Commit Graph

229 Commits

Author SHA1 Message Date
Luis Visintini 635ffc3c37 Fixed #25163 -- Added hint for non-staff users to admin login page. 2015-07-29 15:09:32 -04:00
Flavio Curella c2e70f0265 Fixed #21127 -- Started deprecation toward requiring on_delete for ForeignKey/OneToOneField 2015-07-27 18:28:13 -04:00
Tim Graham 04e69598de Refs #24919 -- Made test models serializable for migrations. 2015-07-21 09:19:40 -04:00
Edward Henderson f8cc464452 Fixed #16501 -- Added an allow_unicode parameter to SlugField.
Thanks Flavio Curella and Berker Peksag for the initial patch.
2015-07-17 13:48:58 -04:00
Tim Graham e7c6a2cf9f Refs #4960 -- Fixed selenium test failures for CharField strip changes. 2015-07-06 08:52:50 -04:00
Jan Pazdziora 3353684102 Fixed #25032 -- Removed double redirect in admin login. 2015-07-03 08:53:10 -04:00
Luke Plant aef2a0ec59 Fixed #25018 -- Changed simple_tag to apply conditional_escape() to its output.
This is a security hardening fix to help prevent XSS (and incorrect HTML)
for the common use case of simple_tag.

Thanks to Tim Graham for the review.
2015-06-29 08:16:19 -04:00
Marten Kenbeek 1e82094f1b Fixed #21927 -- Made application and instance namespaces more distinct.
Made URL application namespaces be set in the included URLconf and
instance namespaces in the call to include(). Deprecated other ways
to set application and instance namespaces.
2015-06-08 15:12:20 -04:00
Trey Hunner 788071e22d Moved jQuery to a vendor/jquery subdirectory. 2015-06-07 22:23:42 +02:00
Simon Charette be67400b47 Refs #24652 -- Used SimpleTestCase where appropriate. 2015-05-20 13:46:13 -04:00
Riccardo Magliocchetti bd53db5eab Fixed #24553 -- Added the list of available applications to AdminSite.each_context() 2015-05-11 12:07:36 -04:00
Adam Zapletal 0894643e40 Fixed #23387 -- Kept "Save as new" button after validation errors in admin.
When "Save as new" is chosen and errors occur, only show the "Save as new"
button and not the other save buttons.

Thanks to Tino de Bruijn for doing the real work on this fix.
2015-05-02 19:41:10 -04:00
Tim Graham 845817b039 Fixed #24466 -- Added JavaScript escaping in a couple places in the admin.
Thanks Aymeric Augustin and Florian Apolloner for work on the patch.
2015-03-30 19:07:17 -04:00
Varun Sharma 74f8110e74 Added test for LogEntry.get_edited_object(); refs #24244. 2015-03-23 08:51:43 -04:00
Karl Hobley aea02ddfb7 Fixed #24490 -- Set LogEntry.change_message when adding an object. 2015-03-20 18:25:06 -04:00
Bas Peschier 0339844b70 Fixed #24476 -- Added context manager/decorator for overriding script prefix.
Tests were using an undocumented keyword argument for easily overriding
script prefix while reversing. This is now changed into a test utility
which can be used as decorator or context manager.
2015-03-18 13:03:25 -04:00
Baptiste Mispelon 82c9169077 Refs #24461 -- Added test/release notes for XSS issue in ModelAdmin.readonly_fields
This issue was fixed by refs #24464.
2015-03-09 10:12:21 -04:00
david 88c605e3e3 Fixed #23993 -- Added form.media to the admin login template. 2015-03-07 12:59:58 +01:00
Tim Graham 82f7bee1d5 Fixed admin selenium tests broken by removal of fixtures. 2015-03-05 17:51:17 -05:00
Josh Smeaton 39a7eed1bb Converted test fixtures to setUpTestData methods 2015-03-05 10:10:32 +11:00
Tim Graham 36a17be9f3 Fixed #24426 -- Displayed admin actions panel when show_full_result_count=False. 2015-03-04 12:00:12 -05:00
Andrei Kulakov 08572e8d12 Fixed #24294 -- Allowed staff_member_required decorator to handle args. 2015-03-02 13:15:34 -05:00
Aymeric Augustin a8fe12417f Normalized usage of the tempfile module.
Specifically stopped using the dir argument.
2015-02-23 16:55:27 +01:00
Aymeric Augustin 934400759d Guaranteed removal of temporary files during tests.
Dropped the DJANGO_TEST_TEMP_DIR environment variable.

