1
0
mirror of https://github.com/django/django.git synced 2025-01-10 18:36:05 +00:00
Commit Graph

163 Commits

Author SHA1 Message Date
Mariusz Felisiak
1760ad4e8c
Relaxed some query ordering assertions in various tests.
It accounts for differences seen on MySQL with MyISAM storage engine.
2022-04-14 12:12:13 +02:00
Mariusz Felisiak
93cae5cb2f Fixed CVE-2022-28346 -- Protected QuerySet.annotate(), aggregate(), and extra() against SQL injection in column aliases.
Thanks Splunk team: Preston Elder, Jacob Davis, Jacob Moore,
Matt Hanson, David Briggs, and a security researcher: Danylo Dmytriiev
(DDV_UA) for the report.
2022-04-11 08:59:33 +02:00
Luke Plant
40b8a6174f Fixed #33397 -- Corrected resolving output_field for DateField/DateTimeField/TimeField/DurationFields.
This includes refactoring of CombinedExpression._resolve_output_field()
so it no longer uses the behavior inherited from Expression of guessing
same output type if argument types match, and instead we explicitly
define the output type of all supported operations.

This also makes nonsensical operations involving dates
(e.g. date + date) raise a FieldError, and adds support for
automatically inferring output_field for cases such as:
* date - date
* date + duration
* date - duration
* time + duration
* time - time
2022-03-31 11:05:23 +02:00
Luke Plant
04ad0f26ba Refs #33397 -- Added extra tests for resolving an output_field of CombinedExpression. 2022-03-30 11:03:48 +02:00
Ryan Heard
c6b4d62fa2 Fixed #29865 -- Added logical XOR support for Q() and querysets. 2022-03-04 12:55:37 +01:00
Mariusz Felisiak
7119f40c98 Refs #33476 -- Refactored code to strictly match 88 characters line length. 2022-02-07 20:37:05 +01:00
django-bot
9c19aff7c7 Refs #33476 -- Reformatted code with Black. 2022-02-07 20:37:05 +01:00
Mariusz Felisiak
6f185a53a2
Refs #33482 -- Fixed QuerySet selecting and filtering againts negated Exists() with empty queryset.
Regression in b7d1da5a62.
2022-02-07 20:34:21 +01:00
Mariusz Felisiak
c5cd878382
Refs #33476 -- Refactored problematic code before reformatting by Black.
In these cases Black produces unexpected results, e.g.

def make_random_password(
    self,
    length=10,
    allowed_chars='abcdefghjkmnpqrstuvwxyz' 'ABCDEFGHJKLMNPQRSTUVWXYZ' '23456789',
):

or

cursor.execute("""
SELECT ...
""",
    [table name],
)
2022-02-03 11:20:46 +01:00
Simon Charette
b7d1da5a62 Fixed #33482 -- Fixed QuerySet filtering againts negated Exists() with empty queryset.
Thanks Tobias Bengfort for the report.
2022-02-02 07:54:19 +01:00
My-Name-Is-Nabil
f37face331 Fixed #33435 -- Fixed invalid SQL generatered by Subquery.as_sql(). 2022-01-17 09:00:46 +01:00
Allen Jonathan David
28c98d4113 Fixed #33216 -- Simpilified deconstructed paths for some expressions. 2022-01-07 11:19:29 +01:00
Keryn Knight
0ed2919814 Fixed #33406 -- Avoided creation of MaxLengthValidator(None) when resolving Value.output_field for strings.
This brings the behaviour in line with Field subclasses which append to
the validators within __init__(), like BinaryField, and prevents the
creation of a validator which incorrectly throws a TypeError, if it
were used.
2022-01-04 05:51:00 +01:00
Keryn Knight
b894199eb0 Refs #33406 -- Added test for not creating broken validators when resolving Value.output_field. 2022-01-04 05:51:00 +01:00
Adam Johnson
a8fa3e5cd7 Refs #33355 -- Added missing tests for database functions and expression on null values. 2021-12-22 11:46:18 +01:00
Matthijs Kooijman
1a5023883b Fixed #33257 -- Fixed Case() and ExpressionWrapper() with decimal values on SQLite. 2021-11-08 18:02:56 +01:00
Hasan Ramezani
c069ee0b9d Fixed #33224 -- Removed DatabaseFeatures.supports_mixed_date_datetime_comparisons. 2021-11-02 07:30:38 +01:00
Tim Graham
cbd9f8531d
Removed duplicated lines in test_in_lookup_allows_F_expressions_and_expressions_for_datetimes(). 2021-10-26 07:22:20 +02:00
Adam Johnson
45f48ed4f7 Made F deconstruction omit 'expressions' in the path. 2021-10-21 09:40:52 +02:00
Mariusz Felisiak
e703b152c6
Fixed #32793 -- Fixed loss of precision for temporal operations with DecimalFields on MySQL.
Regression in 1e38f1191d.

Thanks Mohsen Tamiz for the report.
2021-06-01 15:11:42 +02:00
Mariusz Felisiak
f0a9413bd2 Refs #24121 -- Improved Value.__repr__(). 2021-05-24 07:26:53 +02:00
Mariusz Felisiak
3f6d4e22f8 Fixed typo in tests/expressions/tests.py. 2021-05-24 07:26:53 +02:00
Simon Charette
96f55ccf79 Fixed #32714 -- Prevented recreation of migration for Meta.ordering with OrderBy expressions.
Regression in c8b6594305.

Thanks Kevin Marsh for the report.
2021-05-05 08:43:57 +02:00
Tobias Bengfort
54e94640ac Refs #25287 -- Added support for multiplying and dividing DurationField by scalar values on SQLite. 2021-04-20 11:44:41 +02:00
Hasan Ramezani
ed0cc52dc3 Fixed #32585 -- Fixed Value() crash with DecimalField on SQLite. 2021-03-29 06:22:36 +02:00
Jonathan Richards
00b0786de5 Fixed #32548 -- Fixed crash when combining Q() objects with boolean expressions. 2021-03-17 21:53:39 +01:00
Mariusz Felisiak
54f60bc85d Refs #32548 -- Added tests for passing conditional expressions to Q(). 2021-03-17 21:53:36 +01:00
Hasan Ramezani
f2bef2b7bc Fixed #32455 -- Allowed right combining Q() with boolean expressions. 2021-02-18 22:20:36 +01:00
Mariusz Felisiak
efce21497c Refs #32455 -- Added tests for left combining an empty Q() with boolean expressions. 2021-02-18 22:19:56 +01:00
Mariusz Felisiak
b989d21336
Refs #26602 -- Added tests for aggregating over a RawSQL() annotation.
Fixed in 3f32154f40.

Thanks Manav Agarwal for initial test.
2021-01-26 10:59:05 +01:00
Mariusz Felisiak
5e33ec80d1 Refs #30158 -- Made alias argument required in signature of Expression.get_group_by_cols() subclasses.
Per deprecation timeline.
2021-01-14 17:50:04 +01:00
Hasan Ramezani
275dd4ebba
Fixed #32178 -- Allowed database backends to skip tests and mark expected failures.
Co-authored-by: Tim Graham <timograham@gmail.com>
2020-12-10 18:00:57 +01:00
Ian Foote
8b040e3cbb Fixed #25534, Fixed #31639 -- