Commit Graph

7083 Commits

Author SHA1 Message Date
Tim Graham 8cc41ce7a7 Fixed DoS possiblity in contrib.auth.views.logout()
Thanks Florian Apolloner and Carl Meyer for review.

This is a security fix.
2015-08-18 08:03:43 -04:00
Markus Holtermann 0271a11ba5 Fixed #24755 -- Hid operations from dependency apps when merging migrations
Thanks Carl Meyer for the report and Tim Graham for the review.
2015-08-18 18:33:14 +10:00
Tim Graham 75b5de8d5f Refs #23266 -- Fixed ticket number reference in a queries test. 2015-08-17 17:37:07 -04:00
Richard Mitchell 7eb513ab0f Refs #21554 -- Added some assertions to a model_inheritance_regress test. 2015-08-15 19:32:21 -04:00
Caio Ariede dad8434d6f Fixed #25180 -- Prevented varchar_patterns_ops and text_patterns_ops indexes for ArrayField. 2015-08-15 10:02:08 -04:00
Valentina Mukhamedzhanova 1f7b25c1a7 Fixed #24986 -- Added support for annotations in DISTINCT queries. 2015-08-15 08:23:32 -04:00
Alex Hill 98bcdfa8bd Fixed #25064 -- Allowed empty join columns. 2015-08-15 07:26:44 -04:00
Tim Graham f9636fdf92 Refs #23843 -- Updated Oracle annotations workaround to reflect latest status. 2015-08-14 13:52:18 -04:00
Tim Graham 825429c1f7 Moved foreign_object models.py into a module. 2015-08-14 08:53:35 -04:00
Caio Ariede de41fbb3cf Fixed #25239 -- Corrected makemigrations numbering if a migration has a number-only filename. 2015-08-14 07:28:37 -04:00
Fabrizio Ettore Messina ece78684d9 Fixed #25267 -- Corrected message for admin.E122 system check. 2015-08-13 12:34:48 -04:00
Ion Scerbatiuc 0cc059cd10 Fixed #25172 -- Fixed check framework to work with multiple databases. 2015-08-12 18:00:26 -04:00
Sambhav Satija d0bd533043 Fixed #25254 -- Added JsonResponse json_dumps_params parameter. 2015-08-12 10:39:07 -04:00
Doug Beck b7508896fb Fixed #24257 -- Corrected i18n handling of percent signs.
Refactored tests to use a sample project.

Updated extraction:
* Removed special handling of single percent signs.
* When extracting messages from template text, doubled all percent signs
  so they are not interpreted by gettext as string format flags. All
  strings extracted by gettext, if containing a percent sign, will now
  be labeled "#, python-format".

Updated translation:
* Used "%%" for "%" in template text before calling gettext.
* Updated {% trans %} rendering to restore "%" from "%%".
2015-08-12 10:23:34 -04:00
pscottdevos 7fa1dd8a80 Fixed #25163 -- Fixed exception handling in nested test client requests. 2015-08-11 10:01:24 -04:00
Tim Graham b27547f9d1 Removed deprecated GeoManager from inspectdb/ogrinspect output.
refs ea27e26b09
2015-08-10 10:29:36 -04:00
Tim Graham 5980b05c1f Fixed #25160 -- Moved unsaved model instance data loss check to Model.save()
This mostly reverts 5643a3b51b and
81e1a35c36.

