Mariusz Felisiak
1853724aca
Fixed CVE-2020-24584 -- Fixed permission escalation in intermediate-level directories of the file system cache on Python 3.7+.
2020-09-01 09:17:23 +02:00
Mariusz Felisiak
8d7271578d
Fixed CVE-2020-24583, #31921 -- Fixed permissions on intermediate-level static and storage directories on Python 3.7+.
...
Thanks WhiteSage for the report.
2020-09-01 09:17:23 +02:00
Federico Jaramillo Martínez
179d9dc0c2
Fixed #31952 -- Fixed EmptyFieldListFilter crash with reverse relationships.
...
Thanks dacotagh for the report.
2020-08-31 09:28:05 +02:00
Simon Charette
f6405c0b8e
Fixed #31965 -- Adjusted multi-table fast-deletion on MySQL/MariaDB.
...
The optimization introduced in 7acef095d7
did not properly handle
deletion involving filters against aggregate annotations.
It initially was surfaced by a MariaDB test failure but misattributed
to an undocumented change in behavior that resulted in the systemic
generation of poorly performing database queries in 5b83bae031
.
Thanks Anton Plotkin for the report.
Refs #23576 .
2020-08-31 08:11:28 +02:00
Simon Charette
38fce49c82
Fixed #31919 -- Resolved output_field of IntegerField subclasses combinations.
2020-08-31 06:42:40 +02:00
Simon Charette
40894f2967
Refs #30446 -- Added tests for resolving output_field of CombinedExpression.
2020-08-31 06:40:39 +02:00
Mariusz Felisiak
0be51d2226
Fixed #31956 -- Fixed crash of ordering by JSONField with a custom decoder on PostgreSQL.
...
Thanks Marc Debureaux for the report.
Thanks Simon Charette, Nick Pope, and Adam Johnson for reviews.
2020-08-28 19:09:46 +02:00
Mariusz Felisiak
2210539142
Refs #31956 -- Added test for ordering by JSONField with a custom decoder.
2020-08-28 19:09:41 +02:00
Koen De Wit
4c0b4720b0
Fixed #31954 -- Fixed migration optimization for MTI model creation with parent model with mixed case app label.
2020-08-28 13:35:13 +02:00
Kevin Michel
225261b701
Refs #31928 -- Added various middlewares tests for detecting when get_response is coroutine.
2020-08-28 12:33:29 +02:00
Kevin Michel
825ce75fae
Fixed #31928 -- Fixed detecting an async get_response in various middlewares.
...
SecurityMiddleware and the three cache middlewares were not calling
super().__init__() during their initialization or calling the required
MiddlewareMixin._async_check() method.
This made the middlewares not properly present as coroutine and
confused the middleware chain when used in a fully async context.
Thanks Kordian Kowalski for the report.
2020-08-28 12:33:15 +02:00
Kevin Michel
68d7cf4054
Refs #26601 -- Added various middlewares tests for deprecation of passing None as get_response.
2020-08-28 12:33:15 +02:00
Kevin Michel
abbdd3a622
Added tests for cache middlewares constructors.
2020-08-28 10:00:39 +02:00
Mariusz Felisiak
1251772cb8
Fixed #31936 -- Fixed __in lookup on key transforms for JSONField.
...
This resolves an issue on databases without a native JSONField
(MariaDB, MySQL, SQLite, Oracle), where values must be wrapped.
Thanks Sébastien Pattyn for the report.
2020-08-26 22:13:37 +02:00
Jeremy Lainé
9c92924cd5
Fixed #31942 -- Made settings cleansing work with dictionary settings with non-string keys.
2020-08-26 11:59:37 +02:00
Kaustubh
b9be11d442
Fixed #31918 -- Allowed QuerySet.in_bulk() to fetch on a single distinct field.
2020-08-26 09:43:39 +02:00
Michael Galler
547a07fa7e
Fixed #31905 -- Made MiddlewareMixin call process_request()/process_response() with thread sensitive.
...
Co-authored-by: Carlton Gibson <carlton.gibson@noumenal.es>
2020-08-26 07:13:49 +02:00
Tim Graham
ea880ec233
Fixed #24533 -- Dropped PostgreSQL sequence and Oracle identity when migrating away from AutoField.
2020-08-24 14:32:07 +02:00
Nick Pope
b312421511
Refs #30897 -- Added test for WAL option to Queryset.explain() on PostgreSQL 13+.
2020-08-24 11:47:38 +02:00
Mariusz Felisiak
bb8f66934d
Fixed #31877 -- Reverted "Fixed #19878 -- Deprecated TemplateView passing URL kwargs into context."
...
This reverts commit 4ed534758c
.
2020-08-24 11:37:59 +02:00
Mariusz Felisiak
04e87e79a0
Refs #31877 -- Reverted "Fixes #31877 -- Used lazy() for TemplateView kwarg deprecation warning."
...
This reverts commit 20799cc0a6
.
2020-08-24 11:37:59 +02:00
Nick Pope
b5acb9db75
Fixed #31907 -- Fixed missing validate_key() calls in cache backends.
2020-08-24 09:41:21 +02:00
Nick Pope
9e04b242ee
Refs #31907 -- Added cache key validation tests for cache operations.
