Commit Graph

1031 Commits

Author SHA1 Message Date
Karen Tracey 5543b10608 Fixed #12349: Added missing unquote in admin history view. Thanks for the report guard.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11808 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-12-10 19:58:20 +00:00
Jannis Leidel 9bf652dfd6 Fixed #11010 - Add a foundation for object permissions to authentication backends. Thanks to Florian Apolloner for writing the initial patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11807 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-12-10 01:05:35 +00:00
Luke Plant 2c2f5aee4d Implemented 'smart if' template tag, allowing filters and various operators to be used in the 'if' tag
Thanks to Chris Beaven for the initial patch, Fredrik Lundh for the basis
of the parser methodology and Russell Keith-Magee for code reviews.

There are some BACKWARDS INCOMPATIBILITIES in rare cases - in particular, if
you were using the keywords 'and', 'or' or 'not' as variable names within
the 'if' expression, which was previously allowed in some cases.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@11806 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-12-09 22:40:36 +00:00
Justin Bronn 81dd5c2473 Fixed #12340 -- `BaseGenericInlineFormSet.get_queryset` now returns an ordered queryset.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11800 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-12-09 03:49:25 +00:00
Russell Keith-Magee ce7c61d61e Refs #11109 -- Touched some whitespace so Trac will display some files correctly.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11785 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-12-02 00:30:00 +00:00
Jacob Kaplan-Moss f5fefcc8c9 Added an explicit test showing that field errors are correctly autoescaped.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11756 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-11-20 14:59:44 +00:00
Russell Keith-Magee be9376d9ad Corrected a regression in validation of admin fieldsets with nested definitions from r11744. Thanks to Davor Lučić for the report.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11752 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-11-19 15:07:42 +00:00
Russell Keith-Magee 77755aa5a0 Fixed #12242 -- Corrected a problem with masking extra selects() in a DateQuerySet. Thanks to Alex Gaynor for his help debugging this one.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11748 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-11-19 04:35:53 +00:00
Russell Keith-Magee 7875421a03 Fixed #11243 -- Ensured that bash_completion output is emitted in sorted order. Thanks to Alex Gaynor for the report.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11747 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-11-19 04:35:31 +00:00
Russell Keith-Magee 2dfe3ad657 Added tests for the bash completion script from [11526]. Thanks to Eric Holscher.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11745 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-11-18 11:10:50 +00:00
Russell Keith-Magee bb4062d53b Fixed #12237 -- Improved the error message for m2m fields with an explicit through model being listed in admin fieldsets. Thanks to Pyth for the report and Ramiro Morales for the patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11744 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-11-18 07:44:06 +00:00
Brian Rosner 6c61ca3d74 Fixed #5034 -- honor request.urlconf in reverse and resolve.
This enables {% url %} to honor request.urlconf set from process_request
middleware methods.

Thanks SmileyChris for the initial patch work.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@11740 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-11-16 01:58:00 +00:00
Russell Keith-Magee 0aeb1e135d Refs #12203 -- Improved error handling for the case where a user manually specifies an m2m field with an explicit through field. Thanks to dgouldin for the report, and Ramiro Morales for the patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11737 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-11-13 12:35:05 +00:00
Russell Keith-Magee dd045aaab5 Fixed #12209 -- Made the through attribute on a m2m relation into a property to ensure that the fully resolved through model is always provdided. Thanks to dgouldin for the report.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11736 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-11-13 12:34:41 +00:00
Russell Keith-Magee 632f12fba4 Fixed #12163 -- Corrected the unpickling of non-deferred models. Thanks to rfugger for the report and test case.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11732 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-11-11 13:06:18 +00:00
Russell Keith-Magee 70f9a4f6ce Fixed #12190 -- Corrected a regression in the ability to instantiate ForeignKeys outside of models. Thanks to jittat for the report.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11730 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-11-10 15:21:12 +00:00
Russell Keith-Magee dd5d7622a5 Fixed #11144 -- When a to/from/cc header contains unicode, make sure the email addresses are parsed correctly (especially with regards to commas). Thanks to rmt for the patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11719 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-11-04 11:24:56 +00:00
Russell Keith-Magee 585b7acaa3 Fixed #10109 -- Removed the use of raw SQL in many-to-many fields by introducing an autogenerated through model.
This is the first part of Alex Gaynor's GSoC project to add Multi-db support to Django.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@11710 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-11-03 14:02:49 +00:00
Russell Keith-Magee aba5389326 Fixed #10355 -- Added an API for pluggable e-mail backends.
Thanks to Andi Albrecht for his work on this patch, and to everyone else that contributed during design and development.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@11709 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-11-03 12:53:26 +00:00
Russell Keith-Magee 5dfed1b24a Fixed #12127 -- Corrected teardown of dateformat tests. Thanks to apollo13 for the report, and Karen Tracey for the debugging help.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11705 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-11-02 08:26:03 +00:00
Karen Tracey 1ea08b441d Repeat the setUp/tearDown changes made in r11699 for the tests
converted in r11694.  This allows the dateformat tests to pass 
on Windows.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@11701 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-11-01 23:48:31 +00:00
Karen Tracey d4bb582b1a Changed setUp and tearDown for the tests converted from doctests in r11695
to not assume TZ absolutely will be set in the environment.  That environment
variable does not necessarily exist on Windows, it seems.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@11699 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-11-01 23:09:23 +00:00
Karen Tracey ff38e0b1d1 Fixed #12125 -- Fixed a typo in the generic views date_based test that caused it to fail in November. Thanks brutasse.
--This line and those below, will be ignored--

