Commit Graph

934 Commits

Author SHA1 Message Date
Vajrasky Kok 7e2d61a972 Fixed #21380 -- Added a way to set different permission for static directories.
Previously when collecting static files, the directories would receive permissions
from the global umask. Now the default permission comes from FILE_UPLOAD_DIRECTORY_PERMISSIONS
and there's an option to specify the permissions by subclassing any of the
static files storage classes and setting the directory_permissions_mode parameter.
2013-11-29 08:01:30 -05:00
Claude Paroz 34b8a38558 Fixed #21496 -- Fixed crash when GeometryField uses TextInput
Thanks Rhett Garber for the report and initial patch.
2013-11-28 18:29:02 +01:00
Loic Bistuer ecd8556589 Fixed typo in release notes. 2013-11-28 01:37:21 +07:00
Loic Bistuer f450bc9f44 Added a bulk option to RelatedManager remove() and clear() methods
Refs #21169
2013-11-27 19:45:22 +02:00
Loic Bistuer 17c3997f68 Fixed #21169 -- Reworked RelatedManager methods use default filtering
The `remove()` and `clear()` methods of the related managers created by
`ForeignKey`, `GenericForeignKey`, and `ManyToManyField` suffered from a
number of issues. Some operations ran multiple data modifying queries without
wrapping them in a transaction, and some operations didn't respect default
filtering when it was present (i.e. when the default manager on the related
model implemented a custom `get_queryset()`).

Fixing the issues introduced some backward incompatible changes:

- The implementation of `remove()` for `ForeignKey` related managers changed
  from a series of `Model.save()` calls to a single `QuerySet.update()` call.
  The change means that `pre_save` and `post_save` signals aren't called anymore.

- The `remove()` and `clear()` methods for `GenericForeignKey` related
  managers now perform bulk delete so `Model.delete()` isn't called anymore.

- The `remove()` and `clear()` methods for `ManyToManyField` related
  managers perform nested queries when filtering is involved, which may
  or may not be an issue depending on the database and the data itself.

Refs. #3871, #21174.

Thanks Anssi Kääriäinen and Tim Graham for the reviews.
2013-11-27 19:44:18 +02:00
Claude Paroz 384816fccb Fixed #21448 -- Fixed test client logout with cookie-based sessions
Thanks Gunnar Scherf for the report and the suggested patch.
2013-11-26 20:41:51 +01:00
Simon Charette eb38257e51 Fixed #21391 -- Allow model signals to lazily reference their senders. 2013-11-24 17:51:22 -05:00
Claude Paroz 42fef29446 Fixed #21486 -- Prevented settings config in signal connection
This was particularly problematic in the chain get_wsgi_application
-> db.connections import -> signal connection -> settings configuration.
Thanks Jon Dufresne for the report.
2013-11-23 18:47:47 +01:00
Florian Apolloner e112654fc8 Fixed #21200 -- Consistantly raise errors across all cache backends.
Thanks to tchaumeny for the patch.
2013-11-23 17:50:28 +01:00
Ramiro Morales 62b393c5ae Fixed #21488 -- Multiple locales treatment in i18n commands.
Removed multiple locales separated by commas variation (that wasn't
working as documented) in favor of simply allowing use of the
``--locale``/``-l`` options more than once for ``makemessages`` and
``compilemessages``.

Thanks Romain Beylerian for the report and Claude, Simon for their help.

8750296918 from stable/1.6.x.
2013-11-23 11:53:47 -03:00
Curtis Maloney ffc37e2343 Fixed #21012 -- New API to access cache backends.
Thanks Curtis Malony and Florian Apolloner.

Squashed commit of the following:

commit 3380495e93
Author: Aymeric Augustin <aymeric.augustin@m4x.org>
Date:   Sat Nov 23 14:18:07 2013 +0100

    Looked up the template_fragments cache at runtime.

commit 905a74f52b
Author: Aymeric Augustin <aymeric.augustin@m4x.org>
Date:   Sat Nov 23 14:19:48 2013 +0100

    Removed all uses of create_cache.

    Refactored the cache tests significantly.

    Made it safe to override the CACHES setting.

commit 35e289fe92
Author: Aymeric Augustin <aymeric.augustin@m4x.org>
Date:   Sat Nov 23 12:23:57 2013 +0100

    Removed create_cache function.

commit 8e274f747a
Author: Aymeric Augustin <aymeric.augustin@m4x.org>
Date:   Sat Nov 23 12:04:52 2013 +0100

    Updated docs to describe a simplified cache backend API.

commit ee7eb0f73e
Author: Curtis Maloney <curtis@tinbrain.net>
Date:   Sat Oct 19 09:49:24 2013 +1100

    Fixed #21012 -- Thread-local caches, like databases.
2013-11-23 15:06:59 +01:00
Claude Paroz 1718b5256c Fixed #21405 -- Prevented queryset overwrite in BaseModelAdmin
Thanks guido@20tab.com for the report and Tim Graham for the
analyze.
2013-11-21 22:18:52 +01:00
Claude Paroz fafb6cf049 Fixed #21472 -- Fixed inline formsets display when parent pk is 0
Thanks agale031176@gmail.com for the report.
2013-11-20 21:36:20 +01:00
Unai Zalakain 4fdd51b732 Fixed #15179 -- middlewares not applied for test client login()
Requests made with django.test.Client.login() and logout() respect
defaults defined in django.test.Client instantiation and are processed
through middleware.

Thanks to Loic for the reviews.
2013-11-19 09:04:20 +02:00
Claude Paroz 97ac22ebfc Fixed #21457 -- Allowed fixture file name to contain dots
Thanks Keryn Knight for the report.
2013-11-18 20:32:13 +01:00
Claude Paroz a0f3eeccf3 Fixed #21397 -- Re-added flexibility to TypedChoiceField coercion
Thanks Elec for the report and Simon Charette for the review.
2013-11-18 18:24:56 +01:00
Claude Paroz 4a00f132e0 Added release note for TypedChoiceField coerce limitation
Thanks Elec for the report and Simon Charette for the review.
Refs #21397.
2013-11-18 18:08:59 +01:00
Tim Graham ba63b9895b Fixed #21240 -- Added 1.5 release note for OneToOneField/select_related change.
Thanks marcin at sokrates.pl.
2013-11-18 09:32:25 -05:00
Tim Graham ffdae5b66d Fixed #21404 -- Added session.set_expiry() note to 1.6 release notes.
Thanks pwr for the suggestion.
2013-11-18 07:58:43 -05:00
Claude Paroz 2b7fc36295 Updated 1.6.1 release notes
Partial forward port of e85baa813f.
2013-11-17 21:22:06 +01:00
Anssi Kääriäinen 0e079e4331 Fixed #21428 -- editable GenericRelation regression
The GenericRelation refactoring removed GenericRelations from
model._meta.many_to_many. This had the side effect of disallowing
editable GenericRelations in ModelForms. Editable GenericRelations
aren't officially supported, but if we don't fix this we don't offer any
upgrade path for those who used the ability to set editable=True
in GenericRelation subclass.

Thanks to Trac alias joshcartme for the report and stephencmd and Loic
for working on this issue.
2013-11-16 20:07:35 +02:00
Baptiste Mispelon 8e6d1b9792 Added backported fixes to 1.6.1 release notes. 2013-11-14 23:13:20 +01:00
Anssi Kääriäinen 4301d6fa36 Release notes for ORM changes in 1.6 2013-11-14 18:03:53 +02:00
Tim Graham 94d567ba30 Added release note for #21410; thanks Loic. 2013-11-13 12:24:15 -05:00
Claude Paroz 0be7f57a90 Merge pull request #1907 from Bouke/tickets/21388
Fixed #21388 -- Corrected language code for Frisian
2013-11-11 09:33:55 -08:00
Sjoerd Langkemper d87127655f Fixed #21421 -- Added level_tag attribute on messages.
Exposing the level name (e.g. "info") makes it possible to prepend
something to the class name. For example, Twitter Bootstrap has
an alert-info class. This class can now be added to the message
using `class="alert-{{ message.level_tag }}".
Because the level_tag was on the end of the `tags` property, it
could not be used in this fashion when extra_tags were given.
2013-11-11 17:58:02 +01:00
Bouke Haarsma 4142d15102 Fixed #21388 -- Corrected language code for Frisian 2013-11-11 13:34:01 +01:00
Bouke Haarsma 9b7455e918 Fixed #21351 -- Replaced memoize with Python's lru_cache.
Replaced the custom, untested memoize with a similar decorator from Python's
3.2 stdlib. Although some minor performance degradation (see ticket), it is
expected that in the long run lru_cache will outperform memoize once it is
implemented in C.