Thanks Carl Meyer for review.
2015-08-10 08:51:32 -04:00
Simon Charette 12f91f6ebd Used skipUnlessDBFeature where appropriate. 2015-08-08 11:27:06 -04:00
Tim Graham a3830f6d66 Refs #25236 -- Removed ifequal/ifnotequal usage. 2015-08-08 07:33:15 -04:00
Claude Paroz 64982cc2fb Updated Wikipedia links to use https 2015-08-08 12:02:32 +02:00
mlavin 69db1c7455 Fixed #25231 -- Added recording of squashed migrations in the migrate command.
Ensured squashed migrations are recorded as applied when the
migrate command is run and all of the original migrations
have been previously applied.
2015-08-07 17:59:18 -04:00
Tim Graham a7b7f27c05 Fixed #25233 -- Fixed HStoreField.has_changed() handling of initial values.
Thanks Simon Charette for review.
2015-08-07 13:26:17 -04:00
Caio Ariede ec9004728e Fixed #25175 -- Renamed the postgresql_psycopg2 database backend to postgresql. 2015-08-07 09:33:17 -04:00
Tim Graham f2b665f886 Fixed #25241 -- Corrected ModelForm.save() error message when saving invalid form with UUIDField pk. 2015-08-07 07:44:59 -04:00
Tim Graham 3e1bb5cfb8 Refs #14476 -- Added a test for default annotation name access in aggregate.
Fixed in f59fd15c49
2015-08-06 13:52:26 -04:00
Ion Scerbatiuc 520802160a Fixed #25226 -- Set the model attribute on ArrayField's base_field 2015-08-05 15:01:32 -04:00
Sergey Kolosov 244404227e Fixed #22404 -- Added a view that exposes i18n catalog as a JSON
Added django.views.i18n.json_catalog() view, which returns a JSON
response containing translations, formats, and a plural expression
for the specified language.
2015-08-05 09:05:21 -04:00
Matt Robenolt 4dcfbd7923 Fixed #25211 -- Added HttpRequest.get_port() and USE_X_FORWARDED_PORT setting. 2015-08-04 09:50:57 -04:00
Peter Schmidt f6259ce776 Fixed #25209 -- Removed parallel=True coverage option 2015-08-04 09:32:12 -04:00
Caio Ariede 62d4074005 Fixed #25191 -- Added string diff to SimpleTestCase.assertXMLEqual() message. 2015-08-04 09:16:34 -04:00
Curtis Maloney 9f73009e98 Fixed #25215 -- Solved reference to forms.HStoreField in declaration of HStoreField
Correct test which was using the model field in a test form.
2015-08-04 19:15:22 +10:00
Tim Graham 770449e24b Removed unused Field.get_flatchoices() method.
Unused since c2ba59fc1d (Django 1.0).

