Commit Graph

2429 Commits

Author SHA1 Message Date
Tim Graham 39805686b3 Refs #21379, #26719 -- Moved username normalization to AbstractBaseUser.
Thanks Huynh Thanh Tam for the initial patch and Claude Paroz for review.
2016-06-21 16:19:37 -04:00
Sergey Fedoseev 5ce660cd65 Fixed #25940 -- Added OGRGeometry.from_gml() and GEOSGeometry.from_gml(). 2016-06-21 15:46:27 -04:00
Tim Graham 20d1cb33c2 Fixed #26787 -- Documented deleting and reloading of model instance fields.
Thanks Julien Hartmann for the report.
2016-06-21 14:39:17 -04:00
Tobias McNulty 17e661641d Refs #26666 -- Added ALLOWED_HOSTS validation when running tests.
Also used ALLOWED_HOSTS to check for external hosts in assertRedirects().
2016-06-20 11:07:46 -04:00
Claude Paroz f7a363ee1d Fixed #26753 -- Made GDAL a required dependency for contrib.gis
Thanks Tim Graham for the review.
2016-06-18 10:58:02 +02:00
Jon Dufresne 267dc4addd Fixed #4136 -- Made ModelForm save empty values for nullable CharFields as NULL.
Previously, empty values were saved as strings.
2016-06-13 09:14:36 -04:00
Vytis Banaitis 83120af2c1 Refs #26524 -- Fixed an error in 1.11 release notes. 2016-06-09 20:34:53 -04:00
Berker Peksag ae2a7da86b Fixed #20468 -- Added loaddata --exclude option.
Thanks Alex Morozov for the initial patch.
2016-06-09 10:35:32 -04:00
krishbharadwaj f6681393d3 Fixing #26524 -- Made a foreign key id reference in ModelAdmin.list_display display the id. 2016-06-08 17:20:03 -04:00
Berker Peksag 724dd2043e Fixed #26717 -- Added Serializer.stream_class to customize the stream. 2016-06-08 11:08:18 -04:00
Scott Vitale be729b6120 Fixed #10107 -- Allowed using mark_safe() as a decorator.
Thanks ArcTanSusan for the initial patch.
2016-06-07 12:24:03 -04:00
wim glenn 5ebebd1159 Fixed #26707 -- Added QueryDict.fromkeys() 2016-06-06 08:54:25 -04:00
Tom Christie da22079c21 Linked to upgrade guide from release notes. 2016-06-06 07:28:55 -04:00
Tim Graham 01e567864e Added stub release notes for 1.9.8. 2016-06-04 19:58:14 -04:00
Tim Graham 1f5eb521a0 Added release date for 1.9.7. 2016-06-04 19:24:51 -04:00
Vytis Banaitis 2f9c4e2b6f Fixed #19963 -- Added support for date_hierarchy across relations. 2016-06-04 12:14:02 -04:00
Holly Becker 55fec16aaf Fixed #26628 -- Changed CSRF logger to django.security.csrf. 2016-06-04 10:17:06 -04:00
Anton I. Sipos c3495bb984 Fixed #12666 -- Added EMAIL_USE_LOCALTIME setting.
When EMAIL_USE_LOCALTIME=True, send emails with a Date header
in the local time zone.
2016-06-04 09:55:50 -04:00
Tim Graham e2296e7f0a Fixed #26667 -- Fixed a regression in queries on a OneToOneField that has to_field and primary_key=True.
Thanks Simon Charette for review.
2016-06-04 08:04:51 -04:00
mieciu 19ff506878 Fixed #26698 -- Fixed PostgreSQL dbshell crash on an empty database name. 2016-06-03 12:30:21 -04:00
Will Koster 9899347641 Fixed #26638 -- Allowed callable arguments for QuerySet.get_or_create()/update_or_create() defaults. 2016-06-03 10:00:53 -04:00
jrabbit d65e2899b2 Fixes #26700 -- Added how to upgrade to TEMPLATES link in 1.10 release notes. 2016-06-02 20:27:33 -04:00
Brad Melin f6517a5335 Fixed #26672 -- Fixed HStoreField to raise ValidationError instead of crashing on non-dict JSON input. 2016-06-02 16:28:01 -04:00
Rustam Kashapov df8412d2e5 Fixed #26617 -- Added distinct argument to contrib.postgres's StringAgg. 2016-06-02 13:48:35 -04:00
Tim Graham 149ace94df Updated release notes links to prevent warnings with Sphinx 1.4.2. 2016-06-02 11:41:49 -04:00
Tim Graham 3db04d4422 Fixed #26084 -- Documented that deprecation warnings are no longer loud. 2016-06-01 15:17:25 -04:00
Tim Graham bc84278615 Fixed #26675 -- Dropped support for PostgreSQL 9.2/PostGIS 2.0. 2016-06-01 07:45:22 -04:00
Tim Graham 47f22e8286 Fixed #25645 -- Dropped support for SpatiaLite < 4.0. 2016-05-31 11:31:51 -04:00
Ketan Bhatt f31fbbae1a Fixed #26653 -- Made SyndicationFeed.latest_post_date() return time in UTC. 2016-05-30 18:36:15 -04:00
Simon Charette 4f474607de
Fixed #26646 -- Added IOBase methods required by TextIOWrapper to File.
Thanks Tim for the review.
2016-05-27 21:05:58 -04:00
Tim Graham 0e7e47b5d7 Fixed #26652 -- Documented removal of model instance _(default/base)_manager attributes. 2016-05-27 10:36:16 -04:00
Tim Graham 1915a7e5c5 Increased the default PBKDF2 iterations. 2016-05-20 09:19:19 -04:00
Tim Graham 97c3dfe12e Added stub 1.11 release notes. 2016-05-19 22:28:24 -04:00
Tim Graham 0eac5535f7 Removed unused sections in 1.10 release notes. 2016-05-19 11:49:15 -04:00
Shai Berger 5112e65ef2 Fixed #20869 -- made CSRF tokens change every request by salt-encrypting them
Note that the cookie is not changed every request, just the token retrieved
by the `get_token()` method (used also by the `{% csrf_token %}` tag).