Thanks to EvilDMP for the report and Baptiste Mispelon for the idea of
replacing memoize with lru_cache.
2013-11-11 08:53:09 +01:00
Claude Paroz e7383f16b4 Fixed #14800 -- Suppressed WSGIRequestHandler message filtering
Filtering out static file requests in runserver has been judged
arbitrary and can hide some debugging-related activity.
Thanks Roy Smith for the report and Aymeric Augustin for the
review.
2013-11-09 16:23:14 +01:00
Tim Graham 98de90d3d8 Fixed spelling of compatibility. 2013-11-09 10:17:17 -05:00
Tim Graham d15985d81f Fixed #21398 -- Fixed BCryptSHA256PasswordHasher with py-bcrypt and Python 3.
Thanks arjan at anymore.nl for the report.
2013-11-09 10:11:50 -05:00
Claude Paroz bc21e9c0d9 Fixed #13970 -- Made SelectDateWidget use the standard widget is_required attribute
Thanks mitar for the report and Tim Graham for the review.
2013-11-08 16:58:17 +01:00
Baptiste Mispelon f2e0266be7 Fixed #21396: Document backwards-incompatible change in RedirectView.get_redirect_url.
Thanks to Tim for the review.
2013-11-08 10:47:36 +01:00
Bouke Haarsma 7a7c789d5a Fixed #5849 -- Strip whitespace from blocktrans
Add the trimmed option to the blocktrans tag to trim any newlines and
whitespace from its content.

This allows the developer to indent the blocktrans tag without adding
new lines and whitespace to the msgid in the PO file.

Thanks to mpessas for the initial patch and Dmitri Fedortchenko for the
report.
2013-11-08 00:52:17 +02:00
Anssi Kääriäinen 30203a0dea Merge pull request #1850 from unaizalakain/ticket_13725
Fixed #13725 -- take url scheme into account in assertRedirects

Thanks to Loic for review.
2013-11-07 14:30:04 -08:00
Unai Zalakain 9c5f6cd565 Fixed #13725 -- take url scheme into account in assertRedirects
Scheme is handled correctly when making comparisons between two URLs. If
there isn't any scheme specified in the location where we are redirected to,
the original request's scheme is used. If present, the scheme in
``expected_url`` is the one used to make the comparations to.
2013-11-07 19:06:32 +01:00
Tim Graham c29dd76f40 Added 1.4.10 release notes. 2013-11-07 09:42:25 -05:00
Loic Bistuer f51c1f5900 Fixed #17001 -- Custom querysets for prefetch_related.
This patch introduces the Prefetch object which allows customizing prefetch
operations.

This enables things like filtering prefetched relations, calling select_related
from a prefetched relation, or prefetching the same relation multiple times
with different querysets.

When a Prefetch instance specifies a to_attr argument, the result is stored
in a list rather than a QuerySet. This has the fortunate consequence of being
significantly faster. The preformance improvement is due to the fact that we
save the costly creation of a QuerySet instance.

Thanks @akaariai for the original patch and @bmispelon and @timgraham
for the reviews.
2013-11-07 14:49:49 +02:00
Aymeric Augustin ae029b440a 1.6 isn't under development any more.
Partial forward port of a71ff76 from stable/1.6.x.
2013-11-07 08:17:17 +01:00
Aymeric Augustin c349bcbdf9 Improved English in release notes for runserver.
Thanks Tim.
2013-11-05 21:02:33 +01:00
Bouke Haarsma e5e044da87 Fixed #18419 -- Full backwards compatibility for old language codes
Improved documentation about zh-* deprecation and upgrade path.

Thanks to Baptiste Mispelon for the code reviews.
2013-11-05 19:26:58 +01:00
Aymeric Augustin da235c9a84 Improved changelog for runserver in 1.7. 2013-11-04 23:29:09 +01:00
Bouke Haarsma c0a2388a1c Fixed #18149 -- Changed language codes for Chinese
Language codes for Chinese are zh_Hans (Simplified) and zh_Hant (Traditional).
Added support for browsers that still send the deprecated language codes.

Thanks to Olli Wang for the report.
2013-11-04 23:03:28 +01:00
Bouke Haarsma 9367b9e828 Django should be capitalized in text 2013-11-02 20:15:40 +01:00
Unai Zalakain 99b681e227 Fixed #21341 -- Eased https requests with the test client
All request methods of ``django.test.client.Client`` receive a ``secure``
argument that defaults to ``False`` indicating whether or not to make the
request through https.
Thanks Aymeric Augustin for the review.
2013-11-02 19:03:13 +01:00
Bouke Haarsma c3936c0d79 Fixed #9523 -- Restart runserver after translation MO files change
Thanks to Krzysztof Kulewski for the initial patch.
2013-11-02 10:29:07 +01:00
Claude Paroz 0d9c149990 Fixed #21339 -- Documented removal of some form field error messages 2013-10-31 17:52:06 +01:00
Unai Zalakain 15f82c7011 Fixed #9722 - used pyinotify as change detection system when available
Used pyinotify (when available) to replace the "pool-every-one-second"
mechanism in `django.utils.autoreload`.