Thanks Andy Baker for the report.
2015-08-03 13:08:24 -04:00
Alasdair Nicol 8972818289 Fixed #25206 -- Fixed error message when checking a ModelAdmin fieldset's fields. 2015-08-03 08:58:39 -04:00
Alex Hill b47e862d3a Added test for ForeignObject.get_extra_descriptor_filter() 2015-08-03 08:27:53 -04:00
Tim Graham fa14fb9771 Fixed flake8 warning. 2015-08-02 21:30:13 -04:00
Alex Becker 53d28f8339 Fixed #25089 -- Added password validation to createsuperuser/changepassword. 2015-08-01 20:18:26 -04:00
Rigel Di Scala 3bdaaf6777 Fixed #25146 -- Allowed method_decorator() to decorate classes. 2015-08-01 08:38:03 -04:00
Tim Graham 1a76257b1b Fixed #25204 -- Added missing space in runserver logging. 2015-08-01 08:01:24 -04:00
Tim Graham fd81588bc6 Refs #25176 -- Fixed typo in tests/test_utils/tests.py 2015-08-01 07:39:16 -04:00
Adam Chainz 0abb06930f Fixed #25176 -- Prevented TestCase.setUpTestData() exception from leaking transaction. 2015-08-01 07:33:22 -04:00
Tim Graham f4afa699b6 Removed usage of selenium's deprecated switch_to_window() method. 2015-07-31 15:03:18 -04:00
Jay Cox 434d309ef6 Fixed #24720 -- Avoided resolving URLs that don't end in a slash twice in CommonMiddleware.
This speeds up affected requests by about 5%.
2015-07-31 12:04:06 -04:00
Flavio Curella 1e2362ca0f Refs #25184 -- Started deprecation for contrib.gis.geoip. 2015-07-31 10:09:06 -04:00
Flavio Curella 7f0953ce1f Fixed #25184 -- Added support for MaxMind GeoLite2 database format 2015-07-31 09:45:03 -04:00
Tim Graham 1c7c782d6e Fixed #25188 -- Improved message raised by SimpleTestCase.assertRaisesMessage().
Thanks Chris Jerdonek for the suggestion and help with the patch.
2015-07-31 09:19:27 -04:00
Tim Graham 5b6ca15073 Fixed #25183 -- Fixed non-deterministic GeoIP test.
google.com doesn't always resolve to an IP inside the United States.
2015-07-30 18:11:57 -04:00
elky 35901e64b0 Fixed #24444 -- Updated contrib.admin to use django-flat-theme 2015-07-30 15:18:22 -04:00
Tim Graham d27e0f04a6 Fixed #25190 -- Deprecated callable_obj parameter to assertRaisesMessage().
Thanks Aymeric Augustin for review.
2015-07-30 10:12:41 -04:00
Luis Visintini 635ffc3c37 Fixed #25163 -- Added hint for non-staff users to admin login page. 2015-07-29 15:09:32 -04:00
Piper Merriam 537818af87 Fixed #25185 -- Added support for functools.partial serialization in migrations 2015-07-29 10:15:50 -04:00
Piper Merriam b1e552debf Fixed #25186 -- Improved migration's serialization of builtins on Python 2. 2015-07-28 18:15:01 -04:00
Tim Graham c041671167 Refs #25183 -- Added debugging for non-deterministic GeoIP test. 2015-07-28 07:41:18 -04:00
Tim Graham adc0c4fbac Fixed #18556 -- Allowed RelatedManager.add() to execute 1 query where possible.
Thanks Loic Bistuer for review.
2015-07-28 09:28:25 +07:00
Flavio Curella c2e70f0265 Fixed #21127 -- Started deprecation toward requiring on_delete for ForeignKey/OneToOneField 2015-07-27 18:28:13 -04:00
Marten Kenbeek bc7923beff Fixed #24127 -- Changed the default current_app to the current namespace.
Changed the url template tag to use request.resolver_match.namespace as a
default for the current_app argument if request.current_app is not set.
2015-07-27 09:14:48 -04:00
Mitchell Kotler 6024fd5dc2 Fixed #25095 -- Fixed annotate() + values() group by bug
Thanks Josh Smeaton for help on the tests.
2015-07-27 07:44:48 -04:00
Joseph Gordon 199a02d1e2 Fixed #25110 -- Fixed a test_runner test isolation regression.
Thanks claudep for the patch.
2015-07-27 07:35:23 -04:00
Konrad Świat c6da621def Fixed #24623 -- Fixed EmailMessage.attach_file() with text files on Python 3.
Thanks tkrapp for the report and Tim Graham for the review.
2015-07-25 07:42:30 -04:00
Claude Paroz c296e55dc6 Fixed #22258 -- Added progress status for dumpdata when outputting to file
Thanks Gwildor Sok for the report and Tim Graham for the review.
2015-07-24 18:37:55 +02:00
Matt Johnson e063ac2fae Fixed #12768 -- Fixed QuerySet.raw() regression on FK with custom db_column. 2015-07-23 18:07:38 -04:00
Tim Graham b60375d4bb Fixed #25129 -- Made model instance defaults work with migrations (refs #24919). 2015-07-21 09:19:40 -04:00
Tim Graham 04e69598de Refs #24919 -- Made test models serializable for migrations. 2015-07-21 09:19:40 -04:00
Luke Plant 8a5eadd140 Corrected HTML-escaping behaviour of url template tag.
Due to the URL encoding applied by the tag for all parameters that might be
partly controllable by an end-user, there are no XSS/security problems
caused by this bug, only invalid HTML.
2015-07-21 14:04:58 +01:00
Claude Paroz 1da170a203 Fixed #25141 -- Diminished GDAL dependence during geojson serialization
Only require GDAL if contained geometries need coordinate transformations.
Thanks drepo for the report and Tim Graham for the review.
2015-07-20 20:22:29 +02:00
Tim Graham 774c16d16e Fixed #25052; refs #16860 -- Added password validation to UserCreationForm. 2015-07-20 13:44:34 -04:00
Tim Graham f5e9d67907 Refs #16860 -- Moved password_changed() logic to AbstractBaseUser.
Thanks Carl Meyer for review.
2015-07-20 13:44:26 -04:00
Anssi Kääriäinen baa732ac9f Refs #23622 -- Added tests to ensure ordering is retained for distinct on fields subqueries.
The ticket was already fixed by
b68212f539.

