Commit Graph

1018 Commits

Author SHA1 Message Date
Russell Keith-Magee dd045aaab5 Fixed #12209 -- Made the through attribute on a m2m relation into a property to ensure that the fully resolved through model is always provdided. Thanks to dgouldin for the report.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11736 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-11-13 12:34:41 +00:00
Russell Keith-Magee 632f12fba4 Fixed #12163 -- Corrected the unpickling of non-deferred models. Thanks to rfugger for the report and test case.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11732 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-11-11 13:06:18 +00:00
Russell Keith-Magee 70f9a4f6ce Fixed #12190 -- Corrected a regression in the ability to instantiate ForeignKeys outside of models. Thanks to jittat for the report.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11730 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-11-10 15:21:12 +00:00
Russell Keith-Magee dd5d7622a5 Fixed #11144 -- When a to/from/cc header contains unicode, make sure the email addresses are parsed correctly (especially with regards to commas). Thanks to rmt for the patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11719 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-11-04 11:24:56 +00:00
Russell Keith-Magee 585b7acaa3 Fixed #10109 -- Removed the use of raw SQL in many-to-many fields by introducing an autogenerated through model.
This is the first part of Alex Gaynor's GSoC project to add Multi-db support to Django.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@11710 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-11-03 14:02:49 +00:00
Russell Keith-Magee aba5389326 Fixed #10355 -- Added an API for pluggable e-mail backends.
Thanks to Andi Albrecht for his work on this patch, and to everyone else that contributed during design and development.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@11709 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-11-03 12:53:26 +00:00
Russell Keith-Magee 5dfed1b24a Fixed #12127 -- Corrected teardown of dateformat tests. Thanks to apollo13 for the report, and Karen Tracey for the debugging help.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11705 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-11-02 08:26:03 +00:00
Karen Tracey 1ea08b441d Repeat the setUp/tearDown changes made in r11699 for the tests
converted in r11694.  This allows the dateformat tests to pass 
on Windows.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@11701 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-11-01 23:48:31 +00:00
Karen Tracey d4bb582b1a Changed setUp and tearDown for the tests converted from doctests in r11695
to not assume TZ absolutely will be set in the environment.  That environment
variable does not necessarily exist on Windows, it seems.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@11699 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-11-01 23:09:23 +00:00
Karen Tracey ff38e0b1d1 Fixed #12125 -- Fixed a typo in the generic views date_based test that caused it to fail in November. Thanks brutasse.
--This line and those below, will be ignored--

M    tests/regressiontests/views/tests/generic/date_based.py


git-svn-id: http://code.djangoproject.com/svn/django/trunk@11697 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-11-01 22:12:40 +00:00
Russell Keith-Magee e18af06eed Fixed #12123 -- Updated the utils.dateformat test to be a unittest too, due to a dependency on the old dateformat test.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11695 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-11-01 04:53:51 +00:00
Russell Keith-Magee acfa9332de Fixed #12123 -- Refactored dateformat tests to use unittest. This is needed so that we have a reliable teardown that can reset the timezone at the end of the test.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11693 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-11-01 04:20:17 +00:00
Brian Rosner 8dd4a28721 Fixed #11872 -- Instantiate the correct model in BaseInlineFormSet.__init__ when instance is None. Thanks tobias.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11688 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-30 09:11:56 +00:00
Russell Keith-Magee 96658ef2d2 Fixed #12057 -- Corrected regression of caching performance when a model contained a callable default. Thanks to Michael Thornhill for the excellent assistance tracking this problem.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11681 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-29 14:32:01 +00:00
Jacob Kaplan-Moss 4281bf3db0 Fixed #11057: having no actions in the admin (`actions=None`) no longer messes up the layout. Thanks, rvdrijst.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11670 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-27 20:56:12 +00:00
Luke Plant 7230a995ce Moved contrib.csrf.* to core code.
There is stub code for backwards compatiblity with Django 1.1 imports.

The documentation has been updated, but has been left in
docs/contrib/csrf.txt for now, in order to avoid dead links to
documentation on the website.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@11661 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-27 00:36:34 +00:00
Luke Plant 8e70cef9b6 Fixed #9977 - CsrfMiddleware gets template tag added, session dependency removed, and turned on by default.
This is a large change to CSRF protection for Django.  It includes:

 * removing the dependency on the session framework.
 * deprecating CsrfResponseMiddleware, and replacing with a core template tag.
 * turning on CSRF protection by default by adding CsrfViewMiddleware to
   the default value of MIDDLEWARE_CLASSES.
 * protecting all contrib apps (whatever is in settings.py)
   using a decorator.