Thanks Chris Lamb and Pascal Hartig for work on the patch.
2013-10-30 11:45:43 -04:00
Baptiste Mispelon 9fde42a69a Fixed #20610: Added a message level dict to contrib.message context processor. 2013-10-30 13:54:07 +01:00
Tim Graham b47a052eb5 Documented removal of django.core.servers.basehttp.WSGIServerException
refs 2ca00faa91
2013-10-30 07:46:07 -04:00
Unai Zalakain fd219fa24c Fixed #8261 -- ModelAdmin hook for customising the "show on site" button
``ModelAdmin.view_on_site`` defines wether to show a link to the object on the
admin detail page. If ``True``, cleverness (i.e. ``Model.get_absolute_url``) is
used to get the url. If it's a callable, the callable is called with the object
as the only parameter. If ``False``, not link is displayed.

With the aim of maitaining backwards compatibility, ``True`` is the default.
2013-10-29 17:10:12 -04:00
Paolo Melchiorre 3b0293370a Fixed typo in docs/releases/1.4.9.txt. 2013-10-25 07:55:05 -04:00
SusanTan 4e0a2fe59c Fixed #21271 -- Added timeout parameter to SMTP EmailBackend.
Thanks Tobias McNulty and Tim Graham for discussions and code review.
Thanks Andre Cruz the suggestion and initial patch.
2013-10-24 20:38:00 -04:00
Vajrasky Kok 9eecb91695 Fixed #21219 -- Added a way to set different permission for static files.
Previously, when collecting static files, the files would receive permission
from FILE_UPLOAD_PERMISSIONS. Now, there's an option to give different
permission from uploaded files permission by subclassing any of the static
files storage classes and setting the file_permissions_mode parameter.

Thanks dblack at atlassian.com for the suggestion.
2013-10-24 17:40:01 -04:00
Curtis Maloney 8688f03eef Fixed #20945 -- Allowed cache tag to use a specific cache. 2013-10-23 19:27:08 -04:00
Tim Graham 4ce5c119b5 Bumped release date for 1.5.5 & 1.4.9. 2013-10-23 18:28:41 -04:00
Collin Anderson d72059c2ae typo on 1.7 release notes 2013-10-23 10:56:13 -04:00
Tim Graham 2eb8f15516 Added 1.5.5 and 1.4.9 release notes 2013-10-22 17:41:10 -04:00
Florian Hahn 5240b83462 Fixed #17027 -- Added support for the power operator in F expressions.
Thanks dan at dlo.me for the initial patch.

- Added __pow__ and __rpow__ to ExpressionNode
- Added oracle and mysql specific power expressions
- Added used-defined power function for sqlite
2013-10-22 10:29:57 -04:00
Bouke Haarsma 0d0f4f020a Fixed #5789 -- Changed LocaleMiddleware session variable to '_language'.
The old 'django_language' variable will still be read from in order
to migrate users. The backwards-compatability shim will be removed in
Django 1.8.

Thanks to jdunck for the report and stugots for the initial patch.
2013-10-22 09:24:42 -04:00
Tim Graham 28b70425af Added docs for the hasher's iteration count changes. 2013-10-21 20:32:02 +02:00
Tim Graham 651bb73ab3 Fixed ReST error in 1.6. release notes. 2013-10-18 08:47:28 -04:00
Tim Graham d97bec5ee3 Removed 1.6 release note text regarding password limit length.
This changed was reverted in 5d74853e15.
2013-10-17 18:58:24 -04:00
Bouke Haarsma 2fb5a51fa3 Fixed #18659 -- Deprecated request.REQUEST and MergeDict
Thanks Aymeric Augustin for the suggestion.
2013-10-17 09:42:28 -04:00
Marc Tamlyn 349c12d3f5 Fixed #16855 -- select_related() chains as expected.
select_related('foo').select_related('bar') is now equivalent to
select_related('foo', 'bar').

Also reworded docs to recommend select_related(*fields) over select_related()
2013-10-15 15:59:36 +01:00
Unai Zalakain c7634cd7fe Fixed #7603 -- Added a 'scheme' property to the HttpRequest object
`HttpRequest.scheme` is `https` if `settings.SECURE_PROXY_SSL_HEADER` is
appropriately set and falls back to `HttpRequest._get_scheme()` (a hook
for subclasses to implement) otherwise.

`WSGIRequest._get_scheme()` makes use of the `wsgi.url_scheme` WSGI
environ variable to determine the request scheme.

`HttpRequest.is_secure()` simply checks if `HttpRequest.scheme` is
`https`.

This provides a way to check the current scheme in templates, for example.
It also allows us to deal with other schemes.