Thanks to Beauhurst for commissioning the work on this ticket.
2015-07-20 10:20:21 -04:00
Anssi Kääriäinen 6a9a9e50f2 Fixed test with incorrect assumption about pk values.
The test results were dependent on the order in which the
tests were run.
2015-07-20 10:20:21 -04:00
Tim Graham 6e3fe089dd Replaced six.BytesIO with io.BytesIO 2015-07-20 08:19:47 -04:00
Claude Paroz 19fcf083d3 Replaced try/finally by mock.patch in geos tests 2015-07-18 15:34:40 +02:00
Edward Henderson f8cc464452 Fixed #16501 -- Added an allow_unicode parameter to SlugField.
Thanks Flavio Curella and Berker Peksag for the initial patch.
2015-07-17 13:48:58 -04:00
Tim Graham 28ee511b7e Fixed db.utils.load_backend() on non-ASCII paths. 2015-07-17 08:21:43 -04:00
Claude Paroz 1ef4aeab40 Fixed #25078 -- Added support for disabled form fields
Thanks Keryn Knight and Tim Graham for the reviews.
2015-07-16 19:36:56 +02:00
Tim Graham 1fed8dd715 Fixed #25120 -- Deprecated egg template loader. 2015-07-16 09:32:42 -04:00
Tim Graham c52822e750 Fixed #25128 -- Fixed SQLite SchemaEditor crash when adding a ForeignObject field. 2015-07-15 15:22:52 -04:00
Tim Graham bbbb7ce115 Filtered out 'base' from database backend choices error message. 2015-07-15 10:51:26 -04:00
rroskam ed514caed2 Fixed #24966 -- Added deployment system check for empty ALLOWED_HOSTS. 2015-07-15 09:18:58 -04:00
Keryn Knight c96f11257b Refs #24121 -- Added meaningful repr() to HttpResponse and subclasses. 2015-07-15 09:01:25 -04:00
Tim Graham b356dc4e07 Refs #25085 -- Used more specific assertion in widget test. 2015-07-14 12:17:34 -04:00
Eric Carrillo 8ee6a3f1a8 Fixed #25085 -- Overrode Select widget's __deepcopy__() 2015-07-14 11:56:08 -04:00
Thomas Stephenson 035b0fa60d Fixed #24716 -- Deprecated Field._get_val_from_obj()
The method duplicates the functionality of Field.value_from_object()
and has the additional downside of being a privately named public
API method.
2015-07-14 09:13:22 -04:00
Vlastimil Zíma 8f8c54f70b Fixed #25099 -- Cleaned up HttpRequest representations in error reporting. 2015-07-13 19:22:39 -04:00
Daniel Roseman 24620d71f2 Fixed #25079 -- Added warning if both TEMPLATES and TEMPLATE_* settings are defined.
Django ignores the value of the TEMPLATE_* settings if TEMPLATES is also
set, which is confusing for users following older tutorials. This change
adds a system check that warns if any of the TEMPLATE_* settings have
changed from their defaults but the TEMPLATES dict is also non-empty.