While at it, made token validation strict: Where, before, any length was
accepted and non-ASCII chars were ignored, we now treat anything other than
`[A-Za-z0-9]{64}` as invalid (except for 32-char tokens, which, for
backwards-compatibility, are accepted and replaced by 64-char ones).

Thanks Trac user patrys for reporting, github user adambrenecki
for initial patch, Tim Graham for help, and Curtis Maloney,
Collin Anderson, Florian Apolloner, Markus Holtermann & Jon Dufresne
for reviews.
2016-05-19 05:02:19 +03:00
Barthelemy Dagenais a5c8072ab1 Fixed #26627 -- Fixed on_commit callbacks execution order when callbacks make transactions. 2016-05-18 09:09:48 -04:00
Josh Smeaton 2a4af0ea43 Fixed #25774 -- Refactor datetime expressions into public API 2016-05-18 20:14:58 +10:00
Tim Graham ece4d24f8e Refs #26601 -- Deprecated old-style middleware. 2016-05-17 07:22:26 -04:00
Florian Apolloner 9baf692a58 Fixed #26601 -- Improved middleware per DEP 0005.
Thanks Tim Graham for polishing the patch, updating the tests, and
writing documentation. Thanks Carl Meyer for shepherding the DEP.
2016-05-17 07:22:22 -04:00
Tim Graham c999c8d8f6 Updated admin's jQuery to 2.2.3. 2016-05-17 07:20:06 -04:00
Loïc Bistuer ed0ff913c6 Fixed #10506, #13793, #14891, #25201 -- Introduced new APIs to specify models' default and base managers.
This deprecates use_for_related_fields.

Old API:

class CustomManager(models.Model):
    use_for_related_fields = True

class Model(models.Model):
    custom_manager = CustomManager()

New API:

class Model(models.Model):
    custom_manager = CustomManager()

    class Meta:
        base_manager_name = 'custom_manager'

Refs #20932, #25897.

Thanks Carl Meyer for the guidance throughout this work.
Thanks Tim Graham for writing the docs.
2016-05-17 12:07:22 +07:00
Claude Paroz 526575c641 Fixed #21379 -- Created auth-specific username validators
Thanks Tim Graham for the review.
2016-05-16 19:37:57 +02:00
Aron Podrigal 85ef98dc6e Fixed #24305 -- Allowed overriding fields on abstract models.
Fields inherited from abstract base classes may be overridden like
any other Python attribute. Inheriting from multiple models/classes
with the same attribute name will follow the MRO.
2016-05-16 07:32:21 -04:00
Simon Charette f937c9ec97 Fixed #24100 -- Made the migration signals dispatch its plan and apps.
Thanks Markus for your contribution and Tim for your review.
2016-05-15 19:51:15 -04:00
Matthew Somerville 1962a96a30 Fixed #24938 -- Added PostgreSQL trigram support. 2016-05-13 12:38:21 -04:00
Andre Cruz 929684d6ee Fixed #21231 -- Enforced a max size for GET/POST values read into memory.
Thanks Tom Christie for review.
2016-05-12 10:17:52 -04:00
Tim Graham 2f0e0eee45 Fixed #24046 -- Deprecated the "escape" half of utils.safestring. 2016-05-10 12:46:47 -04:00
Claude Paroz c3e1086949 Stopped truncating AdminEmailHandler message subjects
Refs #26572, #17281. The RFC doesn't limit total length, just the line length
which is already taken care of by Python itself.
Thanks Tim Graham for the review.
2016-05-10 18:17:43 +02:00
Simon Charette 207c5b4acd
Fixed #26603 -- Forced lazy template names to text when computing cache key.
Refs #26536.