2020-08-24 09:33:55 +02:00
Tim Graham
7ca42974ee
Added assertions for the results of migrating an integer pk to AutoField.
2020-08-24 06:45:48 +02:00
Mariusz Felisiak
4376c2c7f8
Fixed #31895 -- Fixed crash when decoding invalid session data.
...
Thanks Matt Hegarty for the report.
Regression in d4fff711d4
.
2020-08-19 12:06:00 +02:00
Maxim Petrov
bf6d07730c
Fixed #31902 -- Fixed crash of ExclusionConstraint on expressions with params.
2020-08-19 06:43:54 +02:00
Mariusz Felisiak
35b03788b0
Refs #9061 -- Allowed GenericInlineFormSet to disable deleting extra forms.
...
Follow up to 162765d6c3
.
2020-08-18 09:37:15 +02:00
Mariusz Felisiak
3254991762
Refs #20347 -- Allowed customizing the maximum number of instantiated forms in generic_inlineformset_factory().
...
Follow up to 433dd737f9
.
2020-08-18 09:37:15 +02:00
Ahmad A. Hussein
493b26bbfc
Fixed #31888 -- Avoided module-level MySQL queries in tests.
2020-08-17 09:31:16 +02:00
Iuri de Silvio
632ccffc49
Fixed #31826 -- Made AlterField operation a noop when adding db_column.
...
AlterField operation with adding a db_column is a noop if the column
name is not changed.
2020-08-14 13:13:36 +02:00
Yan Mitrofanov
b88f98738f
Fixed #31878 -- Made createsuperuser respect --database option in default usernames.
2020-08-14 11:08:20 +02:00
Yan Mitrofanov
552bb82928
Fixed typo in tests/auth_tests/test_management.py docstring.
2020-08-14 11:08:12 +02:00
Ahmad A. Hussein
61a0ba43cf
Refs #31811 -- Added optional timing outputs to the test runner.
2020-08-13 17:17:15 +02:00
Simon Charette
51297a9232
Fixed #31792 -- Made Exists() reuse QuerySet.exists() optimizations.
...
The latter is already optimized to limit the number of results, avoid
selecting unnecessary fields, and drop ordering if possible without
altering the semantic of the query.
2020-08-13 14:10:36 +02:00
Iuri de Silvio
7f4c9222df
Fixed #31825 -- Made RenameField operation a noop for fields with db_column.
2020-08-13 13:14:58 +02:00
Adam Johnson
20799cc0a6
Fixes #31877 -- Used lazy() for TemplateView kwarg deprecation warning.
...
SimpleLazyObjects cause a crash when filtering.
Thanks Tim L. White for the report.
Regression in 4ed534758c
.
2020-08-13 07:26:10 +02:00
Pat Garcia
8954f255bb
Fixed #31382 -- Made Model.save(update_fields=...) raise ValueError on non-concrete fields.
2020-08-12 21:13:55 +02:00
Gert Burger
94ea79be13
Fixed #31863 -- Prevented mutating model state by copies of model instances.
...
Regression in bfb746f983
.
2020-08-12 12:43:42 +02:00
Tom Carrick
63300f7e68
Fixed #21181 -- Added Collate database function.
...
Thanks Simon Charette for reviews.
2020-08-11 22:21:08 +02:00
Daniel Hillier
60626162f7
Fixed #31866 -- Fixed locking proxy models in QuerySet.select_for_update(of=()).
2020-08-11 11:55:10 +02:00
Carlton Gibson
0aeb802cf0
Fixed #31865 -- Adjusted admin nav sidebar template to reduce debug logging.
...
Thanks to Mariusz Felisiak for review.
2020-08-11 11:42:15 +02:00
Mariusz Felisiak
287e36bd22
Refs #31180 -- Fixed unreachable assertions in apps tests.
2020-08-11 10:31:09 +02:00
Iuri de Silvio
ebd78a9f97
Fixed #31870 -- Fixed crash when populating app registry with empty or without apps module.
...
Regression in 3f2821af6b
.
2020-08-10 20:16:45 +02:00
Iuri de Silvio
58a336a674
Fixed #31831 -- Fixed migration operations ordering when adding order_with_respect_to and constraints/indexes.
2020-08-08 20:43:45 +02:00
Iuri de Silvio
366a93f174
Refs #31831 -- Added autodector test for unique/index_together on _order field.
2020-08-08 20:43:40 +02:00
Mariusz Felisiak
99abfe8f4d
Fixed #31864 -- Fixed encoding session data during transition to Django 3.1.
...
Thanks אורי for the report.
2020-08-07 21:42:39 +02:00
Konstantin Alekseev
e5118b545b
Used mock.Mock() in SMTPBackendTests.
...
Using bool caused mypy typecheck failures.
2020-08-07 20:31:47 +02:00
Nick Pope
0a306f7da6
Fixed #25513 -- Extracted admin pagination to Paginator.get_elided_page_range().
2020-08-06 12:38:56 +02:00
Nick Pope
f35840c196
Refs #25513 -- Fixed admin pagination elision bounds.
...
It doesn't make sense to elide a single page number which could be a
clickable link to that page. We only want to elide two or more pages.
2020-08-06 12:38:56 +02:00
Nick Pope
b203ec70fd
Refs #25513 -- Adjusted admin pagination to be 1-indexed.
2020-08-06 12:38:56 +02:00