Thanks nslater for the suggestion.
2013-10-15 09:04:12 -04:00
Loic Bistuer b16dd1fe01 Fixed #8620 -- Updated the Form metaclass to support excluding fields by shadowing them. 2013-10-14 22:42:33 +07:00
Loic Bistuer ac5ec7b8bc Fixed #19617 -- Refactored Form metaclasses to support more inheritance scenarios.
Thanks apollo13, funkybob and mjtamlyn for the reviews.
2013-10-14 21:59:30 +07:00
Claude Paroz 1e8eadc94e Fixed #15888 -- Made tablename argument of createcachetable optional
Thanks Aymeric Augustin for the report and the documentation and
Tim Graham for the review.
2013-10-14 13:24:40 +02:00
Claude Paroz 21c2bfdff3 Updated OpenLayers version from 2.11 to 2.13 2013-10-12 18:08:07 +02:00
Tai Lee e527c0b6d8 Fixed #13252 -- Added ability to serialize with natural primary keys.
Added ``--natural-foreign`` and ``--natural-primary`` options and
deprecated the ``--natural`` option to the ``dumpdata`` management
command.

Added ``use_natural_foreign_keys`` and ``use_natural_primary_keys``
arguments and deprecated the ``use_natural_keys`` argument to
``django.core.serializers.Serializer.serialize()``.

Thanks SmileyChris for the suggestion.
2013-10-11 12:52:57 -04:00
Tim Graham 945e033a69 Fixed #8918 -- Made FileField.upload_to optional.
Thanks leahculver for the suggestion and dc and vajrasky for work
on the patch.
2013-10-11 08:07:25 -04:00
Tim Graham 1dae4ac177 Whitespace cleanup.
* Removed trailing whitespace.
* Added newline to EOF if missing.
* Removed blank lines at EOF.
* Removed some stray tabs.
2013-10-10 16:49:20 -04:00
Russell Keith-Magee ddb53856b6 Fixed #21164 -- Added documentation for issue with test users.
The package renaming restores the older package names (which were also the
documented package names). This doesn't affect test discovery because the
module in question doesn't contain any tests.

Thanks to Carl for the design discussion.
2013-10-08 10:32:56 +08:00
Ryan Kaskel 8b0014869f Fixed #19321 -- Allowed redirect middleware HTTP responses to be overridden.
Thanks Melevir for the suggestion.
2013-10-04 07:36:39 -04:00
Emil Stenström 7a97df190c Fixed #19277 -- Added LocaleMiddleware.response_redirect_class
Thanks ppetrid at yawd.eu for the suggestion.
2013-10-03 16:15:29 -04:00
Simon Charette fa2e1371cd Fixed #21216 -- Allow `OneToOneField` reverse accessor to be hidden. 2013-10-03 13:20:05 -04:00
Baptiste Mispelon e1b7723817 Changed the doc to use gender-neutral pronouns when possible. 2013-10-02 16:41:04 +02:00
Ramiro Morales 1d0fc61b1c Fixed #15185 -- Allowed ModelAdmin.list_display_links=None to disable change list links.
Thanks rm_ for the suggestion.
2013-10-01 14:25:54 -04:00
Michael Manfre bf757a2f4d Fixed #21147 -- Avoided time.time precision issue with cache backends.
The precision of time.time() is OS specific and it is possible for the
resolution to be low enough to allow reading a cache key previously set
with a timeout of 0.
2013-10-01 13:42:59 -04:00
Russell Keith-Magee 9595183d03 Fixed #13724: Corrected routing of write queries involving managers.
Previously, if a database request spanned a related object manager, the
first manager encountered would cause a request to the router, and this
would bind all subsequent queries to the same database returned by the
router. Unfortunately, the first router query would be performed using
a read request to the router, resulting in bad routing information being
used if the subsequent query was actually a write.

This change defers the call to the router until the final query is acutally
made.

It includes a small *BACKWARDS INCOMPATIBILITY* on an edge case - see the
release notes for details.