Thanks Sylvain Fankhauser for the very detailed report.
2016-05-10 10:03:01 -04:00
Tim Graham f5ff5010cd Fixed #26483 -- Updated docs.python.org links to use Intersphinx. 2016-05-08 18:07:43 -04:00
Vitaly Bogomolov aec4f97555 Fixed #26402 -- Added relative path support in include/extends template tags. 2016-05-07 16:21:57 -04:00
Claude Paroz b26fedacef Fixed #26544 -- Delayed translations of SetPasswordForm help_texts
Thanks Michael Bitzi for the reporti and Tim Graham for the review.
2016-05-07 10:17:49 +02:00
Daniel Wiesmann bbfad84dd9 Fixed #25588 -- Added spatial lookups to RasterField.
Thanks Tim Graham for the review.
2016-05-06 09:17:18 -04:00
Claude Paroz 388bb5bd9a Fixed #22936 -- Obsoleted Field.get_prep_lookup()/get_db_prep_lookup()
Thanks Tim Graham for completing the initial patch.
2016-05-04 20:02:01 +02:00
Dan Stephenson 1206eea11e Fixed #26558 -- Removed need for request context processor on admin login page. 2016-05-04 09:43:24 -04:00
Ville Skyttä 575a9a791e Normalized "an SQL" spelling. 2016-05-03 19:30:48 -04:00
Michal Petrucha 8a47ba679d Refs #16508 -- Made Model.__init__() aware of virtual fields.
It's no longer necessary for GenericForeignKey (and any other virtual fields)
to intercept the field's values using the pre_init signal.
2016-05-03 09:06:26 -04:00
Tim Graham 8a55982e70 Added stub release notes for 1.9.7. 2016-05-02 19:02:21 -04:00
Tim Graham f0b8da7350 Added release date for 1.9.6/1.8.13. 2016-05-02 18:16:36 -04:00
Cristiano 914c72be2a Fixed #26058 -- Delegated os.path bits of FileField's filename generation to the Storage. 2016-04-30 17:22:40 -04:00
Claude Paroz b16b124996 Fixed #26341 -- Fixed makemessages breaking location comments for HTML files
Thanks Sylvain Garancher for the report and Veranika Sabiashchanskaya for the
initial patch.
2016-04-30 12:08:20 +02:00
Anssi Kääriäinen 7f51876f99 Fixed #26207 -- Replaced dynamic classes with non-data descriptors for deferred instance loading. 2016-04-29 13:06:32 -04:00
Tim Graham 9f8941eda4 Refs #26557 -- Added forgotten release notes. 2016-04-29 10:18:49 -04:00
Joshua Phillips 4681d65048 Fixed #26557 -- Converted empty strings to None when saving GenericIPAddressField. 2016-04-29 10:11:49 -04:00
Tim Graham 2f698cd991 Refs #26428 -- Added support for relative path redirects to the test client.
Thanks iktyrrell for the patch.
2016-04-29 09:15:28 -04:00
Tim Graham f945fb24a3 Fixed #26554 -- Updated docs URLs to readthedocs.io 2016-04-28 10:09:57 -04:00
Tim Graham bb0b4b705b Fixed #26052 -- Moved conditional_content_removal() processing to the test client. 2016-04-25 07:56:07 -04:00
Simon Charette bd145e7209 Fixed #26536 -- Preserved leading dashes of the cached template loader keys.
Thanks Anders Roos for the report.
2016-04-24 22:15:45 -04:00
Tim Graham 859eeaa0f0 Fixed #26533 -- Renamed Widget._format_value() to format_value(). 2016-04-23 13:15:45 -04:00
Tim Graham 87338198e9 Fixed #26320 -- Deprecated implicit OneToOnField parent_link. 2016-04-22 12:59:41 -04:00
Marc Tamlyn 2d877da855 Refs #3254 -- Added full text search to contrib.postgres.
Adds a reasonably feature complete implementation of full text search
using the built in PostgreSQL engine. It uses public APIs from
Expression and Lookup.

