Commit Graph

1465 Commits

Author SHA1 Message Date
Jacob Kaplan-Moss 92803205cb Fixed #3512: it's now possible to add CSS hooks to required/erroneous form rows. Thanks, SmileyChris.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11830 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-12-12 18:52:12 +00:00
Jacob Kaplan-Moss 85ccad4d61 Fixed the tests I broke with [11824].
Note to self: naming a module "settings" is a really good way of screwing things up.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@11828 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-12-12 18:45:43 +00:00
Karen Tracey 9c4bd2aa33 Fixed #11632: Fixed the id for hidden initial widget so that it is different from the id for its visible counterpart. Thanks geber@datacollect.com and Mark Lavin.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11826 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-12-12 18:18:31 +00:00
Jacob Kaplan-Moss ac8da7b36f FIxed #10130: you may now delete attributes on `settings`. Thanks, jcassee.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11824 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-12-12 17:51:51 +00:00
Karen Tracey f761802b22 Fixed #11972: Corrected title filter handling of numbers followed by letters. Thanks schwank@gmail.com and Randy Barlow.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11822 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-12-12 17:20:32 +00:00
Karen Tracey 5543b10608 Fixed #12349: Added missing unquote in admin history view. Thanks for the report guard.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11808 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-12-10 19:58:20 +00:00
Jannis Leidel 9bf652dfd6 Fixed #11010 - Add a foundation for object permissions to authentication backends. Thanks to Florian Apolloner for writing the initial patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11807 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-12-10 01:05:35 +00:00
Luke Plant 2c2f5aee4d Implemented 'smart if' template tag, allowing filters and various operators to be used in the 'if' tag
Thanks to Chris Beaven for the initial patch, Fredrik Lundh for the basis
of the parser methodology and Russell Keith-Magee for code reviews.

There are some BACKWARDS INCOMPATIBILITIES in rare cases - in particular, if
you were using the keywords 'and', 'or' or 'not' as variable names within
the 'if' expression, which was previously allowed in some cases.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@11806 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-12-09 22:40:36 +00:00
Luke Plant 25020ddb05 Fixed #4604 - Configurable message passing system, supporting anonymous users
This deprecates User.message_set in favour of a configurable messaging
system, with backends provided for cookie storage, session storage and
backward compatibility.

Many thanks to Tobias McNulty for the bulk of the work here, with
contributions from Chris Beaven (SmileyChris) and lots of code review from
Russell Keith-Magee, and input from many others.  Also credit to the authors
of various messaging systems for Django whose ideas may have been pinched
:-)



git-svn-id: http://code.djangoproject.com/svn/django/trunk@11804 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-12-09 16:57:23 +00:00
Luke Plant eeb10d5f2c Optimised use of 'in' operator on QuerySet using an explicit __contains__ method.
Without this change, use of 'in' on a QuerySet resulted in ._result_cache
being fully populated, which sometimes is unnecessary work.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@11803 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-12-09 16:07:21 +00:00
Justin Bronn 81dd5c2473 Fixed #12340 -- `BaseGenericInlineFormSet.get_queryset` now returns an ordered queryset.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11800 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-12-09 03:49:25 +00:00
Russell Keith-Magee ce7c61d61e Refs #11109 -- Touched some whitespace so Trac will display some files correctly.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11785 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-12-02 00:30:00 +00:00
Jacob Kaplan-Moss f5fefcc8c9 Added an explicit test showing that field errors are correctly autoescaped.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11756 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-11-20 14:59:44 +00:00
Russell Keith-Magee 660f9086f1 Fixed #12245 -- Corrected target app handling for auto-generated m2m models when the parent model isn't in the models module (or a subpackage thereof). Thanks to emulbreh for the report and patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11755 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-11-20 00:59:38 +00:00
Russell Keith-Magee be9376d9ad Corrected a regression in validation of admin fieldsets with nested definitions from r11744. Thanks to Davor Lučić for the report.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11752 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-11-19 15:07:42 +00:00
Russell Keith-Magee 77755aa5a0 Fixed #12242 -- Corrected a problem with masking extra selects() in a DateQuerySet. Thanks to Alex Gaynor for his help debugging this one.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11748 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-11-19 04:35:53 +00:00
Russell Keith-Magee 7875421a03 Fixed #11243 -- Ensured that bash_completion output is emitted in sorted order. Thanks to Alex Gaynor for the report.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11747 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-11-19 04:35:31 +00:00
Russell Keith-Magee 2dfe3ad657 Added tests for the bash completion script from [11526]. Thanks to Eric Holscher.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11745 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-11-18 11:10:50 +00:00
Russell Keith-Magee bb4062d53b Fixed #12237 -- Improved the error message for m2m fields with an explicit through model being listed in admin fieldsets. Thanks to Pyth for the report and Ramiro Morales for the patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11744 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-11-18 07:44:06 +00:00
Brian Rosner 6c61ca3d74 Fixed #5034 -- honor request.urlconf in reverse and resolve.
This enables {% url %} to honor request.urlconf set from process_request
middleware methods.

