed #33524 -- Allowed overriding empty_label for ForeignKey in ModelAdmin.radio_fields. 2022-02-28 13:28:21 +01:00
Mariusz Felisiak 26c166c3b0
Added test for removing through model from ManyToManyField. 2022-02-25 22:01:27 +01:00
Albert Defler 2b6a3baebe Fixed #31486 -- Deprecated passing unsaved objects to related filters.
Co-Authored-By: Hasan Ramezani <hasan.r67@gmail.com>
2022-02-25 07:51:37 +01:00
Shubh1815 11cc227344 Fixed #33267 -- Added link to related item to related widget wrapper in admin. 2022-02-25 06:33:05 +01:00
Albert Defler 18245b948b Refs #7488, Refs #19524 -- Removed obsolete ModelInheritanceTest.test_issue_7488() test.
Obsolete since e9c24bef74.
2022-02-24 09:55:02 +01:00
Anders Kaseorg 7f4fc5cbd4 Fixed #33539 -- Fixed spaces in WITH SQL for indexes on PostgreSQL. 2022-02-24 09:03:58 +01:00
mgaligniana fe7dbef586 Fixed #28889 -- Prevented double submission of admin forms.
Added a JavaScript confirm() to catch double-submissions, when the
change form has already been submitted.

Thanks to Adam Johnson, Claude Paroz, Keryn Knight, and Thibaud Colas
for review.
2022-02-23 14:57:34 +01:00
Mariusz Felisiak d11944be34
Refs #33476 -- Added warning to optimizemigration/squashmigrations commands when black cannot be applied. 2022-02-23 07:29:15 +01:00
David Wobrock 7c318a8bdd Fixed #27844 -- Added optimizemigration management command. 2022-02-22 10:30:40 +01:00
Nick Pope 847f46e9bf
Removed redundant QuerySet.all() calls in docs and tests.
Most QuerySet methods are mapped onto the Manager and, in general,
it isn't necessary to call .all() on the manager.
2022-02-22 10:29:38 +01:00
Albert Defler 7ba6ebe914 Fixed #19580 -- Unified behavior of reverse foreign key and many-to-many relations for unsaved instances. 2022-02-22 09:16:40 +01:00
nabil-rady b7f263551c Refs #33517 -- Prevented __second lookup from returning fractional seconds on PostgreSQL. 2022-02-22 07:26:44 +01:00
Theo Alexiou 659d2421c7 Fixed #20296 -- Prevented mark_safe() from evaluating lazy objects. 2022-02-21 10:11:26 +01:00
Mariusz Felisiak 1299bc33e1
Refs #33526 -- Made CSRF_COOKIE_SECURE/SESSION_COOKIE_SECURE/SESSION_COOKIE_HTTPONLY don't pass on truthy values. 2022-02-21 07:54:47 +01:00
saeedblanchette e559070a7a Fixed #33518 -- Added RemovedAfterNextVersionWarning. 2022-02-21 06:23:41 +01:00
David Smith fac3dd7f39
Refs #33173 -- Fixed MailTests.test_backend_arg() on Windows and Python 3.11+. 2022-02-19 20:36:01 +01:00
Hasan Ramezani 9ac3ef59f9 Fixed #33379 -- Added minimum database version checks.
Thanks Tim Graham for the review.
2022-02-18 13:37:49 +01:00
My-Name-Is-Nabil 3079133c73 Fixed #33514 -- Added fallbacks to subsequent language codes in Select2 translations. 2022-02-18 08:34:49 +01:00
Matthias Kestenholz b2ed0d78f2 Refs #28358 -- Fixed infinite recursion in LazyObject.__getattribute__().
Regression in 97d7990abd.

Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
Co-authored-by: Theo Alexiou <theofilosalexiou@gmail.com>
2022-02-17 14:52:17 +01:00
Mariusz Felisiak 1e2e1be02b
Fixed #33515 -- Prevented recreation of migration for ManyToManyField to lowercased swappable setting.
Thanks Chris Lee for the report.

Regression in 4328970780.

Refs #23916.
2022-02-16 21:09:24 +01:00
Theo Alexiou 97d7990abd Fixed #28358 -- Prevented LazyObject from mimicking nonexistent attributes.
Thanks Sergey Fedoseev for the initial patch.
2022-02-16 10:51:15 +01:00
Carlton Gibson 236e6cb588 Refs #31407 -- Handled potential exception in test cleanup.
The test view may not be called when running the tests with
--parallel=2 or greater. Catch the AttributeError for this case.
2022-02-15 14:38:19 +01:00
Baptiste Mispelon f7e0bffa2e Refs #33348 -- Made SimpleTestCase.assertFormError() raise ValueError when "field" is passed without "form_index". 2022-02-15 10:30:20 +01:00
Mariusz Felisiak d4c9dab74b Refs #33348 -- Fixed SimpleTestCase.assertFormError() error message raised for unbound forms. 2022-02-15 10:16:06 +01:00
Baptiste Mispelon d84cd91e90 Refs #33348 -- Improved messages raised by SimpleTestCase.assertFormError()/assertFormsetErrors().
This makes messages use BaseFormSet/BaseForm.__repr__() instead of
context, and adds the _assert_form_error() helper.
2022-02-15 07:15:44 +01:00
Baptiste Mispelon 9bb13def5d Refs #33348 -- Made SimpleTestCase.assertFormsetErrors() raise an error when form_index is too big. 2022-02-14 12:46:46 +01:00
Baptiste Mispelon 261885e4c1 Simplified SimpleTestCase.assertFormError()/assertFormsetErrors() calls in admin_views tests. 2022-02-14 11:34:58 +01:00
Baptiste Mispelon 1f749d6f12 Fixed field name in admin_views.tests.UserAdminTest.test_password_mismatch() assertion. 2022-02-14 11:29:45 +01:00
Baptiste Mispelon 7986028e3f Refs #33348 -- Made SimpleTestCase.assertFormError()/assertFormsetErrors() raise an error for unbound forms/formsets. 2022-02-14 08:43:46 +01:00
rafrafek cdd4ff67d2 Refs #25684 -- Removed double newline from request/response output of runserver.
Follow up to 0bc5cd6280.
2022-02-14 06:55:34 +01:00
Mariusz Felisiak 3702819227
Refs #32502 -- Avoided table rebuild when removing fields on SQLite 3.35.5+.
ALTER TABLE ... DROP COLUMN was introduced in SQLite 3.35+ however
a data corruption issue was fixed in SQLite 3.35.5.
2022-02-11 22:21:58 +01:00
Carlton Gibson d113b5a837 Refs #33476 -- Made management commands use black.
Run black on generated files, if it is available on PATH.
2022-02-11 12:23:26 +01:00
Theo Alexiou f9ec777a82 Fixed #26287 -- Added support for addition operations to SimpleLazyObject. 2022-02-10 11:24:51 +01:00
Claude Paroz 4c76ffc2d6 Fixed #29490 -- Added support for object-based Media CSS and JS paths. 2022-02-10 08:48:27 +01:00
Damian Posener 09e499a39e Fixed #33501 -- Made order_with_respect_to respect database routers. 2022-02-09 13:31:49 +01:00
Aaron Chong 2d472ad05c Fixed #33495 -- Improved debug logging message about adapting handlers for middlewares.
It's the wrapped handler that's adapted to the wrapping middleware.
2022-02-09 12:10:26 +01:00
Simon Charette d35ce682e3 Fixed #33506 -- Made QuerySet.bulk_update() perform atomic writes against write database.
The lack of _for_write = True assignment in bulk_update prior to
accessing self.db resulted in the db_for_read database being used to
wrap batched UPDATEs in a transaction.

Also tweaked the batch queryset creation to also ensure they are
executed against the same database as the opened transaction under all
circumstances.