With thanks to Tim Graham, Simon Charettes, Josh Smeaton, Mikey Ariel
and many others for their advice and review. Particular thanks also go
to the supporters of the contrib.postgres kickstarter.
2016-04-22 10:44:37 +01:00
Jon Dufresne ec6121693f Fixed #22383 -- Added support for HTML5 required attribute on required form fields. 2016-04-21 19:16:38 -04:00
Tobias Kroenke b040ac06eb Fixed #26520 -- Fixed a regression where SessionBase.pop() didn't return a KeyError. 2016-04-20 13:06:47 -04:00
Markus Amalthea Magnuson 08cd6a0e56 Fixed #16327 -- Redirected "Save as new" to change view instead of the changelist. 2016-04-20 11:31:44 -04:00
Matthew Schinckel 5402f3ab09 Fixed #26475 -- Added functools.partial() support to migrations autodetector. 2016-04-19 10:17:11 -04:00
Jon Dufresne 500e5a6886 Fixed #26516 -- Added minlength attribute when forms.CharField.min_length is set. 2016-04-19 08:54:27 -04:00
Lukasz Wiecek d3c87a2425 Fixed #26498 -- Fixed TimeField microseconds round-tripping on MySQL and SQLite.
Thanks adamchainz for the report and review.
2016-04-18 09:39:46 -04:00
Claude Paroz 9686c888d6 Fixed #25951 -- Trimmed default representation of GEOSGeometry
Thanks Sergey Fedoseev for the report.
2016-04-17 15:31:12 +02:00
krishbharadwaj e494b9ffb6 Fixed #26509 -- Deprecated the contrib.gis.utils.precision_wkt() function. 2016-04-16 16:47:04 -04:00
Claude Paroz de40cfbe74 Fixed #19567 -- Added JavaScriptCatalog and JSONCatalog class-based views
Thanks Cristiano Coelho and Tim Graham for the reviews.
2016-04-15 17:28:54 +02:00
Tim Graham ad3c72118f Added stub release notes for 1.8.13. 2016-04-13 13:21:20 -04:00
Michal Petrucha c339a5a6f7 Refs #16508 -- Renamed the current "virtual" fields to "private".
The only reason why GenericForeignKey and GenericRelation are stored
separately inside _meta is that they need to be cloned for every model
subclass, but that's not true for any other virtual field. Actually,
it's only true for GenericRelation.
2016-04-13 10:10:53 -04:00
Jeremy Lainé c1aec0feda Fixed #25847 -- Made User.is_(anonymous|authenticated) properties. 2016-04-09 14:54:18 -04:00
Alasdair Nicol c16b9dd8e0 Fixed #26479 -- Added 'is not' operator to the if tag. 2016-04-09 13:01:15 -04:00
Mounir Messelmeni 03e1cc930c Fixed #26145 -- Made debug context processor return queries for all databases. 2016-04-09 11:47:15 -04:00
Daniel Wiesmann c12a00e554 Fixed #26455 -- Allowed filtering and repairing invalid geometries.
Added the IsValid and MakeValid database functions, and the isvalid lookup,
all for PostGIS.