Before this change, proper removal depended on the developer passing
dir=os.environ['DJANGO_TEST_TMP_DIR'] to tempfile functions.
2015-02-23 16:55:26 +01:00
Claude Paroz 1791a7e75a Fixed #15779 -- Allowed 'add' primary key in admin edition
Thanks Marwan Alsabbagh for the report, and Simon Charette and
Tim Graham for the reviews.
2015-02-14 11:19:55 +01:00
Tim Graham d64baaef3b Fixed #24333 -- Fixed admin history view crash with non-integer slug. 2015-02-12 14:19:44 -05:00
Simon Charette 5b75b01939 Refactored an admin_view test case.
Used setUpTestData, client login/logout and manager's count() method.

Thanks to Tim for the review.
2015-02-09 15:08:05 -05:00
Simon Charette 8a590c4b7b Moved a custom admin template test to a more appropriate case.
Thanks to Tim for the review.
2015-02-09 15:07:49 -05:00
Claude Paroz 32e6a7d3a5 Replaced hardcoded URLs in admin_* tests
Refs #15779. This will allow easier admin URL changes, when needed.
Thanks Simon Charette for the review.
2015-02-08 20:55:09 +01:00
Tim Graham 0ed7d15563 Sorted imports with isort; refs #23860. 2015-02-06 08:16:28 -05:00
Tim Graham bbe28496d3 Removed old import aliases. 2015-02-05 19:37:01 -05:00
darkryder 9ec8aa5e5d Fixed #24149 -- Normalized tuple settings to lists. 2015-02-03 14:59:45 -05:00
Adam Taylor 039465a6a7 Fixed typos in code comments. 2015-01-20 12:18:03 -05:00
Tim Graham 67a76500a5 Removed support for admin validators per deprecation timeline; refs #16905. 2015-01-18 14:43:21 -05:00
Collin Anderson a420f83e7d Fixed #24055 -- Keep reference to view class for resolve() 2015-01-17 22:09:10 +07:00
Claude Paroz b4ac232907 Fixed #24099 -- Removed contenttype.name deprecated field
This finsishes the work started on #16803.
Thanks Simon Charette, Tim Graham and Collin Anderson for the
reviews.
2015-01-16 20:21:34 +01:00
Aymeric Augustin 5f7230e12f Fixed #24124 (again) -- Updated tests with new default context_processors.
Thanks Collin for the review.
2015-01-12 22:31:44 +01:00
Simon Charette 07988744b3 Fixed #13165 -- Added edit and delete links to admin foreign key widgets.
Thanks to Collin Anderson for the review and suggestions and Tim for the
final review.
2015-01-10 12:24:52 -05:00
Tim Graham b8abfe141b Fixed #24101 -- Fixed flaky admin_views selenium tests; refs #7361. 2015-01-08 13:17:00 -05:00
Thomas Tanner 46068d850d Fixed #22295 -- Replaced permission check for displaying admin user-tools 2014-12-31 16:31:59 -05:00
Aymeric Augustin 9eb4f28e89 Deprecated TEMPLATE_CONTEXT_PROCESSORS. 2014-12-28 17:02:31 +01:00
Aymeric Augustin d3205e3e2e Deprecated TEMPLATE_DIRS. 2014-12-28 17:02:30 +01:00
Aymeric Augustin 92e8f1f302 Moved context_processors from django.core to django.template. 2014-12-28 17:00:07 +01:00
Diego Guimarães ca013e652f Fixed #23995 -- Removed unnecessary calls to self.client.logout() in tests. 2014-12-16 09:12:46 -05:00
Diego Guimarães d8182f294a Refs #23947 -- Fixed admin_views test execution order dependency. 2014-12-15 10:48:42 -05:00
Tim Graham c7a19f4203 Fixed #23857 -- Fixed admin crash with "save as new" and deleting inline.
Thanks amarandon for the report.
2014-12-12 10:24:39 -05:00
Kevin Marsh e2868308bf Fixed template tag braces spacing. 2014-12-12 09:34:18 -05:00
Kamil Braun 0623f4dea4 Fixed #23934 -- Fixed regression in admin views obj parameter. 2014-12-02 08:42:17 -05:00
Tim Graham 43fcf3505e Fixed admin_views test from refs #7361 (name was too long). 2014-12-01 15:47:41 -05:00
Berker Peksag c8dcded930 Fixed #17890 -- Added an extra_context parameter to AdminSite.password_change(). 2014-11-29 10:31:09 -05:00
wrwrwr 7cd3f1c295 Fixed cache state dependence for assertNumQueries in test_group_permission_performance.
Refs #20432 and #23746.
2014-11-27 13:02:21 -05:00
Simon Charette 3a9aa155e2 Fixed #23915 -- Made sure m2m fields through non-pk to_field are allowed in the admin.
refs #23754, #23862
2014-11-25 15:28:21 -05:00
Simon Charette f9c4e14aec Fixed #23754 -- Always allowed reference to the primary key in the admin
This change allows dynamically created inlines "Add related" button to work
correcly as long as their associated foreign key is pointing to the primary
key of the related model.