Thanks to Paul Collins (@paulcollinsiii) for the excellent debugging
work and patch.
2013-09-30 13:05:43 +08:00
Erik Romijn 1a63092981 Fixed #20439 -- Started deprecation of IPAddressField 2013-09-28 10:55:32 +02:00
Michael Manfre 99c87f1410 Fixed #17671 - Cursors are now context managers. 2013-09-25 21:47:26 +03:00
Loic Bistuer 04a2a6b0f9 Fixed #3871 -- Custom managers when traversing reverse relations. 2013-09-25 21:15:59 +03:00
Ramiro Morales bebb449ac3 Added docs for changes in commit dd3a883894.
Refs #20693.
2013-09-22 15:43:27 -03:00
Rogério Yokomizo 1b4b710355 Fixed #21141 -- Update Sphinx URL
Updated Sphinx URL from http://sphinx.pocoo.org/ to http://sphinx-doc.org/.
2013-09-22 14:44:09 -03:00
tschilling 0d1ba84d13 Fixed #20702 -- Deprecated get_formsets in favor of get_formsets_with_inlines.
Thanks stanislas.guerra at gmail.com for the report.
2013-09-20 07:47:24 -04:00
Paul McMillan f8f47718ab Merge pull request #1644 from PaulMcMillan/bump_hash_iterations
Increase default PBKDF2 iterations
2013-09-19 12:17:56 -07:00
yokomizor df27803a55 Fixed #9532 -- Added min_num and validate_min on formsets.
Thanks gsf for the suggestion.
2013-09-19 13:11:49 -04:00
Paul McMillan a075e2ad0d Increase default PBKDF2 iterations
Increases the default PBKDF2 iterations, since computers have gotten
faster since 2011. In the future, we plan to increment by 10% per
major version.
2013-09-19 18:02:25 +01:00
Curtis Maloney 4e9f800742 Fixed #21125 -- Removed support for cache URI syntax 2013-09-19 10:01:39 -04:00
Russell Keith-Magee 9d3e60aa3e Reworked security issue list to be per-issue, not per-release. 2013-09-19 14:57:01 +08:00
Russell Keith-Magee 8e134c27c9 Corrected markup problems in new security summary page. 2013-09-19 13:57:02 +08:00
Alex Gaynor 8b3bae9466 Fixed two typos in the docs 2013-09-18 23:29:55 -05:00
Alex Gaynor c65ae7c969 Fixed a typo in the docs 2013-09-18 23:26:24 -05:00
James Bennett a2e25e8a83 Fix #21121: Add archive of security issues. 2013-09-18 23:13:04 -05:00
Brian Holdefehr 98514849dc Fixed #19414 -- Added admin registration decorator
Thanks stavros for the suggestion.
2013-09-18 11:44:10 -04:00
Berker Peksag 2f0566fa61 Fixed #4278 -- Added a dirs parameter to a few functions to override TEMPLATE_DIRS.
* django.template.loader.get_template()
* django.template.loader.select_template()
* django.shortcuts.render()
* django.shortcuts.render_to_response()

Thanks amcnabb for the suggestion.
2013-09-18 07:37:08 -04:00
Tim Graham 18ffdb1772 Fixed #17627 -- Renamed util.py files to utils.py
Thanks PaulM for the suggestion and Luke Granger-Brown and
Wiktor Kołodziej for the initial patch.
2013-09-16 12:52:05 -04:00
Tim Graham 8d29005524 Cleaned up 1.5.4/1.4.8 release notes 2013-09-15 14:14:26 -04:00
Russell Keith-Magee aae5a96d57 Ensure that passwords are never long enough for a DoS.
* Limit the password length to 4096 bytes
  * Password hashers will raise a ValueError
  * django.contrib.auth forms will fail validation
* Document in release notes that this is a backwards incompatible change

Thanks to Josh Wright for the report, and Donald Stufft for the patch.

This is a security fix; disclosure to follow shortly.
2013-09-15 13:42:23 +08:00
Tim Graham ec89e1725a Fixed #21100 -- Noted that Create/UpdateViews.fields is new in 1.6
Thanks AndrewIngram for the suggestion.
2013-09-13 09:34:12 -04:00
Matt Austin 9451d8d558 Fixed #21095 -- Documented new requirement for dates lookups.
Day, month, and week_day lookups now require time zone definitions in the database.
2013-09-13 09:56:19 +02:00
Tim Graham baec6a26dd Added 1.4.7/1.5.3 release notes 2013-09-10 21:07:22 -04:00
Juan Catalano 4840fd9cbc Fixed #20919 -- Extended assertRedirects to be able to avoid fetching redirect's response.
Thanks mjtamlyn for the suggestion.
2013-09-10 12:22:55 -04:00
Tim Graham 4ba373840a Fixed #16534 -- Improved ability to customize DiscoverRunner
Added DiscoverRunner.test_suite and .test_runner attributes.