Thanks Tim Graham for the review.
2016-04-09 09:22:30 -04:00
Attila Tovt 02ae5fd31a Fixed #25850 -- Made migrate/makemigrations error on inconsistent history. 2016-04-05 08:52:08 -04:00
David Evans 99bb7fcc18 Fixed #26452 -- Loaded middleware on server start rather than on first request. 2016-04-04 10:12:41 -04:00
Sergey Kolosov 21dd98a386 Fixed #25699 -- Allowed using the test client if 'django.contrib.sessions' isn't in INSTALLED_APPS. 2016-04-04 07:48:48 -04:00
anna b28c60529b Fixed #26101 -- Allowed introspection of base_field.model in RangeField
Used the same test and fix as in #25867.
This required initializing base_field in RangeField.__init__,
not when setting the attribute.
2016-04-03 16:32:30 +02:00
Tim Graham d2569f89f2 Fixed #26428 -- Added support for relative path redirects in assertRedirects().
Thanks Trac alias master for the report and review.
2016-04-02 10:35:33 -04:00
Tim Graham a637ed879d Added stub release notes for 1.9.6. 2016-04-01 14:09:48 -04:00
Tim Graham 93539ba2f4 Added release date for 1.9.5 and 1.8.12. 2016-04-01 13:29:43 -04:00
Claude Paroz db19619545 Fixed #25532 -- Properly redisplayed JSONField form input values
Thanks David Szotten for the report and Tommy Beadle for code inspiration.
Thanks Tim Graham for the review.
2016-04-01 09:04:20 +02:00
Simon Charette 64aba7a8ab Fixed #26438 -- Fixed multiple .objects typos in the docs.
Thanks Pablo Oubiña for the report.
2016-03-31 18:27:47 -04:00
Akshesh 49f95cc0a0 Fixed #11560 -- Allowed proxy model multiple-inheritance from the same concrete base model. 2016-03-30 13:06:27 -04:00
Krzysztof Jurewicz 940b7fd5cb Fixed #21446 -- Allowed not performing redirect in set_language view
Thanks Claude Paroz and Tim Graham for polishing the patch.
2016-03-29 22:15:14 +02:00
Alex Hill 4b2cf1cd27 Fixed #26384 -- Fixed renaming the PK on a model with a self-referential FK on SQLite. 2016-03-29 13:25:09 -04:00
Daniel Wiesmann 870dd1d38b Fixed #26417 -- Allowed setting GDALBand data with partial values. 2016-03-29 11:08:36 -04:00
Claude Paroz 03b6947728 Fixed #24932 -- Added Cast database function.
Thanks Ian Foote for the initial patch.
2016-03-29 08:14:33 -04:00
Kai Feldhoff 5336158990 Fixed #25759 -- Added keyword arguments to customize Expressions' as_sql(). 2016-03-29 08:09:58 -04:00
Simon Charette 67cf5efa31 Fixed #26413 -- Fixed a regression with abstract model inheritance and explicit parent links.
Thanks Trac alias trkjgrdg for the report and Tim for investigation and review.
2016-03-28 21:11:37 -04:00
Tim Graham acfaec3db5 Fixed #26387 -- Restored the functionality of the admin's raw_id_fields in list_editable. 2016-03-25 13:47:42 -04:00
ieatkittens 9390da7fb6 Fixed #26293 -- Fixed CommonMiddleware to process PREPEND_WWW and APPEND_SLASH independently. 2016-03-23 09:23:19 -04:00
Alexander Gaevsky 107165c4b0 Fixed #24987 -- Allowed inactive users to login with the test client. 2016-03-23 09:01:52 -04:00
Alexander Gaevsky e0a3d93730 Fixed #25232 -- Made ModelBackend/RemoteUserBackend reject inactive users. 2016-03-23 09:01:48 -04:00
Berker Peksag 157d7f1f1d Fixed #25388 -- Added an option to allow disabling of migrations during test database creation 2016-03-23 08:21:30 +08:00
Jason Parrott 4c1c93032f Fixed #26373 -- Fixed reverse lookup crash with a ForeignKey to_field in a subquery. 2016-03-19 17:54:29 -04:00
José Tomás Tocino 39a16dd2e0 Fixed #25658 -- Allowed inspectdb to inspect a specific set of tables. 2016-03-18 08:41:15 -04:00
Berker Peksag 28bcff82c5 Fixed #26297 -- Fixed `collectstatic --clear` crash if storage doesn't implement path(). 2016-03-17 09:49:57 -04:00
Alex Hill ecb59cc657 Fixed #26306 -- Fixed memory leak in cached template loader. 2016-03-16 12:37:57 -04:00
Collin Anderson 93a135d111 Fixed #26158 -- Rewrote http.parse_cookie() to better match browsers. 2016-03-15 12:24:06 -04:00
Vincenzo Pandolfo d0fe6c9156 Fixed #26334 -- Removed whitespace stripping from contrib.auth password fields. 2016-03-14 20:20:24 -04:00
Jakub Wilk 402da9ab7b Fixed typos in docs. 2016-03-13 19:48:24 +01:00
Tim Graham 4f0cd0fd16 Fixed #26324 -- Fixed DurationField with fractional seconds on SQLite. 2016-03-10 12:18:29 -05:00
Przemysław Suliga 96ec67a7cf Fixed #26332 -- Fixed a race condition in BaseCache.get_or_set(). 2016-03-08 11:44:37 -05:00
Bas Westerbaan b4250ea04a Fixed #26033 -- Added Argon2 password hasher. 2016-03-08 11:22:18 -05:00
Saúl Ibarra Corretgé 6c33e73333 Fixed #26289 -- Enabled shell tab completion on systems using libedit. 2016-03-08 08:37:14 -05:00
Krzysztof Urbaniak 839a955d08 Fixed #25933 -- Allowed an unprefixed default language in i18n_patterns(). 2016-03-08 08:14:10 -05:00
John-Mark Bell 4b129ac81f Fixed #26325 -- Made MultiPartParser ignore filenames that normalize to an empty string. 2016-03-07 13:19:39 -05:00
Jon Dufresne 1845bc1d10 Refs #26315 -- Cleaned up argparse options in commands.
* Removed type coercion. Options created by argparse are already coerced
  to the correct type.
* Removed fallback default values. Options created by argparse already
  have a default value.
* Used direct indexing. Options created by argparse are always set. This
  eliminates the need to use dict.get().
2016-03-05 13:19:29 -05:00
Jon Dufresne 4115288b4f Fixed #26315 -- Allowed call_command() to accept a Command object as the first argument. 2016-03-05 13:05:10 -05:00
Tim Graham bc0410d98a Fixed typo in docs/releases/1.8.12.txt. 2016-03-05 10:02:29 -05:00
Tim Graham c960af4adb Added stub release notes for 1.9.5/1.8.12. 2016-03-05 10:00:40 -05:00
Claude Paroz 552f03869e Added safety to URL decoding in is_safe_url() on Python 2
The errors='replace' parameter to force_text altered the URL before checking
it, which wasn't considered sane. Refs 24fc935218 and ada7a4aef.
2016-03-04 23:33:35 +01:00
Claude Paroz ada7a4aefb Fixed #26308 -- Prevented crash with binary URLs in is_safe_url()
This fixes a regression introduced by c5544d2892.
Thanks John Eskew for the reporti and Tim Graham for the review.
2016-03-04 21:14:14 +01:00
Tim Graham cecbf1bdef Fixed typo in docs/releases/1.9.1.txt. 2016-03-04 14:16:56 -05:00
Tim Graham 2f0c785a4c Added stub release notes for 1.8.11. 2016-03-04 09:47:43 -05:00
Simon Charette d0451e4cad Fixed #26295 -- Allowed using i18n_patterns() in any root URLconf.
Thanks Tim for the review.
2016-03-03 12:08:49 -05:00
Alasdair Nicol 2404d209a5 Fixed #26309 -- Documented that login URL settings no longer support dotted paths. 2016-03-03 07:34:14 -05:00
Simon Charette c92123cc1d Fixed #26226 -- Made related managers honor the queryset used for prefetching their results.
Thanks Loïc for the suggested improvements and Tim for the review.
2016-03-02 16:10:18 -05:00
Marc Tamlyn 8ddc79a799 Fixed #26285 -- Deprecated the MySQL-specific __search lookup. 2016-03-02 14:41:56 -05:00
acrefoot 04240b2365 Refs #19527 -- Allowed QuerySet.bulk_create() to set the primary key of its objects.
PostgreSQL support only.