Thanks to amorce for the report, Julien Phalip for the initial patch,
and Collin Anderson for the review.
2014-11-25 13:26:50 -05:00
Redouane Zait 8e7b384d89 Fixed #23898 -- Added missing context to admin's deleted_selected view.
Thanks Redouane Zait for the report.
2014-11-25 11:22:15 -05:00
Veres Lajos a71a2ea756 Fixed typos using https://github.com/vlajos/misspell_fixer 2014-11-03 20:59:30 -05:00
Berker Peksag f7969b0920 Fixed #23620 -- Used more specific assertions in the Django test suite. 2014-11-03 11:56:37 -05:00
Loic Bistuer 968510e5d7 Moved a test case that caused deprecation warnings.
`cache.tests.TestEtagWithAdmin` loaded views from the `admin_views` test
package. This is problematic because when the `cache` test package is
run in isolation, `admin_views` isn't in INSTALLED_APPS, and therefore
loading its models isn't allowed since the app loading refactor.
2014-10-20 00:22:48 +07:00
Thomas Chaumeny 825ea83858 Fixed #21196 -- Removed index on test field causing MySQL specific warning. 2014-10-19 13:44:39 +07:00
Emmanuelle Delescolle a24cf21722 Fixed #23604 -- Allowed related m2m fields to be references in the admin.
Thanks Simon Charette for review.
2014-10-06 08:35:16 -04:00
Nick Sandford f5cfd09c25 Fixed #7361 -- Added cancel link to admin delete views. 2014-09-30 08:45:04 -04:00
Thomas Chaumeny 17557d068c Fixed #8408 -- Added ModelAdmin.show_full_result_count to avoid COUNT() query.
Thanks lidaobing for the suggestion.
2014-09-26 12:12:40 -04:00
Simon Charette 342ccbddc1 Fixed #23431 -- Allowed inline and hidden references to admin fields.
This fixes a regression introduced by the 53ff096982 security fix.

