summaryrefslogtreecommitdiff
path: root/docs/ref
diff options
context:
space:
mode:
Diffstat (limited to 'docs/ref')
-rw-r--r--docs/ref/contrib/admin/index.txt34
-rw-r--r--docs/ref/contrib/contenttypes.txt4
-rw-r--r--docs/ref/databases.txt2
-rw-r--r--docs/ref/templates/builtins.txt27
4 files changed, 50 insertions, 17 deletions
diff --git a/docs/ref/contrib/admin/index.txt b/docs/ref/contrib/admin/index.txt
index 64d9c52492..f0f5621fe6 100644
--- a/docs/ref/contrib/admin/index.txt
+++ b/docs/ref/contrib/admin/index.txt
@@ -704,6 +704,8 @@ objects. Templates can override or extend base admin templates as described in
If you don't specify this attribute, a default template shipped with Django
that provides the standard appearance is used.
+.. _model-admin-methods:
+
``ModelAdmin`` methods
----------------------
@@ -760,12 +762,19 @@ documented in :ref:`topics-http-urls`::
anything, so you'll usually want to prepend your custom URLs to the built-in
ones.
-Note, however, that the ``self.my_view`` function registered above will *not*
-have any permission check done; it'll be accessible to the general public. Since
-this is usually not what you want, Django provides a convience wrapper to check
-permissions. This wrapper is :meth:`AdminSite.admin_view` (i.e.
-``self.admin_site.admin_view`` inside a ``ModelAdmin`` instance); use it like
-so::
+However, the ``self.my_view`` function registered above suffers from two
+problems:
+
+ * It will *not* perform and permission checks, so it will be accessible to
+ the general public.
+ * It will *not* provide any header details to prevent caching. This means if
+ the page retrieves data from the database, and caching middleware is
+ active, the page could show outdated information.
+
+Since this is usually not what you want, Django provides a convenience wrapper
+to check permissions and mark the view as non-cacheable. This wrapper is
+:meth:`AdminSite.admin_view` (i.e. ``self.admin_site.admin_view`` inside a
+``ModelAdmin`` instance); use it like so:
class MyModelAdmin(admin.ModelAdmin):
def get_urls(self):
@@ -779,7 +788,14 @@ Notice the wrapped view in the fifth line above::
(r'^my_view/$', self.admin_site.admin_view(self.my_view))
-This wrapping will protect ``self.my_view`` from unauthorized access.
+This wrapping will protect ``self.my_view`` from unauthorized access and will
+apply the ``django.views.decorators.cache.never_cache`` decorator to make sure
+it is not cached if the cache middleware is active.
+
+If the page is cacheable, but you still want the permission check to be performed,
+you can pass a ``cacheable=True`` argument to :meth:`AdminSite.admin_view`::
+
+ (r'^my_view/$', self.admin_site.admin_view(self.my_view, cacheable=True))
.. method:: ModelAdmin.formfield_for_foreignkey(self, db_field, request, **kwargs)
@@ -792,7 +808,7 @@ return a subset of objects for this foreign key field based on the user::
class MyModelAdmin(admin.ModelAdmin):
def formfield_for_foreignkey(self, db_field, request, **kwargs):
if db_field.name == "car":
- kwargs["queryset"] = Car.object.filter(owner=request.user)
+ kwargs["queryset"] = Car.objects.filter(owner=request.user)
return db_field.formfield(**kwargs)
return super(MyModelAdmin, self).formfield_for_foreignkey(db_field, request, **kwargs)
@@ -847,7 +863,7 @@ provided some extra mapping data that would not otherwise be available::
'osm_data': self.get_osm_info(),
}
return super(MyModelAdmin, self).change_view(request, object_id,
- extra_context=my_context))
+ extra_context=my_context)
``ModelAdmin`` media definitions
--------------------------------
diff --git a/docs/ref/contrib/contenttypes.txt b/docs/ref/contrib/contenttypes.txt
index 94900b3892..8a926afc97 100644
--- a/docs/ref/contrib/contenttypes.txt
+++ b/docs/ref/contrib/contenttypes.txt
@@ -177,9 +177,9 @@ The ``ContentTypeManager``
.. method:: models.ContentTypeManager.clear_cache()
Clears an internal cache used by
- :class:`~django.contrib.contenttypes.models.ContentType>` to keep track
+ :class:`~django.contrib.contenttypes.models.ContentType` to keep track
of which models for which it has created
- :class:`django.contrib.contenttypes.models.ContentType>` instances. You
+ :class:`django.contrib.contenttypes.models.ContentType` instances. You
probably won't ever need to call this method yourself; Django will call
it automatically when it's needed.
diff --git a/docs/ref/databases.txt b/docs/ref/databases.txt
index 9a35b6cb8f..007a7079b7 100644
--- a/docs/ref/databases.txt
+++ b/docs/ref/databases.txt
@@ -220,7 +220,7 @@ bytestrings (which shouldn't be too difficult) is the recommended solution.
Should you decide to use ``utf8_bin`` collation for some of your tables with
MySQLdb 1.2.1p2, you should still use ``utf8_collation_ci_swedish`` (the
default) collation for the :class:`django.contrib.sessions.models.Session`
-table (usually called ``django_session`` and the table
+table (usually called ``django_session``) and the
:class:`django.contrib.admin.models.LogEntry` table (usually called
``django_admin_log``). Those are the two standard tables that use
:class:`~django.db.model.TextField` internally.
diff --git a/docs/ref/templates/builtins.txt b/docs/ref/templates/builtins.txt
index 32b5984767..aedad6562f 100644
--- a/docs/ref/templates/builtins.txt
+++ b/docs/ref/templates/builtins.txt
@@ -101,6 +101,14 @@ You can use any number of values in a ``{% cycle %}`` tag, separated by spaces.
Values enclosed in single (``'``) or double quotes (``"``) are treated as
string literals, while values without quotes are treated as template variables.
+Note that the variables included in the cycle will not be escaped. This is
+because template tags do not escape their content. If you want to escape the
+variables in the cycle, you must do so explicitly::
+
+ {% filter force_escape %}
+ {% cycle var1 var2 var3 %}
+ {% endfilter %}
+
For backwards compatibility, the ``{% cycle %}`` tag supports the much inferior
old syntax from previous Django versions. You shouldn't use this in any new
projects, but for the sake of the people who are still using it, here's what it
@@ -160,8 +168,9 @@ Sample usage::
firstof
~~~~~~~
-Outputs the first variable passed that is not False. Outputs nothing if all the
-passed variables are False.
+Outputs the first variable passed that is not False, without escaping.
+
+Outputs nothing if all the passed variables are False.
Sample usage::
@@ -170,11 +179,11 @@ Sample usage::
This is equivalent to::
{% if var1 %}
- {{ var1 }}
+ {{ var1|safe }}
{% else %}{% if var2 %}
- {{ var2 }}
+ {{ var2|safe }}
{% else %}{% if var3 %}
- {{ var3 }}
+ {{ var3|safe }}
{% endif %}{% endif %}{% endif %}
You can also use a literal string as a fallback value in case all
@@ -182,6 +191,14 @@ passed variables are False::
{% firstof var1 var2 var3 "fallback value" %}
+Note that the variables included in the firstof tag will not be escaped. This
+is because template tags do not escape their content. If you want to escape
+the variables in the firstof tag, you must do so explicitly::
+
+ {% filter force_escape %}
+ {% firstof var1 var2 var3 "fallback value" %}
+ {% endfilter %}
+
.. templatetag:: for
for