Thanks Vladislav Manchev and alesasnouski for working on the patch.
2016-03-02 14:29:09 -05:00
Dmitry Dygalo 5155c2b458 Fixed typo in 1.9.3/1.8.10 release date. 2016-03-02 07:08:36 -05:00
Tim Graham 2e895d2870 Added stub release notes for 1.9.4. 2016-03-01 12:39:01 -05:00
Tim Graham 24fc935218 Added CVE-2016-2512/2513 to security release archive. 2016-03-01 12:32:42 -05:00
Florian Apolloner 67b46ba701 Fixed CVE-2016-2513 -- Fixed user enumeration timing attack during login.
This is a security fix.
2016-03-01 11:25:28 -05:00
Mark Striemer c5544d2892 Fixed CVE-2016-2512 -- Prevented spoofing is_safe_url() with basic auth.
This is a security fix.
2016-03-01 11:25:28 -05:00
Tim Graham f43291639b Added stub release notes for security issues. 2016-03-01 11:25:28 -05:00
Simon Charette 0223e213dd Fixed #26186 -- Documented how app relative relationships of abstract models behave.
This partially reverts commit bc7d201bdb.

Thanks Tim for the review.

Refs #25858.
2016-02-29 22:07:05 -05:00
chenesan b84f5ab4ec Fixed #26230 -- Made default_related_name affect related_query_name. 2016-02-27 08:48:32 -05:00
Simon Charette 3938b3ccaa Fixed #26286 -- Prevented content type managers from sharing their cache.
This should prevent managers methods from returning content type instances
registered to foreign apps now that these managers are also attached to models
created during migration phases.

Thanks Tim for the review.

Refs #23822.
2016-02-26 16:18:16 -05:00
Adam Chainz ef33bc2d4d Fixed #25279 -- Made prefetch_related_objects() public. 2016-02-26 14:55:01 -05:00
Simon Charette 766afc22a1 Fixed #24793 -- Unified temporal difference support. 2016-02-26 12:25:12 -05:00
Ivan Tsouvarev 8890c533e0 Fixed #26280 -- Fixed cached template loader crash when loading nonexistent template. 2016-02-26 08:02:10 -05:00
Sjoerd Job Postmus bbe136e1a2 Fixed #26231 -- Used .get_username in admin login template. 2016-02-25 19:29:53 -05:00
Olivier Le Thanh Duong 10781b4c6f Fixed #12233 -- Allowed redirecting authenticated users away from the login view.
contrib.auth.views.login() has a new parameter `redirect_authenticated_user`
to automatically redirect authenticated users visiting the login page.