Thanks tomchristie for the suggestion and jcd for the patch.
2013-09-10 09:49:39 -04:00
Romain B. 522d3d6132 Fixed a little mistake in Django 1.7 release notes 2013-09-09 19:02:41 -04:00
Aymeric Augustin ec2778b445 Fixed #17262 -- Refactored tzinfo implementations.
This commit deprecates django.utils.tzinfo in favor of the more recent
django.utils.timezone which was introduced when Django gained support
for time zones.
2013-09-09 22:32:51 +02:00
Kevin Christopher Henry 9d700322b3 Fixed #19885 -- cleaned up the django.test namespace
* override_settings may now be imported from django.test
* removed Approximate from django.test
* updated documentation for things importable from django.test

Thanks akaariai for the suggestion.
2013-09-09 16:03:13 -04:00
Tim Graham 910a5760f6 Improved release notes for ticket #10164
Thanks Aymeric for the suggestions.

refs #10164
2013-09-09 14:22:29 -04:00
Baptiste Mispelon 28a571348b Fix #20745: Don't silence TypeError raised inside templates.
Thanks to robin for the report and claudep for the review.
2013-09-08 22:05:35 +02:00
Aymeric Augustin fa7bc24671 Repositioned two paragraphs in the release notes. 2013-09-08 11:23:37 +02:00
Tim Graham 5ca290f5db Fixed some sphinx errors and added some links. 2013-09-06 16:15:35 -04:00
Adrian Holovaty c7c19ac408 Added new AdminSite attributes to 1.7 release notes 2013-09-06 14:27:40 -05:00
Daniele Procida 263eecc583 Merge pull request #1544 from evildmp/ticket_20920_rebase
Fixed #20920 -- Consolidated F() and Q() documentation
2013-09-06 11:27:58 -07:00
evildmp 79cc66692a Consolidated documentation for F() and Q() 2013-09-06 12:57:25 -05:00
Chris Wilson eade315da1 Fixed #10164 -- Made AutoField increase monotonically on SQLite
Thanks malte for the report.
2013-09-06 12:31:17 -04:00
Preston Timmons 8625c7aab3 Fixed #16096 -- Added origin attribute to template instances.
Thanks jdunck for the suggestion.
2013-09-06 09:14:52 -04:00
Eric Boersma 4d13cc56de Fixed #21035 -- Changed docs to treat the acronym SQL phonetically.
The documentation and comments now all use 'an' to
refer to the word SQL and not 'a'.
2013-09-05 20:14:58 -04:00
CHI Cheng ed9cd4fd8b Fixed #21000 -- Made cached_db session backend respect SESSION_CACHE_ALIAS 2013-09-05 10:47:58 -04:00
Tim Graham 3baf1d1042 Fixed #21002 -- Documented JSON session serialization requires string keys
Thanks jeroen.pulles at redslider.net for the report.
2013-09-03 07:48:03 -04:00
Ramiro Morales e909ceae9b Made django.test.testcases not depend on staticfiles contrib app.
Do this by introducing a django.contrib.staticfiles.testing.StaticLiveServerCase
unittest TestCase subclass.

Fixes #20739.
2013-08-31 11:02:32 -03:00
Curtis Maloney e2f06226ea Improved {% include %} implementation
Merged BaseIncludeNode, ConstantIncludeNode and Include node.

This avoids raising TemplateDoesNotExist at parsing time, allows recursion
when passing a literal template name, and should make TEMPLATE_DEBUG behavior
consistant.

Thanks loic84 for help with the tests.

Fixed #3544, fixed #12064, fixed #16147
2013-08-30 10:36:36 +03:00
Anssi Kääriäinen e973ee6a98 Fixed #20988 -- Added model meta option select_on_save
The option can be used to force pre 1.6 style SELECT on save behaviour.
This is needed in case the database returns zero updated rows even if
there is a matching row in the DB. One such case is PostgreSQL update
trigger that returns NULL.

Reviewed by Tim Graham.

Refs #16649
2013-08-30 09:41:07 +03:00
Tim Graham cf8d6e9108 Fixed #20881 -- Removed contrib.auth.models.AbstractUser.get_absolute_url()
The definition is arbitrary and creates a broken "view on site"
link in the admin if a project doesn't define such a URL.
2013-08-29 06:36:35 -04:00
Curtis Maloney 5cdacbda03 Fixed #17356 -- Allowed {% include %} to render compiled templates
Reviewed by Loic Bistuer and Tim Graham.
2013-08-29 10:22:24 +03:00
Loic Bistuer da800be6dd Fixed #20986 -- Enabled SelectDateWidget to use custom months
Reviewed by Trac alias MarkusH.
2013-08-28 16:39:26 +03:00
Tim Graham 4f7ed3f2d1 Organized 1.7 minor features into subsections. 2013-08-27 09:39:56 -04:00
Erik Romijn fa57266699 Fixed #20972 -- Make messages cookie follow session cookie secure/httponly 2013-08-26 21:34:29 +02:00
Andrew Godwin 5569b0b92f Merge remote-tracking branch 'core/master' into schema-alteration
Conflicts:
	django/db/backends/oracle/base.py
	django/db/backends/postgresql_psycopg2/base.py
	django/db/models/signals.py
	tests/queries/tests.py
2013-08-23 12:36:53 +01:00
Tim Graham b0ce6fe656 Fixed #20922 -- Allowed customizing the serializer used by contrib.sessions
Added settings.SESSION_SERIALIZER which is the import path of a serializer
to use for sessions.