Removed the TEMPLATE_DIRS from the test settings file; this was marked
for removal in 1.10 but no tests fail if it is removed now.
2015-07-13 17:50:22 -04:00
Andrei Kulakov db97a88495 Fixed #24375 -- Added Migration.initial attribute
The new attribute is checked when the `migrate --fake-initial` option
is used. initial will be set to True for all initial migrations (this
is particularly useful when initial migrations are split) as well as
for squashed migrations.
2015-07-13 15:57:40 -04:00
Yosuke Yasuda a2b999dfca Fixed #25108 -- Fixed a test which failed on Pillow 2.9+ 2015-07-13 14:58:44 -04:00
Anssi Kääriäinen 76ac07a909 Refs #24090 -- Added a test for multi-table inheritance + subqueries.
Ticket #24090 was already fixed by
b68212f539, this commit adds tests to
verify this is indeed the case.

Thanks to Beauhurst for commissioning the work on this ticket.
2015-07-13 13:13:54 -04:00
Ben Spaulding 915ef79b08 Fixed #25115 -- Made admindocs view bookmarklet reverse the URL rather than hardcode it. 2015-07-13 12:44:37 -04:00
Anssi Kääriäinen 6f403056f0 Fixed #24923 -- errored out nicely when using aggregates in order_by() 2015-07-13 08:36:25 -04:00
Claude Paroz d72f8862cb Fixed #25072 -- Prevented GDALRaster memory to be uncollectable
Setting GDALRaster.bands as a cached property was creating a circular
reference with objects having __del__ methods, which means the memory
could never be freed.
Thanks Daniel Wiesmann for the report and test, and Tim Graham for the review.
2015-07-10 19:56:17 +02:00
darkryder f675afa13c Fixed #25093 -- Added utils.datastructures.OrderedSet.__len__() 2015-07-09 21:20:52 -04:00
Simon Charette 11e6bf9bdf Fixed a CaptureQueriesContext usage in queries tests. 2015-07-09 16:00:53 -04:00
Simon Charette 3b0cdb1410 Added a regression test for get() ordering clearing. 2015-07-09 16:00:52 -04:00
Simon Charette 07577a2d05 Fixed #25081 -- Prevented DISTINCT ON ordering from being cleared in get().
Thanks to pdewacht for the patch.
2015-07-09 16:00:52 -04:00
Shai Berger 17d3a6d804 Fixed catastrophic backtracking in URLValidator.
Thanks João Silva for reporting the problem and Tim Graham for finding the
problematic RE and for review.

This is a security fix; disclosure to follow shortly.
2015-07-08 15:23:03 -04:00
Tim Graham 014247ad19 Prevented newlines from being accepted in some validators.
This is a security fix; disclosure to follow shortly.

Thanks to Sjoerd Job Postmus for the report and draft patch.
2015-07-08 15:23:03 -04:00
Carl Meyer df049ed77a Fixed #19324 -- Avoided creating a session record when loading the session.
The session record is now only created if/when the session is modified. This
prevents a potential DoS via creation of many empty session records.

This is a security fix; disclosure to follow shortly.
2015-07-08 15:23:03 -04:00
Andriy Sokolovskiy 13dca01af0 Replaced try..except blocks by context manager in custom lookups tests 2015-07-07 12:03:58 -04:00
David Wolever 0d71349773 Fixed #22804 -- Added warning for unsafe value of 'sep' in Signer
Thanks Jaap Roes for completing the patch.
2015-07-07 11:44:37 -04:00
Tim Graham 6bd8462380 Refs #23658 -- Fixed dbshell tests on Windows. 2015-07-06 16:17:56 -04:00
Alexey Sveshnikov bc98bc56a5 Fixed #25059 -- Allowed Punycode TLDs in URLValidator 2015-07-06 15:08:43 -04:00