M    tests/regressiontests/views/tests/generic/date_based.py


git-svn-id: http://code.djangoproject.com/svn/django/trunk@11697 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-11-01 22:12:40 +00:00
Russell Keith-Magee e18af06eed Fixed #12123 -- Updated the utils.dateformat test to be a unittest too, due to a dependency on the old dateformat test.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11695 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-11-01 04:53:51 +00:00
Russell Keith-Magee acfa9332de Fixed #12123 -- Refactored dateformat tests to use unittest. This is needed so that we have a reliable teardown that can reset the timezone at the end of the test.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11693 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-11-01 04:20:17 +00:00
Brian Rosner 8dd4a28721 Fixed #11872 -- Instantiate the correct model in BaseInlineFormSet.__init__ when instance is None. Thanks tobias.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11688 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-30 09:11:56 +00:00
Russell Keith-Magee 96658ef2d2 Fixed #12057 -- Corrected regression of caching performance when a model contained a callable default. Thanks to Michael Thornhill for the excellent assistance tracking this problem.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11681 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-29 14:32:01 +00:00
Jacob Kaplan-Moss 4281bf3db0 Fixed #11057: having no actions in the admin (`actions=None`) no longer messes up the layout. Thanks, rvdrijst.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11670 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-27 20:56:12 +00:00
Luke Plant 7230a995ce Moved contrib.csrf.* to core code.
There is stub code for backwards compatiblity with Django 1.1 imports.

The documentation has been updated, but has been left in
docs/contrib/csrf.txt for now, in order to avoid dead links to
documentation on the website.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@11661 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-27 00:36:34 +00:00
Luke Plant 8e70cef9b6 Fixed #9977 - CsrfMiddleware gets template tag added, session dependency removed, and turned on by default.
This is a large change to CSRF protection for Django.  It includes:

 * removing the dependency on the session framework.
 * deprecating CsrfResponseMiddleware, and replacing with a core template tag.
 * turning on CSRF protection by default by adding CsrfViewMiddleware to
   the default value of MIDDLEWARE_CLASSES.
 * protecting all contrib apps (whatever is in settings.py)
   using a decorator.

For existing users of the CSRF functionality, it should be a seamless update,
but please note that it includes DEPRECATION of features in Django 1.1,
and there are upgrade steps which are detailed in the docs.

Many thanks to 'Glenn' and 'bthomas', who did a lot of the thinking and work
on the patch, and to lots of other people including Simon Willison and
Russell Keith-Magee who refined the ideas.

Details of the rationale for these changes is found here:

http://code.djangoproject.com/wiki/CsrfProtection

As of this commit, the CSRF code is mainly in 'contrib'.  The code will be
moved to core in a separate commit, to make the changeset as readable as
possible.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@11660 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-26 23:23:07 +00:00
Jacob Kaplan-Moss d1da261417 Fixed #11371: Made `django.test.Client.put()` work for non-form-data PUT (i.e. JSON, etc.). Thanks, phyfus.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11656 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-26 15:02:54 +00:00
Jacob Kaplan-Moss 9f70783b14 Fixed a couple of test-ordering-dependant failures introduced in [11639] that caused test failures when running the whole test suite.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11645 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-24 00:23:47 +00:00
Jacob Kaplan-Moss 8be1bb2268 Fixed #11625: added comment moderation via admin actions.
This is BACKWARDS INCOMPATIBLE if you were using the completely undocumented moderation view from 1.1. That view's been removed in favor of the admin actions.