Thanks SmileyChris for the initial patch work.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@11740 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-11-16 01:58:00 +00:00
Russell Keith-Magee 0aeb1e135d Refs #12203 -- Improved error handling for the case where a user manually specifies an m2m field with an explicit through field. Thanks to dgouldin for the report, and Ramiro Morales for the patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11737 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-11-13 12:35:05 +00:00
Russell Keith-Magee dd045aaab5 Fixed #12209 -- Made the through attribute on a m2m relation into a property to ensure that the fully resolved through model is always provdided. Thanks to dgouldin for the report.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11736 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-11-13 12:34:41 +00:00
Russell Keith-Magee 632f12fba4 Fixed #12163 -- Corrected the unpickling of non-deferred models. Thanks to rfugger for the report and test case.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11732 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-11-11 13:06:18 +00:00
Russell Keith-Magee 70f9a4f6ce Fixed #12190 -- Corrected a regression in the ability to instantiate ForeignKeys outside of models. Thanks to jittat for the report.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11730 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-11-10 15:21:12 +00:00
Russell Keith-Magee 7b63d3d3b4 Fixed #12168 -- Corrected the registration of m2m autocreated models when models.py is split into submodules. Thanks to Jens Diemer for the report and test case.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11724 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-11-05 11:57:28 +00:00
Russell Keith-Magee dd5d7622a5 Fixed #11144 -- When a to/from/cc header contains unicode, make sure the email addresses are parsed correctly (especially with regards to commas). Thanks to rmt for the patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11719 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-11-04 11:24:56 +00:00
Russell Keith-Magee 585b7acaa3 Fixed #10109 -- Removed the use of raw SQL in many-to-many fields by introducing an autogenerated through model.
This is the first part of Alex Gaynor's GSoC project to add Multi-db support to Django.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@11710 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-11-03 14:02:49 +00:00
Russell Keith-Magee aba5389326 Fixed #10355 -- Added an API for pluggable e-mail backends.
Thanks to Andi Albrecht for his work on this patch, and to everyone else that contributed during design and development.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@11709 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-11-03 12:53:26 +00:00
Russell Keith-Magee 5dfed1b24a Fixed #12127 -- Corrected teardown of dateformat tests. Thanks to apollo13 for the report, and Karen Tracey for the debugging help.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11705 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-11-02 08:26:03 +00:00
Karen Tracey 1ea08b441d Repeat the setUp/tearDown changes made in r11699 for the tests
converted in r11694.  This allows the dateformat tests to pass 
on Windows.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@11701 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-11-01 23:48:31 +00:00
Karen Tracey d4bb582b1a Changed setUp and tearDown for the tests converted from doctests in r11695
to not assume TZ absolutely will be set in the environment.  That environment
variable does not necessarily exist on Windows, it seems.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@11699 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-11-01 23:09:23 +00:00
Karen Tracey ff38e0b1d1 Fixed #12125 -- Fixed a typo in the generic views date_based test that caused it to fail in November. Thanks brutasse.
--This line and those below, will be ignored--

M    tests/regressiontests/views/tests/generic/date_based.py


git-svn-id: http://code.djangoproject.com/svn/django/trunk@11697 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-11-01 22:12:40 +00:00
Russell Keith-Magee e18af06eed Fixed #12123 -- Updated the utils.dateformat test to be a unittest too, due to a dependency on the old dateformat test.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11695 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-11-01 04:53:51 +00:00
Russell Keith-Magee acfa9332de Fixed #12123 -- Refactored dateformat tests to use unittest. This is needed so that we have a reliable teardown that can reset the timezone at the end of the test.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11693 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-11-01 04:20:17 +00:00
Brian Rosner 8dd4a28721 Fixed #11872 -- Instantiate the correct model in BaseInlineFormSet.__init__ when instance is None. Thanks tobias.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11688 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-30 09:11:56 +00:00
Russell Keith-Magee 96658ef2d2 Fixed #12057 -- Corrected regression of caching performance when a model contained a callable default. Thanks to Michael Thornhill for the excellent assistance tracking this problem.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11681 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-29 14:32:01 +00:00
Jacob Kaplan-Moss 4281bf3db0 Fixed #11057: having no actions in the admin (`actions=None`) no longer messes up the layout. Thanks, rvdrijst.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11670 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-27 20:56:12 +00:00
Luke Plant 7230a995ce Moved contrib.csrf.* to core code.
There is stub code for backwards compatiblity with Django 1.1 imports.