For existing users of the CSRF functionality, it should be a seamless update,
but please note that it includes DEPRECATION of features in Django 1.1,
and there are upgrade steps which are detailed in the docs.

Many thanks to 'Glenn' and 'bthomas', who did a lot of the thinking and work
on the patch, and to lots of other people including Simon Willison and
Russell Keith-Magee who refined the ideas.

Details of the rationale for these changes is found here:

http://code.djangoproject.com/wiki/CsrfProtection

As of this commit, the CSRF code is mainly in 'contrib'.  The code will be
moved to core in a separate commit, to make the changeset as readable as
possible.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@11660 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-26 23:23:07 +00:00
Jacob Kaplan-Moss d1da261417 Fixed #11371: Made `django.test.Client.put()` work for non-form-data PUT (i.e. JSON, etc.). Thanks, phyfus.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11656 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-26 15:02:54 +00:00
Jacob Kaplan-Moss 9f70783b14 Fixed a couple of test-ordering-dependant failures introduced in [11639] that caused test failures when running the whole test suite.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11645 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-24 00:23:47 +00:00
Jacob Kaplan-Moss 8be1bb2268 Fixed #11625: added comment moderation via admin actions.
This is BACKWARDS INCOMPATIBLE if you were using the completely undocumented moderation view from 1.1. That view's been removed in favor of the admin actions.

Thanks, Thejaswi Puthraya.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@11639 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-23 19:22:31 +00:00
Luke Plant 162fade2b7 Fixed #12060 - equality tests between User and SimpleLazyObject-wrapped User failed.
Also added more tests for SimpleLazyObject

Thanks to ericholscher for report.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@11637 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-20 14:11:08 +00:00
Luke Plant 22be3d7612 Fixed #12049 - LazyObject-wrapped User breaks queries in template tags
Thanks to chipx86 for the report and patch.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@11634 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-19 21:13:22 +00:00
Brian Rosner cb7a3262b5 Moved the call to _get_foreign_key to run in all cases catching incorrect inline setup sooner.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11631 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-19 19:17:20 +00:00
Brian Rosner 5fc35c9caf Fixed #11709 — Pass inline fk_name attribute when grabbing foreign key to test for exclusion. Thanks yishaibeeri for the report.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11630 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-19 19:17:07 +00:00
Luke Plant a2d8acbacd Fixed a regression on Python 2.6 caused by r11623
This might fix #12037, but I cannot reproduce that bug.
Refs #12037



git-svn-id: http://code.djangoproject.com/svn/django/trunk@11625 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-15 14:12:34 +00:00
Luke Plant c161bf21f0 Fixed #6552, #12031 - Make django.core.context_processors.auth lazy to avoid "Vary: Cookie"
Thanks to olau@iola.dk, Suor for the report



git-svn-id: http://code.djangoproject.com/svn/django/trunk@11623 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-14 18:09:13 +00:00
Jacob Kaplan-Moss 9f8287a3f1 SECURITY ALERT: Corrected regular expressions for URL and email fields.
Certain email addresses/URLs could trigger a catastrophic backtracking situation, causing 100% CPU and server overload. If deliberately triggered, this could be the basis of a denial-of-service attack.

This security vulnerability was disclosed in public, so we're skipping our
normal security release process to get the fix out as soon as possible.

This is a security related update. A full announcement, as well as backports for the 1.1.X and 1.0.X series will follow.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@11603 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-09 20:57:59 +00:00
Luke Plant 6e3a72585a Added 'key_prefix' keyword argument to cache_page()
This was available before r11586, but undocumented.  It has now been
re-added with documentation and explicit support, as it seems like a useful
feature and people were using it before.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@11595 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-28 21:54:54 +00:00
Luke Plant a97648a7e0 Corrected regressions introduced in r11586 and r11593
I read the order of arguments in the docs incorrectly, doh!


git-svn-id: http://code.djangoproject.com/svn/django/trunk@11594 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-26 19:39:42 +00:00
Luke Plant afeafcd492 Fixed #6371 - several decorators don't work with bound methods.
This involved changing the way the internal function
decorator_from_middleware works slightly, breaking some code that relied on
the old behaviour.  As a result, it is much simpler, but cache_page has been
made slightly more complex to cope with the change.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@11586 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-21 22:31:51 +00:00
Russell Keith-Magee 0757607217 Fixed #11820 -- Corrected the spelling of Grace Hopper's name in a test. Thanks to shields@msrl.com for the report, and apologies to Admiral Hopper for the error.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11551 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-13 04:32:55 +00:00
Luke Plant 7c53c2618d Fixed #10968 - Form.errors should use Form.error_class.
Thanks for report and initial patch, matehat.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@11498 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-11 10:47:40 +00:00
Luke Plant 84ef9dabfa Fixed #11061: Malformed POST request causes TypeError in AdminSite.login().
Thanks vvd