Refs #23646, #33501.
2022-02-09 11:14:50 +01:00
Mariusz Felisiak 7119f40c98 Refs #33476 -- Refactored code to strictly match 88 characters line length. 2022-02-07 20:37:05 +01:00
django-bot 9c19aff7c7 Refs #33476 -- Reformatted code with Black. 2022-02-07 20:37:05 +01:00
Mariusz Felisiak f68fa8b45d Refs #33476 -- Changed quotation marks in DebugViewTests.test_template_exceptions().
This prevents a failure after reformatting the code with Black.
2022-02-07 20:36:04 +01:00
Mariusz Felisiak 6f185a53a2
Refs #33482 -- Fixed QuerySet selecting and filtering againts negated Exists() with empty queryset.
Regression in b7d1da5a62.
2022-02-07 20:34:21 +01:00
Carlton Gibson 4b8e9492d9 Refs #32559 -- Added selenium test for FloatField client-side validation.
step="any" is required for non-integer values. See:
https://developer.mozilla.org/en-US/docs/Web/HTML/Element/input/number#step

Covers behaviour added in 7ec2a21be1.
2022-02-03 13:50:37 +01:00
Hrushikesh Vaidya 832adb31f2 Fixed #33473 -- Fixed detecting changes by autoreloader in .py files inside template directories. 2022-02-03 11:22:45 +01:00
Mariusz Felisiak c5cd878382
Refs #33476 -- Refactored problematic code before reformatting by Black.
In these cases Black produces unexpected results, e.g.

def make_random_password(
    self,
    length=10,
    allowed_chars='abcdefghjkmnpqrstuvwxyz' 'ABCDEFGHJKLMNPQRSTUVWXYZ' '23456789',
):

or

cursor.execute("""
SELECT ...
""",
    [table name],
)
2022-02-03 11:20:46 +01:00
Simon Charette b7d1da5a62 Fixed #33482 -- Fixed QuerySet filtering againts negated Exists() with empty queryset.
Thanks Tobias Bengfort for the report.
2022-02-02 07:54:19 +01:00
tschilling 0dcd549bbe Fixed #30360 -- Added support for secret key rotation.
Thanks Florian Apolloner for the implementation idea.

Co-authored-by: Andreas Pelme <andreas@pelme.se>
Co-authored-by: Carlton Gibson <carlton.gibson@noumenal.es>
Co-authored-by: Vuyisile Ndlovu <terrameijar@gmail.com>
2022-02-01 11:12:24 +01:00
Mariusz Felisiak fc18f36c4a Fixed CVE-2022-23833 -- Fixed DoS possiblity in file uploads.
Thanks Alan Ryan for the report and initial patch.
2022-02-01 07:41:40 +01:00
Markus Holtermann 394517f078 Fixed CVE-2022-22818 -- Fixed possible XSS via {% debug %} template tag.
Thanks Keryn Knight for the report.

Co-authored-by: Adam Johnson <me@adamj.eu>
2022-02-01 07:40:51 +01:00
Kirill Safronov 97a7274468 Fixed #33480 -- Fixed makemigrations crash when renaming field of renamed model.
Regression in aa4acc164d.
2022-02-01 07:01:41 +01:00
Mariusz Felisiak 71e7c8e737
Fixed #33468 -- Fixed QuerySet.aggregate() after annotate() crash on aggregates with default.
Thanks Adam Johnson for the report.
2022-01-31 11:33:24 +01:00
Keryn Knight 55022f75c1 Fixed #33465 -- Added empty __slots__ to SafeString and SafeData.
Despite inheriting from the str type, every SafeString instance gains
an empty __dict__ due to the normal, expected behaviour of type
subclassing in Python.

Adding __slots__ to SafeData is necessary, because otherwise inheriting
from that (as SafeString does) will give it a __dict__ and negate the
benefit added by modifying SafeString.
2022-01-29 13:50:34 +01:00
Keryn Knight c5c7a15b09 Fixed #33461 -- Escaped template errors in the technical 500 debug page. 2022-01-28 07:07:12 +01:00
vgolubev e87f57fdb8 Fixed #26142 -- Allowed model formsets to prevent new object creation.
Thanks Jacob Walls, David Smith, and Mariusz Felisiak for reviews.

Co-authored-by: parth <parthvin@gmail.com>
2022-01-27 20:45:21 +01:00
Jörg Breitbart 0af9a5fc7d Fixed #33463 -- Fixed QuerySet.bulk_update() with F() expressions. 2022-01-27 19:03:26 +01:00
Mariusz Felisiak e972620ada
Fixed #33462 -- Fixed migration crash when altering type of primary key with MTI and foreign key.
This prevents duplicated operations when altering type of primary key
with MTI and foreign key. Previously, a foreign key to the base model
was added twice, once directly and once by the inheritance model.

Thanks bcail for the report.

Regression in 325d7710ce.
2022-01-27 18:51:39 +01:00
Carlton Gibson d15a10afb5
Adjusted CBV resolver_match example in testing tools docs.
The view_class is available on the view callback, allowing that to be
checked, rather than the __name__.
2022-01-26 20:58:22 +01:00
Mariusz Felisiak f38c3cbadc
Increased test coverage for django.contrib.gis.gdal.layer.Layer. 2022-01-26 17:47:03 +01:00
Jacob Walls edbf930287 Fixed #29984 -- Added QuerySet.iterator() support for prefetching related objects.
Co-authored-by: Raphael Kimmig <raphael.kimmig@ampad.de>
Co-authored-by: Simon Charette <charette.s@gmail.com>
2022-01-25 06:12:04 +01:00
Timothy McCurrach efb4478e48 Fixed #33458 -- Fixed encoding of messages with empty string as extra_tags. 2022-01-24 07:05:53 +01:00
Claude Paroz 7c4f396509 Stopped including type="text/css" attributes for CSS link tags. 2022-01-22 16:38:14 +01:00
My-Name-Is-Nabil 9dc65263d4 Fixed #33455 -- Improved error message when selenium is not installed. 2022-01-21 21:54:10 +01:00
Jacob Walls 2d8232fa71 Fixed #26760 -- Added --prune option to migrate command. 2022-01-21 17:10:31 +01:00
Fabian Büchler eeff1787b0 Fixed #33449 -- Fixed makemigrations crash on models without Meta.order_with_respect_to but with _order field.
Regression in aa4acc164d.
2022-01-21 06:44:53 +01:00
Mariusz Felisiak f605e85af9
Fixed #33453 -- Dropped support for GDAL 2.1. 2022-01-20 18:54:29 +01:00
Hrushikesh Vaidya 3fadf141e6 Fixed #33062 -- Made MultiPartParser remove non-printable chars from file names. 2022-01-20 07:19:52 +01:00
sean_c_hsu 0f6946495a Fixed #31685 -- Added support for updating conflicts to QuerySet.bulk_create().
Thanks Florian Apolloner, Chris Jerdonek, Hannes Ljungberg, Nick Pope,
and Mariusz Felisiak for reviews.
2022-01-19 20:17:42 +01:00
Mariusz Felisiak 4a8ac604b1
Added tests for SpatialReference.to_esri()/from_esri(). 2022-01-19 16:03:04 +01:00
Adam Johnson dc8bb35e39 Fixed #33446 -- Added CSS source map support to ManifestStaticFilesStorage. 2022-01-18 12:53:14 +01:00
Mariusz Felisiak 30a0144134
Fixed #29338 -- Allowed using combined queryset in Subquery.
Thanks Eugene Kovalev for the initial patch, Simon Charette for the
review, and Chetan Khanna for help.
2022-01-17 18:01:07 +01:00
My-Name-Is-Nabil f37face331 Fixed #33435 -- Fixed invalid SQL generatered by Subquery.as_sql(). 2022-01-17 09:00:46 +01:00
Ayush Joshi 0a17666045 Fixed #28135 -- Made simplify_regex() handle non-capturing groups. 2022-01-14 11:01:02 +01:00
Adam Johnson fdfa97fb16 Fixed #33441 -- Restored immutability of models.Field.__hash__().
Regression in 502e75f9ed.
2022-01-14 07:00:48 +01:00
Adam Johnson 45a42aabfa Fixed #29708 -- Deprecated PickleSerializer. 2022-01-13 13:50:20 +01:00
Adam Johnson 436862787c Refs #29708 -- Made SessionBase store expiry as string. 2022-01-13 13:05:42 +01:00
Adam Johnson 08d8bccbf1 Improved Model.__init__() properties loop.
This improves readability, accumulates unrecognized arguments raise an
exception with all of them, and avoids refetching the values.
2022-01-13 11:09:37 +01:00
Mariusz Felisiak 0a4a5e5bac
Refs #32681 -- Fixed VariableDoesNotExist when rendering some admin template.
Regression in 84609b3205.

Follow up to 4e5bbb6ef2.