The documentation has been updated, but has been left in
docs/contrib/csrf.txt for now, in order to avoid dead links to
documentation on the website.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@11661 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-27 00:36:34 +00:00
Luke Plant 8e70cef9b6 Fixed #9977 - CsrfMiddleware gets template tag added, session dependency removed, and turned on by default.
This is a large change to CSRF protection for Django.  It includes:

 * removing the dependency on the session framework.
 * deprecating CsrfResponseMiddleware, and replacing with a core template tag.
 * turning on CSRF protection by default by adding CsrfViewMiddleware to
   the default value of MIDDLEWARE_CLASSES.
 * protecting all contrib apps (whatever is in settings.py)
   using a decorator.

For existing users of the CSRF functionality, it should be a seamless update,
but please note that it includes DEPRECATION of features in Django 1.1,
and there are upgrade steps which are detailed in the docs.

Many thanks to 'Glenn' and 'bthomas', who did a lot of the thinking and work
on the patch, and to lots of other people including Simon Willison and
Russell Keith-Magee who refined the ideas.

Details of the rationale for these changes is found here:

http://code.djangoproject.com/wiki/CsrfProtection

As of this commit, the CSRF code is mainly in 'contrib'.  The code will be
moved to core in a separate commit, to make the changeset as readable as
possible.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@11660 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-26 23:23:07 +00:00
Jacob Kaplan-Moss d1da261417 Fixed #11371: Made `django.test.Client.put()` work for non-form-data PUT (i.e. JSON, etc.). Thanks, phyfus.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11656 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-26 15:02:54 +00:00
Luke Plant 2b2f92ae8e Fixed a bug in r11646 - refs #11402
The one line of code not covered by a test... ;-)


git-svn-id: http://code.djangoproject.com/svn/django/trunk@11647 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-24 00:37:01 +00:00
Jacob Kaplan-Moss 9f70783b14 Fixed a couple of test-ordering-dependant failures introduced in [11639] that caused test failures when running the whole test suite.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11645 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-24 00:23:47 +00:00
Jacob Kaplan-Moss 8be1bb2268 Fixed #11625: added comment moderation via admin actions.
This is BACKWARDS INCOMPATIBLE if you were using the completely undocumented moderation view from 1.1. That view's been removed in favor of the admin actions.

Thanks, Thejaswi Puthraya.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@11639 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-23 19:22:31 +00:00
Luke Plant 162fade2b7 Fixed #12060 - equality tests between User and SimpleLazyObject-wrapped User failed.
Also added more tests for SimpleLazyObject

Thanks to ericholscher for report.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@11637 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-20 14:11:08 +00:00
Luke Plant 22be3d7612 Fixed #12049 - LazyObject-wrapped User breaks queries in template tags
Thanks to chipx86 for the report and patch.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@11634 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-19 21:13:22 +00:00
Brian Rosner cb7a3262b5 Moved the call to _get_foreign_key to run in all cases catching incorrect inline setup sooner.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11631 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-19 19:17:20 +00:00
Brian Rosner 5fc35c9caf Fixed #11709 — Pass inline fk_name attribute when grabbing foreign key to test for exclusion. Thanks yishaibeeri for the report.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11630 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-19 19:17:07 +00:00
Luke Plant a2d8acbacd Fixed a regression on Python 2.6 caused by r11623
This might fix #12037, but I cannot reproduce that bug.
Refs #12037



git-svn-id: http://code.djangoproject.com/svn/django/trunk@11625 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-15 14:12:34 +00:00
Luke Plant c161bf21f0 Fixed #6552, #12031 - Make django.core.context_processors.auth lazy to avoid "Vary: Cookie"
Thanks to olau@iola.dk, Suor for the report



git-svn-id: http://code.djangoproject.com/svn/django/trunk@11623 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-14 18:09:13 +00:00
Jacob Kaplan-Moss 9f8287a3f1 SECURITY ALERT: Corrected regular expressions for URL and email fields.
Certain email addresses/URLs could trigger a catastrophic backtracking situation, causing 100% CPU and server overload. If deliberately triggered, this could be the basis of a denial-of-service attack.

This security vulnerability was disclosed in public, so we're skipping our
normal security release process to get the fix out as soon as possible.

This is a security related update. A full announcement, as well as backports for the 1.1.X and 1.0.X series will follow.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@11603 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-09 20:57:59 +00:00