git-svn-id: http://code.djangoproject.com/svn/django/trunk@11493 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-10 16:50:57 +00:00
Luke Plant a2b46ca5fd Fixed #11833: name conflict in filter test.
Thanks steveire



git-svn-id: http://code.djangoproject.com/svn/django/trunk@11492 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-10 16:35:23 +00:00
Ian Kelly dcf3be7a62 Fixed #10566: Added support for cx_Oracle compiled with the WITH_UNICODE flag.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11477 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-08-24 15:45:48 +00:00
Matt Boersma e263cc0dc5 Fixed #11049: introspection on Oracle now identifies IntegerFields correctly.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11475 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-08-21 21:42:39 +00:00
Matt Boersma e0ce9d76e1 Fixed an assumed ordering in the queries regression tests by making it explicit.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11474 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-08-20 16:05:25 +00:00
Russell Keith-Magee 8bee4604a1 SECURITY ALERT: Corrected a problem with the Admin media handler that could lead to the exposure of system files. Thanks to Gary Wilson for the patch.
This is a security-related update. A full announcement, as well as backports for 1.0.X and 0.96.X will be forthcoming.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@11351 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-07-29 02:40:14 +00:00
Russell Keith-Magee 3412860f89 Fixed #11428 -- Ensured that SQL generating commands and dumpdata don't include proxy models in their output. Thanks to Anssi Kaariainen for the report.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11343 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-07-27 14:32:30 +00:00
Russell Keith-Magee 4a01812c15 Fixed #11546 -- Modified the mail regression test to avoid getting hung up on 32/64 bit differences. Thanks to Richard Davies for the report.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11328 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-07-25 05:14:46 +00:00
Russell Keith-Magee 53d16b1175 Fixed #11532 -- Corrected the link used for edit_inline foreign keys in admin when the admin is deployed using the old style admin.root approach. Thanks to JP for the report.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11314 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-07-23 14:31:33 +00:00
Ian Kelly bbac0cc965 Fixed #11487: pass long strings to Oracle as CLOB rather than NCLOB to prevent an encoding bug that occurs in some installations.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11285 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-07-21 21:20:18 +00:00
Russell Keith-Magee 8d48eaa064 Fixed #10061 -- Added namespacing for named URLs - most importantly, for the admin site, where the absence of this facility was causing problems. Thanks to the many people who contributed to and helped review this patch.
This change is backwards incompatible for anyone that is using the named URLs
introduced in [9739]. Any usage of the old admin_XXX names need to be modified
to use the new namespaced format; in many cases this will be as simple as a
search & replace for "admin_" -> "admin:". See the docs for more details on
the new URL names, and the namespace resolution strategy.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@11250 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-07-16 16:16:13 +00:00
Russell Keith-Magee e992e57d3e Fixed #11416 -- Restored use of the never_cache decorator on admin views. Thanks to Ramiro Morales and Michael Newmann for their work on the patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11229 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-07-13 13:46:31 +00:00
Russell Keith-Magee 52bc782621 Fixed #11107 -- Corrected the generation of sequence reset SQL for m2m fields with an intermediate model. Thanks to J Clifford Dyer for the report and fix.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11215 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-07-11 14:22:52 +00:00
Russell Keith-Magee 7ecb8b08b3 Fixed #10922 -- Corrected handling of POST data to ensure that the right objects are updated on save when the ordering field is editable. Thanks to Alex Gaynor, Karen Tracy, and Will Hardy for their contributions to this patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11160 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-07-03 03:05:17 +00:00
Russell Keith-Magee 735309341e Fixed #10834 -- Added bucket condition to ensure that URL resolvers won't ever return None. Thanks to Chris Cahoon for the patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11120 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-06-29 14:02:17 +00:00
Russell Keith-Magee e522e61a80 Fixed #11392 -- Enforced a predictable result order for a couple of test cases. Thanks to Nathan Auch for the report and patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11119 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-06-29 12:29:48 +00:00
Russell Keith-Magee cbbe60c7fc Fixed #11270 -- Modified cache template tag to prevent the creation of very long cache keys. Thanks to 235 for the report and patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11068 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-06-18 15:04:00 +00:00
Russell Keith-Magee 8950a40cec Fixed #11270 -- Corrected naming conflict in templatetag test. Thanks to steveire for the report.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11067 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-06-18 15:03:17 +00:00