Thanks Sourav Kumar for the report.
2022-01-13 10:10:48 +01:00
Hrushikesh Vaidya 6815da6e94 Fixed #33396 -- Added view name to technical 500 debug page. 2022-01-13 07:02:41 +01:00
Adam Johnson 84e98ba194
Added exception to SuspiciousOperation logging.
This allows better debugging and filtering of errors.
2022-01-12 13:27:25 +01:00
Jacob Walls dc9deea8e8 Fixed #11715 -- Changed default value of ModelAdmin.actions/inlines to empty tuples.
This clarifies the intended pattern of overwriting the default value
rather than mutating it.
2022-01-11 12:22:49 +01:00
mgaligniana fa235004dd Fixed #13251 -- Made pre/post_delete signals dispatch the origin. 2022-01-11 08:06:18 +01:00
Jacob Walls 6f78cb6b13 Fixed #29026 -- Added --scriptable option to makemigrations. 2022-01-10 18:49:57 +01:00
Keryn Knight f4b06a3cc1 Fixed #33426 -- Fixed ResolverMatch.__repr_() for class-based views.
Regression in 7c08f26bf0.
2022-01-10 17:30:41 +01:00
Jacob Walls 3430093a46
Refs #32193 -- Removed python-memcached from test requirements.
Follow up to 05f3a6186e.
2022-01-10 06:39:15 +01:00
Keryn Knight 2a66c102d9 Fixed #33425 -- Fixed view name for CBVs on technical 404 debug page.
Regression in 0c0b87725b.
2022-01-08 13:05:55 +01:00
David 4c60c3edff Fixed #33419 -- Restored marking forms.Field.help_text as HTML safe.
Regression in 456466d932.

Thanks Matt Westcott for the report.
2022-01-07 15:35:31 +01:00
Ad Timmering bdf3e156b4 Fixed #28628 -- Changed \d to [0-9] in regexes where appropriate. 2022-01-07 12:25:06 +01:00
Ad Timmering fe76944269 Refs #28628 -- Added tests for intcomma with non-ASCII digits. 2022-01-07 12:23:33 +01:00
Allen Jonathan David 28c98d4113 Fixed #33216 -- Simpilified deconstructed paths for some expressions. 2022-01-07 11:19:29 +01:00
Baptiste Mispelon c67e1cf44f Refs #33348 -- Deprecated passing errors=None to SimpleTestCase.assertFormError()/assertFormsetErrors(). 2022-01-06 17:29:32 +01:00
Petter Friberg bc174e6ea0 Fixed #33410 -- Fixed recursive capturing of callbacks by TestCase.captureOnCommitCallbacks().
Regression in d89f976bdd.
2022-01-06 06:38:17 +01:00
Ad Timmering 806efe912b Fixed #33400 -- Added support for msg_prefix and count arguments to assertTemplateUsed()/assertTemplateNotUsed() used as context managers. 2022-01-05 12:49:42 +01:00
Jamie Matthews f5233dce30 Fixed #32511 -- Corrected handling prefetched nested reverse relationships.
When prefetching a set of child objects related to a set of parent
objects, we usually want to populate the relationship back from the
child to the parent to avoid a query when accessing that relationship
attribute. However, there's an edge case where the child queryset
itself specifies a prefetch back to the parent. In that case, we want
to use the prefetched relationship rather than populating the reverse
relationship from the parent.
2022-01-05 09:49:05 +01:00
Allen Jonathan David 205f67cd5b Refs #33216 -- Made @deconstructible do not change path for subclasses. 2022-01-04 13:15:29 +01:00
Allen Jonathan David 194ca77092 Refs #21275 -- Added more tests for @deconstructible decorator. 2022-01-04 13:08:36 +01:00
Florian Apolloner 6d343d01c5 Fixed CVE-2021-45452 -- Fixed potential path traversal in storage subsystem.
Thanks to Dennis Brinkrolf for the report.
2022-01-04 10:04:12 +01:00
Florian Apolloner 761f449e0d Fixed CVE-2021-45116 -- Fixed potential information disclosure in dictsort template filter.
Thanks to Dennis Brinkrolf for the report.

Co-authored-by: Adam Johnson <me@adamj.eu>
2022-01-04 10:03:56 +01:00