Thanks to dmathieu and Alex Buchanan for the original code and to Carl Meyer
for the help and review.
2016-02-25 07:18:33 -05:00
Claude Paroz c5517b9e74 Fixed #26266 -- Output the primary key in the GeoJSON serializer properties
Thanks Tim Graham for the review.
2016-02-24 16:10:46 +01:00
Jon Dufresne b412681359 Fixed #26267 -- Fixed BoundField to reallow slices of subwidgets. 2016-02-24 07:02:51 -05:00
James Aylett 1ff6e37de4 Fixed #23832 -- Added timezone aware Storage API.
New Storage.get_{accessed,created,modified}_time() methods convert the
naive time from now-deprecated {accessed,created_modified}_time()
methods into aware objects in UTC if USE_TZ=True.
2016-02-23 18:51:43 -05:00
Andrew Kuchev e81d1c995c Fixed #25670 -- Allowed dictsort to sort a list of lists.
Thanks Tim Graham for the review.
2016-02-23 12:15:08 -05:00
Tim Graham cdbd8745f6 Fixed #26263 -- Deprecated Context.has_key() 2016-02-23 08:08:55 -05:00
Claude Paroz b46c0ea6c8 Fixed #26190 -- Returned handle() result from call_command
Thanks Tim Graham for the review.
2016-02-23 09:12:12 +01:00
Tim Graham 47b5a6a43c Fixed #26187 -- Removed weak password hashers from PASSWORD_HASHERS. 2016-02-22 18:59:23 -05:00
Tim Graham 33a4040d07 Refs #26253 -- Forwardported release note. 2016-02-22 17:19:08 -05:00
Tim Graham b1afebf882 Fixed #26204 -- Reallowed dashes in top-level domains for URLValidator.
Thanks Shai Berger for the review.
2016-02-18 19:06:49 -05:00
Akshesh d58aaa24e3 Fixed #26107 -- Added option to int_list_validator() to allow negative integers. 2016-02-18 18:58:18 -05:00
Akshesh fdccc02576 Fixed #26219 -- Fixed crash when filtering by Decimal in RawQuery. 2016-02-17 13:56:42 -05:00
Jakub Paczkowski d4dc775620 Fixed #25735 -- Added support for test tags to DiscoverRunner.
Thanks Carl Meyer, Claude Paroz, and Simon Charette for review.
2016-02-17 09:44:18 -05:00
Claude Paroz 928c12eb1a Fixed #26215 -- Fixed RangeField/ArrayField serialization with None values
Also added tests for HStoreField and JSONField.
Thanks Aleksey Bukin for the report and Tim Graham for the initial patch and
the review.
2016-02-16 21:07:05 +01:00
Alexey Kotlyarov b59f963ad2 Fixed #26212 -- Made forms.FileField and translation.lazy_number() picklable. 2016-02-15 11:44:29 -05:00
Jon Dufresne fcd08c1757 Fixed #11665 -- Made TestCase check deferrable constraints after each test. 2016-02-13 06:53:39 -05:00
Mounir Messelmeni 50931dfa53 Fixed #25304 -- Allowed management commands to check if migrations are applied. 2016-02-12 13:34:56 -05:00
Anssi Kääriäinen 46ecfb9b3a Fixed #26196 -- Made sure __in lookups use to_field as default.
Thanks Simon Charette for the test.
2016-02-11 11:09:08 -05:00
ZachLiuGIS 04e13c8913 Fixed #26179 -- Removed null assignment check for non-nullable foreign key fields. 2016-02-11 10:07:39 -05:00
Anssi Kääriäinen 353aecbf8c Fixed #26153 -- Reallowed Q-objects in ForeignObject.get_extra_descriptor_filter(). 2016-02-11 08:59:43 -05:00
Curtis Maloney 6f1318734f Fixed #26014 -- Added WSGIRequest content_type and content_params attributes.
Parsed the CONTENT_TYPE header once and recorded it on the request.
2016-02-10 18:19:23 -05:00
Brobin dca8b916ff Fixed #26154 -- Deprecated CommaSeparatedIntegerField 2016-02-10 17:57:43 -05:00
Shai Berger bb51dc902d Refs #26112 -- Fixed aggregate GIS test on Oracle.
Made sure the test doesn't try to aggregate over MultiPolygonField and made
AreaField turn decimals into floats on the way from the DB.

Thanks Daniel Wiesmann, Jani Tiainen, and Tim Graham for review and discussion.
2016-02-09 10:04:54 -05:00
Simon Charette a325fb1f9b Fixed #26162 -- Checked query name clashes of hidden relationships.
Although reverse accessor clashes should be skipped query name can't be hidden.

