Commit Graph

163 Commits

Author SHA1 Message Date
Mariusz Felisiak 1760ad4e8c
Relaxed some query ordering assertions in various tests.
It accounts for differences seen on MySQL with MyISAM storage engine.
2022-04-14 12:12:13 +02:00
Mariusz Felisiak 93cae5cb2f Fixed CVE-2022-28346 -- Protected QuerySet.annotate(), aggregate(), and extra() against SQL injection in column aliases.
Thanks Splunk team: Preston Elder, Jacob Davis, Jacob Moore,
Matt Hanson, David Briggs, and a security researcher: Danylo Dmytriiev
(DDV_UA) for the report.
2022-04-11 08:59:33 +02:00
Luke Plant 40b8a6174f Fixed #33397 -- Corrected resolving output_field for DateField/DateTimeField/TimeField/DurationFields.
This includes refactoring of CombinedExpression._resolve_output_field()
so it no longer uses the behavior inherited from Expression of guessing
same output type if argument types match, and instead we explicitly
define the output type of all supported operations.

This also makes nonsensical operations involving dates
(e.g. date + date) raise a FieldError, and adds support for
automatically inferring output_field for cases such as:
* date - date
* date + duration
* date - duration
* time + duration
* time - time
2022-03-31 11:05:23 +02:00
Luke Plant 04ad0f26ba Refs #33397 -- Added extra tests for resolving an output_field of CombinedExpression. 2022-03-30 11:03:48 +02:00
Ryan Heard c6b4d62fa2 Fixed #29865 -- Added logical XOR support for Q() and querysets. 2022-03-04 12:55:37 +01:00
Mariusz Felisiak 7119f40c98 Refs #33476 -- Refactored code to strictly match 88 characters line length. 2022-02-07 20:37:05 +01:00
django-bot 9c19aff7c7 Refs #33476 -- Reformatted code with Black. 2022-02-07 20:37:05 +01:00
Mariusz Felisiak 6f185a53a2
Refs #33482 -- Fixed QuerySet selecting and filtering againts negated Exists() with empty queryset.
Regression in b7d1da5a62.
2022-02-07 20:34:21 +01:00
Mariusz Felisiak c5cd878382
Refs #33476 -- Refactored problematic code before reformatting by Black.
In these cases Black produces unexpected results, e.g.

def make_random_password(
    self,
    length=10,
    allowed_chars='abcdefghjkmnpqrstuvwxyz' 'ABCDEFGHJKLMNPQRSTUVWXYZ' '23456789',
):

or

cursor.execute("""
SELECT ...
""",
    [table name],
)
2022-02-03 11:20:46 +01:00
Simon Charette b7d1da5a62 Fixed #33482 -- Fixed QuerySet filtering againts negated Exists() with empty queryset.
Thanks Tobias Bengfort for the report.
2022-02-02 07:54:19 +01:00
My-Name-Is-Nabil f37face331 Fixed #33435 -- Fixed invalid SQL generatered by Subquery.as_sql(). 2022-01-17 09:00:46 +01:00
Allen Jonathan David 28c98d4113 Fixed #33216 -- Simpilified deconstructed paths for some expressions. 2022-01-07 11:19:29 +01:00
Keryn Knight 0ed2919814 Fixed #33406 -- Avoided creation of MaxLengthValidator(None) when resolving Value.output_field for strings.
This brings the behaviour in line with Field subclasses which append to
the validators within __init__(), like BinaryField, and prevents the
creation of a validator which incorrectly throws a TypeError, if it
were used.
2022-01-04 05:51:00 +01:00
Keryn Knight b894199eb0 Refs #33406 -- Added test for not creating broken validators when resolving Value.output_field. 2022-01-04 05:51:00 +01:00
Adam Johnson a8fa3e5cd7 Refs #33355 -- Added missing tests for database functions and expression on null values. 2021-12-22 11:46:18 +01:00
Matthijs Kooijman 1a5023883b Fixed #33257 -- Fixed Case() and ExpressionWrapper() with decimal values on SQLite. 2021-11-08 18:02:56 +01:00
Hasan Ramezani c069ee0b9d Fixed #33224 -- Removed DatabaseFeatures.supports_mixed_date_datetime_comparisons. 2021-11-02 07:30:38 +01:00
Tim Graham cbd9f8531d
Removed duplicated lines in test_in_lookup_allows_F_expressions_and_expressions_for_datetimes(). 2021-10-26 07:22:20 +02:00
Adam Johnson 45f48ed4f7 Made F deconstruction omit 'expressions' in the path. 2021-10-21 09:40:52 +02:00
Mariusz Felisiak e703b152c6
Fixed #32793 -- Fixed loss of precision for temporal operations with DecimalFields on MySQL.
Regression in 1e38f1191d.

Thanks Mohsen Tamiz for the report.
2021-06-01 15:11:42 +02:00
Mariusz Felisiak f0a9413bd2 Refs #24121 -- Improved Value.__repr__(). 2021-05-24 07:26:53 +02:00
Mariusz Felisiak 3f6d4e22f8 Fixed typo in tests/expressions/tests.py. 2021-05-24 07:26:53 +02:00
Simon Charette 96f55ccf79 Fixed #32714 -- Prevented recreation of migration for Meta.ordering with OrderBy expressions.
Regression in c8b6594305.