Thanks apollo13, carljm, shaib, akaariai, charettes, and dstufft for reviews.
2013-08-22 13:58:26 -04:00
Anssi Kääriäinen 6af05e7a0f Fixed model.__eq__ and __hash__ for no pk value cases
The __eq__ method now considers two instances without primary key value
equal only when they have same id(). The __hash__ method raises
TypeError for no primary key case.

Fixed #18864, fixed #18250

Thanks to Tim Graham for docs review.
2013-08-22 17:24:07 +03:00
Andrew Godwin b6a957f0ba Merge remote-tracking branch 'core/master' into schema-alteration
Conflicts:
	docs/ref/django-admin.txt
2013-08-19 18:30:48 +01:00
Anssi Kääriäinen 4668c142dc Made Model.__eq__ consider proxy models equivalent
Fixed #11892, fixed #16458, fixed #14492.
2013-08-19 09:51:28 +03:00
James Bennett bc5716fc9c Added release date to 1.5 release notes.
Forwardport of 61283a8208 from 1.5.x
2013-08-15 07:41:18 -04:00
Tim Graham 29255fcb4f Fixed some ReST errors regarding backticks 2013-08-15 07:14:10 -04:00
Jonathan Slenders ff410565bf Fixed #20709 -- Allowed {% widthratio %} to accept an "as" parameter.
Thanks clay.evil@ for the suggestion.
2013-08-14 12:40:19 -04:00
SusanTan 71c491972e Fixed #11400 -- Passed kwargs from AbstractUser.email_user() to send_mail()
Thanks Jug_ for suggestion, john_scott for the initial patch,
and Tim Graham for code review.
2013-08-14 07:46:11 -04:00
Matt Johnson 907ef9d0d1 Fixed #20555 -- Make subwidget id attribute available
In `BoundField.__iter__`, the widget's id attribute is now passed to
each subwidget. A new id_for_label property was added to ChoiceInput.
2013-08-13 13:23:05 -04:00
Tim Graham db682dcc9e Added 1.4.6/1.5.2 release notes. 2013-08-13 11:16:30 -05:00
Loic Bistuer 163a34ce4b Fixed #20883 -- Made model inheritance find parent links in abstract parents 2013-08-13 15:14:11 +03:00
Tim Graham 3f6cc33cff Added missing release notes for older versions of Django 2013-08-12 14:05:25 -04:00
Mel Collins 6bdb3b1135 Fixed #13518 -- Added FILE_UPLOAD_DIRECTORY_PERMISSIONS setting
This setting does for new directories what FILE_UPLOAD_PERMISSIONS
does for new files.

Thanks jacob@ for the suggestion.
2013-08-12 07:15:59 -04:00
Andrew Godwin 7970d97a70 Docs tweaks (thanks timgraham) 2013-08-10 20:00:12 +01:00
ersran9 00d23a13eb Fixed #20828 -- Allowed @permission_required to take a list of permissions
Thanks Giggaflop for the suggestion.
2013-08-10 10:10:18 -04:00
Andrew Godwin 588b523233 Merge remote-tracking branch 'core/master' into schema-alteration
Conflicts:
	django/db/models/options.py
2013-08-09 14:37:37 +01:00
Andrew Godwin 1d1cfd0bd8 Document new field API in release notes 2013-08-09 14:31:24 +01:00
Tim Graham ddae74b64c Fixed #9057 -- Added default_permissions model meta option.
Thanks hvendelbo for the suggestion and koenb for the draft patch.
2013-08-09 09:19:52 -04:00
Andrew Godwin de64c4d6e9 Merge remote-tracking branch 'core/master' into schema-alteration
Conflicts:
	django/core/management/commands/flush.py
	django/core/management/commands/syncdb.py
	django/db/models/loading.py
	docs/internals/deprecation.txt
	docs/ref/django-admin.txt
	docs/releases/1.7.txt
2013-08-09 14:17:30 +01:00
Marc Tamlyn 1c4a9bd9ad Revert change to the default Form.clean()
This means it doesn't break for people who are doing
`cleaned_data = super(FooForm, self).clean()`.
2013-08-08 14:27:48 +01:00