Thanks to Ian Foote and Tim Graham for the review.
2016-02-08 09:59:27 -05:00
Tim Graham 10a162809f Refs #24007 -- Removed an apps.populate() call in model unpickling that can cause deadlocks. 2016-02-08 08:28:48 -05:00
Tim Graham 97eb3356b2 Fixed #26177 -- Fixed a PostgreSQL crash with TIME_ZONE=None and USE_TZ=False. 2016-02-08 07:21:54 -05:00
Shai Berger 28f60ef3b8 Fixed title formatting in backwards-incompat section of 1.10 release notes 2016-02-06 21:10:36 +02:00
Tim Graham d6337e65ed Added stub release notes for 1.8.10. 2016-02-06 09:24:20 -05:00
Pankrat f91a04621e Fixed #25833 -- Added support for non-atomic migrations.
Added the Migration.atomic attribute which can be set to False
for non-atomic migrations.
2016-02-05 09:09:05 -05:00
Yoong Kang Lim 0edb8a146f Fixed #26144 -- Warned when dumping proxy model without concrete parent. 2016-02-04 19:40:12 -05:00
Simon Charette 6eb3ce11e4 Fixed #26089 -- Removed custom user test models from public API.
Thanks to Tim Graham for the review.
2016-02-04 12:30:34 -05:00
Hugo Osvaldo Barrera dcee1dfc79 Fixed #12405 -- Added LOGOUT_REDIRECT_URL setting.
After a user logs out via auth.views.logout(), they're redirected
to LOGOUT_REDIRECT_URL if no `next_page` argument is provided.
2016-02-04 10:35:37 -05:00
Carl Meyer a0ce4c09ff Fix typos in 1.8 release notes. 2016-02-03 13:05:35 -07:00
jpic 926e90132d Fixed #25731 -- Removed unused choices kwarg for Select.render() 2016-02-02 18:03:19 -05:00
rynomster 468d8211df Fixed #23971 -- Added "Has date"/"No date" choices for DateFieldListFilter. 2016-02-02 12:04:14 -05:00
Tim Graham 1e9150443e Refs #26089 -- Removed obsolete docs about custom user model testing. 2016-02-02 08:12:08 -05:00
Buddy Lindsey, Jr 731bdfe68a Fixed #26155 -- Skipped URL checks if no ROOTURL_CONF setting. 2016-02-01 13:51:38 -05:00
Tim Graham ecd502cfdb Added CVE-2016-2048 to the security archive. 2016-02-01 12:42:37 -05:00
Tim Graham 59654d5efe Added stub release notes for 1.9.3. 2016-02-01 12:39:18 -05:00
Tim Graham 11fae7c9e4 Added release dates for 1.9.2 and 1.8.9. 2016-02-01 12:02:16 -05:00
Myk Willis 62f3acc70a Fixed incorrect permissions check for admin's "Save as new".
This is a security fix.
2016-02-01 11:57:00 -05:00
Tim Graham 8ce8beb3f2 Unified some doc links to OneToOneField and ManyToManyField. 2016-02-01 11:02:26 -05:00
Hugo Osvaldo Barrera 8bf8d0e0ec Fixed #7923 -- Added links to objects displayed by ModelAdmin.raw_id_fields. 2016-02-01 07:36:10 -05:00
Greg Chapple 8dea9f089d Fixed #26120 -- Made HStoreField cast keys and values to strings.
HStoreField now converts all keys and values to string before they're
saved to the database.
2016-01-29 09:51:23 -05:00
Tim Graham 04564eb74d Fixed #26129 -- Made invalid forms display initial values of disabled fields. 2016-01-28 18:43:48 -05:00
Tim Graham 19d1cb1451 Fixed #20415 -- Ensured srid isn't localized in OpenLayers JavaScript. 2016-01-28 17:46:55 -05:00
James Pulec f05722a08a Fixed #25354 -- Added class/app_label interpolation for related_query_name. 2016-01-28 11:10:47 -05:00
Claude Paroz 54236a2c1c Fixed #26138 -- Ensured geometry_field's geometry is always serialized
Thanks Bernd Schlapsi for the report.
2016-01-28 08:50:38 +01:00
Ben Kraft 13023ba867 Fixed #26122 -- Fixed copying a LazyObject
Shallow copying of `django.utils.functional.LazyObject` or its subclasses has
been broken in a couple of different ways in the past, most recently due to
35355a4.
2016-01-26 06:56:21 -05:00
Preston Timmons cfda1fa3f8 Fixed #25848 -- Set template origin on each node.
Prior to 55f12f8709, the template origin was available on each node via
`self.token.source[0]`. This behavior was removed when debug handling was
simplified, but 3rd-party debugging tools still depend on its presence.
This updates the Parser to set origin on individual nodes. This enables the
source template to be determined even when template extending or including is
used.
2016-01-26 06:23:27 -05:00
Simon Charette 4dcaa5871b Fixed #26135 -- Adjusted the migration questioner's handling of disabled apps.
This was causing an issue when calling the `migrate` command in a test case with
the `available_apps` attribute pointing to an application with migrations
disabled using the `MIGRATION_MODULES` setting.

Thanks to Tim Graham for the review.

Refs #24919
2016-01-25 21:38:36 -05:00
Chris Lamb abc0777b63 Fixed #25968 -- Changed project/app templates to use a "py-tpl" suffix.
Debian packages unconditionally byte-compile .py files on installation and
do not silence errors by design. Therefore, we need a way of shipping these
invalid .py files without a .py extension but ensuring that when we
template them, they end up as .py.

We don't special-case .py files so that the all the TemplateCommand
command-line options (eg. extra_files and extensions) still work entirely
as expected and it may even be useful for other formats too.
2016-01-25 12:39:06 -05:00
Tim Graham 5e8685c1b1 Refs #26034 -- Added another case fixed by this ticket to release notes. 2016-01-25 08:35:58 -05:00
Tim Graham 497b5d6fee Refs #26034 -- Added another case fixed by this ticket to release notes.
Thanks Shai Berger for the report.
2016-01-25 08:33:02 -05:00