Thanks Kevin Marsh for the report.
2021-05-05 08:43:57 +02:00
Tobias Bengfort 54e94640ac Refs #25287 -- Added support for multiplying and dividing DurationField by scalar values on SQLite. 2021-04-20 11:44:41 +02:00
Hasan Ramezani ed0cc52dc3 Fixed #32585 -- Fixed Value() crash with DecimalField on SQLite. 2021-03-29 06:22:36 +02:00
Jonathan Richards 00b0786de5 Fixed #32548 -- Fixed crash when combining Q() objects with boolean expressions. 2021-03-17 21:53:39 +01:00
Mariusz Felisiak 54f60bc85d Refs #32548 -- Added tests for passing conditional expressions to Q(). 2021-03-17 21:53:36 +01:00
Hasan Ramezani f2bef2b7bc Fixed #32455 -- Allowed right combining Q() with boolean expressions. 2021-02-18 22:20:36 +01:00
Mariusz Felisiak efce21497c Refs #32455 -- Added tests for left combining an empty Q() with boolean expressions. 2021-02-18 22:19:56 +01:00
Mariusz Felisiak b989d21336
Refs #26602 -- Added tests for aggregating over a RawSQL() annotation.
Fixed in 3f32154f40.

Thanks Manav Agarwal for initial test.
2021-01-26 10:59:05 +01:00
Mariusz Felisiak 5e33ec80d1 Refs #30158 -- Made alias argument required in signature of Expression.get_group_by_cols() subclasses.
Per deprecation timeline.
2021-01-14 17:50:04 +01:00
Hasan Ramezani 275dd4ebba
Fixed #32178 -- Allowed database backends to skip tests and mark expected failures.
Co-authored-by: Tim Graham <timograham@gmail.com>
2020-12-10 18:00:57 +01:00
Ian Foote 8b040e3cbb Fixed #25534, Fixed #31639 -- Added support for transform references in expressions.
Thanks Mariusz Felisiak and Simon Charette for reviews.
2020-11-27 20:42:04 +01:00
Hasan Ramezani 3f7b327562 Fixed #31235 -- Made assertQuerysetEqual() compare querysets directly.
This also replaces assertQuerysetEqual() to
assertSequenceEqual()/assertCountEqual() where appropriate.

Co-authored-by: Peter Inglesby <peter.inglesby@gmail.com>
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2020-11-06 09:24:50 +01:00
Adam Johnson a56586eafe Fixed #32134 -- Fixed crash of __range lookup with namedtuple.
Regression in 8be79984dc.

Thanks Gordon Wrigley for the report.
2020-10-23 18:01:31 +02:00
Tim Graham afcad0f1b1
Relaxed some query ordering assertions in expressions tests.
It accounts for differences seen on CockroachDB.
2020-10-19 19:21:31 +02:00
Nick Pope 06c5d3fafc Fixed #32060 -- Added Random database function. 2020-10-02 06:58:03 +02:00
Simon Charette 38fce49c82 Fixed #31919 -- Resolved output_field of IntegerField subclasses combinations. 2020-08-31 06:42:40 +02:00
Simon Charette 40894f2967 Refs #30446 -- Added tests for resolving output_field of CombinedExpression. 2020-08-31 06:40:39 +02:00
Simon Charette 51297a9232 Fixed #31792 -- Made Exists() reuse QuerySet.exists() optimizations.
The latter is already optimized to limit the number of results, avoid
selecting unnecessary fields, and drop ordering if possible without
altering the semantic of the query.
2020-08-13 14:10:36 +02:00
Simon Charette 156a2138db Refs #30446 -- Removed unnecessary Value(..., output_field) in docs and tests. 2020-07-15 10:58:38 +02:00
Simon Charette 1e38f1191d Fixed #30446 -- Resolved Value.output_field for stdlib types.
This required implementing a limited form of dynamic dispatch to combine
expressions with numerical output. Refs #26355 should eventually provide
a better interface for that.
2020-07-15 10:58:29 +02:00
Simon Charette f783a99072 Refs #25425 -- Allowed unresolved Value() instances to be compiled.
Previously unresolved Value() instances were only allowed to be
compiled if they weren't initialized with an output_field.

Given the usage of unresolved Value() instances is relatively common in
as_sql() overrides it's less controversial to add explicit support for
this previously undefined behavior now and revisit whether or not it
should be deprecated in the future.
2020-07-14 07:20:20 +02:00
Sergey Fedoseev 9d519d3dc4 Fixed #31755 -- Made temporal subtraction resolve output field. 2020-07-01 23:02:27 +02:00
Sergey Fedoseev ed6b14d459
Refs #28621 -- Fixed crash of annotations with nested OuterRef. 2020-07-01 11:01:46 +02:00
Sergey Fedoseev dd5aa8cb5f Fixed #28925 -- Fixed durations-only expressions crash on SQLite and MySQL.
This removes also unused DatabaseOperations.date_interval_sql().
2020-06-30 07:04:55 +02:00
Mariusz Felisiak aeb8996a67 Fixed #31659 -- Made ExpressionWrapper preserve output_field for combined expressions.
Regression in df32fd42b8.

Thanks Simon Charette for the review.
2020-06-12 07:20:06 +02:00
Thodoris Sotiropoulos df32fd42b8 Fixed #31651 -- Made ExpressionWrapper use grouping columns from wrapped expression. 2020-06-03 07:29:41 +02:00
Mariusz Felisiak a125da6a7c Fixed #31607 -- Fixed evaluated Subquery equality.
Regression in 691def10a0.
2020-05-19 22:44:57 +02:00
Nick Pope 8f10ceaa90 Changed `'%s' % value` pattern to `str(value)`. 2020-05-04 08:27:18 +02:00