django.git/tests/regressiontests/admin_views/tests.py, branch stable/1.3.x

[1.3.x] Checked object permissions on admin history view.

2013-02-12T11:13:42Z

This is a security fix. Disclosure and advisory coming shortly. Patch by Russell Keith-Magee.

[1.3.X] Reverting r16878 (improved admin error message) per advice from jezdez. refs #16837

2011-09-22T22:55:47Z

git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.3.X@16891 bcc190cf-cafb-0310-a4f2-bffc1f526a37

[1.3.X] Fixed #16837 -- Improved error messages for admin login. Thanks Wim Feijen for the patch.

2011-09-22T05:36:57Z

git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.3.X@16878 bcc190cf-cafb-0310-a4f2-bffc1f526a37

Fixed a number of tests that were failing in Oracle due to false assumptions about the primary keys of objects.

2011-03-09T00:39:35Z

git-svn-id: http://code.djangoproject.com/svn/django/trunk@15779 bcc190cf-cafb-0310-a4f2-bffc1f526a37

Updated test assertions that have been deprecated by the move to unittest2. In summary, this means:

2011-03-03T15:04:39Z

assert_ -> assertTrue assertEquals -> assertEqual failUnless -> assertTrue For full details, see http://www.voidspace.org.uk/python/articles/unittest2.shtml#deprecations git-svn-id: http://code.djangoproject.com/svn/django/trunk@15728 bcc190cf-cafb-0310-a4f2-bffc1f526a37

Fixed #12475 -- Fixed an edge case with hidden fields in ModelAdmin changelists when used in conjunction with list_display_links or list_editable. Thanks, Simon Meers, Julien Phalip, Karen and master.

2011-03-03T13:20:45Z

git-svn-id: http://code.djangoproject.com/svn/django/trunk@15722 bcc190cf-cafb-0310-a4f2-bffc1f526a37

Fixed #15517 -- Fixed regression in admin search_fields option introduced in r15526. Thanks Fabian Buechler for the report and fix and Julien Phalip for adding tests.

2011-03-01T02:04:35Z

git-svn-id: http://code.djangoproject.com/svn/django/trunk@15677 bcc190cf-cafb-0310-a4f2-bffc1f526a37

Fixed #10918 -- Ensure that the search widget on a raw_id_admin uses the right field name when the ForeignKey has a to_field definition. Thanks to David Cramer for the report, Collin Anderson for the fix, and Julien Phalip for the test.

2011-02-26T12:44:25Z

git-svn-id: http://code.djangoproject.com/svn/django/trunk@15657 bcc190cf-cafb-0310-a4f2-bffc1f526a37

Prevented non-admin users from accessing the admin redirect shortcut.

2011-02-24T13:34:51Z

If the admin shortcut view (e.g. /admin/r///) is publically-accessible, and if a public users can guess a content-type ID (which isn't hard given that they're sequential), then the redirect view could possibly leak data by redirecting to pages a user shouldn't "know about." So the redirect view needs the same protection as the rest of the admin site. Thanks to Jason Royes for pointing this out. git-svn-id: http://code.djangoproject.com/svn/django/trunk@15639 bcc190cf-cafb-0310-a4f2-bffc1f526a37

Fixed #14012 (again) -- Admin app: Don't show the full user edition view after adding a user in a FK popup. Thanks dburke for reporting this regression introduced in r14628.

2011-02-24T01:00:57Z

git-svn-id: http://code.djangoproject.com/svn/django/trunk@15637 bcc190cf-cafb-0310-a4f2-bffc1f526a37