Thanks to @a1tus for the report and Tim for the review.

refs #23329.
2014-09-08 13:49:07 -04:00
Simon Charette 3cbb7590cb Fixed #23329 -- Allowed inherited and m2m fields to be referenced in the admin.
Thanks to Trac alias Markush2010 and ross for the detailed reports.
2014-08-27 21:26:53 -04:00
areski a81af7f49d Fixed #13749 -- Added link from admin site to front-end site.
Thanks romankrv for the suggestion.
2014-08-27 08:34:53 -04:00
Simon Charette 53ff096982 Prevented data leakage in contrib.admin via query string manipulation.
This is a security fix. Disclosure following shortly.
2014-08-20 14:39:40 -04:00
areski 3021453285 Fixed #20133 -- Added summary to admin deletion confirmation pages.
Thanks jonash for the suggestion and initial patch.
2014-08-14 13:56:23 -04:00
Tim Graham 9b1515906e Removed usage of deprecated switch_to_*() selenium methods. 2014-07-24 08:25:15 -04:00
Anssi Kääriäinen 9cd5201abd Fixed #22994 -- regression with generic FK + admin list_view
The reason for the regression was that the GenericForeignKey field isn't
something meta.get_field_by_name() should return. The reason is that a
couple of places in Django expects get_field_by_name() to work this way.
It could make sense to return GFKs from get_field_by_name(), but that
should likely be done as part of meta refactoring or virtual fields
refactoring patches.

Thanks to glicerinu@gmail.com for the report and to Tim for working on
the issue.
2014-07-14 10:50:41 -04:00
Claude Paroz 22b2fb0ba1 Fixed #22939 -- Delayed admin_static backend detection
Thanks generalov for the report.
2014-07-12 18:49:43 +02:00
Claude Paroz e167e96cfe Fixed #22223 -- Prevented over-escaping URLs in reverse()
And follow more closely the class of characters defined in the
RFC 3986.
Thanks Erik van Zijst for the report and the initial patch, and
Tim Graham for the review.
2014-07-09 09:54:34 +02:00
Tim Graham 89b9e6e5d6 Fixed #22909 -- Removed camelCasing in some tests.
Thanks brylie.
2014-07-07 19:08:42 -04:00
Riccardo Magliocchetti 68c9a72e29 Fixed #22894 -- Made admin add related/raw ID fields widgets customizable.
Decoupled behavior and style from the RelatedFieldWidgetWrapper and
ForeignKeyRawIdWidget.
2014-06-26 15:02:42 -04:00
Claude Paroz c6a711d9e5 Removed some apps from ALWAYS_INSTALLED_APPS 2014-06-21 21:01:37 +02:00
Maxime Turcotte 504c89e800 Fixed #6327 -- Added has_module_permission method to BaseModelAdmin
Thanks chrj for the suggestion.
2014-06-13 09:31:40 -04:00
Tim Graham 99f5ea9cc8 Fixed #22653 -- Added some database feature flags to tests.
Thanks Rahul Priyadarshi.
2014-06-11 11:45:18 -04:00
Tim Graham fea8ccdcc4 Removed unused import. 2014-06-09 18:41:35 -04:00
Aymeric Augustin 40bfd8561d Fixed #20420 -- Normalized query counts on Oracle.
This is achieved by inserting a fake entry in connection.queries when
not releasing a savepoint (since Oracle doesn't support that operation.)