Thanks, Thejaswi Puthraya.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@11639 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-23 19:22:31 +00:00
Luke Plant 162fade2b7 Fixed #12060 - equality tests between User and SimpleLazyObject-wrapped User failed.
Also added more tests for SimpleLazyObject

Thanks to ericholscher for report.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@11637 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-20 14:11:08 +00:00
Luke Plant 22be3d7612 Fixed #12049 - LazyObject-wrapped User breaks queries in template tags
Thanks to chipx86 for the report and patch.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@11634 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-19 21:13:22 +00:00
Brian Rosner cb7a3262b5 Moved the call to _get_foreign_key to run in all cases catching incorrect inline setup sooner.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11631 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-19 19:17:20 +00:00
Brian Rosner 5fc35c9caf Fixed #11709 — Pass inline fk_name attribute when grabbing foreign key to test for exclusion. Thanks yishaibeeri for the report.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11630 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-19 19:17:07 +00:00
Luke Plant a2d8acbacd Fixed a regression on Python 2.6 caused by r11623
This might fix #12037, but I cannot reproduce that bug.
Refs #12037



git-svn-id: http://code.djangoproject.com/svn/django/trunk@11625 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-15 14:12:34 +00:00
Luke Plant c161bf21f0 Fixed #6552, #12031 - Make django.core.context_processors.auth lazy to avoid "Vary: Cookie"
Thanks to olau@iola.dk, Suor for the report



git-svn-id: http://code.djangoproject.com/svn/django/trunk@11623 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-14 18:09:13 +00:00
Jacob Kaplan-Moss 9f8287a3f1 SECURITY ALERT: Corrected regular expressions for URL and email fields.
Certain email addresses/URLs could trigger a catastrophic backtracking situation, causing 100% CPU and server overload. If deliberately triggered, this could be the basis of a denial-of-service attack.

This security vulnerability was disclosed in public, so we're skipping our
normal security release process to get the fix out as soon as possible.

This is a security related update. A full announcement, as well as backports for the 1.1.X and 1.0.X series will follow.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@11603 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-09 20:57:59 +00:00
Luke Plant 6e3a72585a Added 'key_prefix' keyword argument to cache_page()
This was available before r11586, but undocumented.  It has now been
re-added with documentation and explicit support, as it seems like a useful
feature and people were using it before.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@11595 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-28 21:54:54 +00:00
Luke Plant a97648a7e0 Corrected regressions introduced in r11586 and r11593
I read the order of arguments in the docs incorrectly, doh!


git-svn-id: http://code.djangoproject.com/svn/django/trunk@11594 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-26 19:39:42 +00:00
Luke Plant afeafcd492 Fixed #6371 - several decorators don't work with bound methods.
This involved changing the way the internal function
decorator_from_middleware works slightly, breaking some code that relied on
the old behaviour.  As a result, it is much simpler, but cache_page has been
made slightly more complex to cope with the change.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@11586 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-21 22:31:51 +00:00
Russell Keith-Magee 0757607217 Fixed #11820 -- Corrected the spelling of Grace Hopper's name in a test. Thanks to shields@msrl.com for the report, and apologies to Admiral Hopper for the error.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11551 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-13 04:32:55 +00:00
Luke Plant 7c53c2618d Fixed #10968 - Form.errors should use Form.error_class.
Thanks for report and initial patch, matehat.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@11498 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-11 10:47:40 +00:00
Luke Plant 84ef9dabfa Fixed #11061: Malformed POST request causes TypeError in AdminSite.login().
Thanks vvd


git-svn-id: http://code.djangoproject.com/svn/django/trunk@11493 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-10 16:50:57 +00:00
Luke Plant a2b46ca5fd Fixed #11833: name conflict in filter test.
Thanks steveire



git-svn-id: http://code.djangoproject.com/svn/django/trunk@11492 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-10 16:35:23 +00:00
Ian Kelly dcf3be7a62 Fixed #10566: Added support for cx_Oracle compiled with the WITH_UNICODE flag.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11477 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-08-24 15:45:48 +00:00
Matt Boersma e263cc0dc5 Fixed #11049: introspection on Oracle now identifies IntegerFields correctly.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11475 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-08-21 21:42:39 +00:00
Matt Boersma e0ce9d76e1 Fixed an assumed ordering in the queries regression tests by making it explicit.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11474 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-08-20 16:05:25 +00:00