Also removed the can_release_savepoints feature that was recently added,
but is superseded by this solution.
2014-06-09 21:38:10 +02:00
Nick Presta 11f0899bbe Fixed #11776 -- Added CSS class for non-field/top of form errors.
Thanks Daniel Pope for the suggestion.
2014-06-02 15:22:15 -04:00
Alex Gaynor 1dcc603eff Fixed several typos in Django 2014-05-28 17:39:14 -07:00
Stas Rudakou ebd70d4d00 Fixed #22266 - quote PK before redirecting away from add_view (django.contrib.admin) 2014-05-16 18:33:17 +02:00
Claude Paroz e520a73eee Harmonized some PEP 0263 coding preambles 2014-05-15 19:58:41 +02:00
Aymeric Augustin c70a61eb49 Replaced vendor checks by three feature flags. 2014-05-08 22:11:15 +02:00
Alex Gaynor 2bcb8bfc8d Fix many many typos in comments throughout the codebase 2014-04-26 10:18:45 -07:00
Tim Graham d238c58912 Fixed #22499 -- Fixed a typo in an admin_views test that caused failure on Oracle. 2014-04-24 07:06:02 -04:00
Alejandro Gómez 7a7f6fccae Fixed #21084 -- Used proxy model's content type for admin log entries. 2014-04-07 08:52:41 -04:00
Anubhav Joshi cd914e31c9 Fixed #21977 -- Deprecated SimpleTestCase.urls 2014-04-06 17:33:43 -04:00
Tim Graham d73d0e071c Fixed #22218 -- Deprecated django.conf.urls.patterns.
Thanks Carl Meyer for the suggestion and Alex Gaynor and Carl for reviews.
2014-04-03 07:28:10 -04:00
Loic Bistuer 4d996b8e69 Fixed #22360 -- Fixed two non-deterministic tests in Python 3.4.
The order of admin's changelist filters in the querystring relied on
dict ordering.
2014-03-31 08:19:43 -04:00
Loic Bistuer 4339e9a92d Fixed #21795 -- Made add_preserved_filters account for url prefixes.
Thanks to trac username honyczek for the report. Refs #6903.
2014-03-31 07:19:59 -04:00
Alex Gaynor 778ce245dd Corrected many style guide violations that the newest version of flake8 catches 2014-03-30 12:11:05 -07:00
Ben Davis 16afffffe8 Fixed #22087 -- Made AdminReadonlyField respect ModelForm Meta overrides. 2014-03-25 09:33:13 -04:00
Claude Paroz c94bff2b26 Fixed #22241 -- Selectively added line breaks in admin read-only fields
When content is supposed to contain HTML, we do not try to add
line breaks in read-only contents.
Thanks Alexander Todorov for the report.
2014-03-22 17:00:50 +01:00
Rodolfo Carvalho 0d91225892 Fixed many typos in comments and docstrings.
Thanks Piotr Kasprzyk for help with the patch.
2014-03-03 07:38:09 -05:00
Greg Chapple 6acaa52386 Fixed #22135 -- Added ModelAdmin.get_changeform_initial_data().
Allows custom behavior for setting initial form data in ModelAdmin.
By default, initial data is set via GET params. The new method allows
this behavior to be overridden.

Thanks egasimus for the suggestion.
2014-03-03 07:28:24 -05:00
Russell Keith-Magee 3c5fc708f1 Edited contrib.admin check messages for grammar and consistency. 2014-03-03 13:27:17 +08:00
Klemens Mantzos f683cb90be Fixed #21924 -- Added the ability to specify a reverse order for admin_order_field.
Thanks Klemens Mantzos for the report and initial patch.
2014-02-14 19:53:44 -05:00
Christopher Adams eefc88feef Fixed #2445 -- Allowed limit_choices_to attribute to be a callable.
ForeignKey or ManyToManyField attribute ``limit_choices_to`` can now
be a callable that returns either a ``Q`` object or a dict.

Thanks michael at actrix.gen.nz for the original suggestion.
2014-02-11 14:05:12 -05:00
julien 'pouete' Godin f5123c7291 Fixed #21371 -- Added the block.super to admin bodyclass blocks.
Thanks Keryn Knight for the report.
2014-02-10 09:13:29 -05:00
Claude Paroz 343dfff133 Removed the this_is_the_login_form hack
Refs #21911. Now that we have a more traditional login form, we
don't need any more a special field telling us we are dealing with
the login form.
2014-02-04 20:02:28 +01:00
Claude Paroz be0ad62994 Fixed #21911 -- Made admin views redirect to login when needed
Historically, the Django admin used to pass through the request
from an unauthorized access to the login view directly. Now we
are using a proper redirection, which is also preventing
inadvertantly changing data when POSTing login data to an admin
view when user is already authorized.
Thanks Marc Tamlyn and Tim Graham for the reviews.
2014-02-04 20:02:28 +01:00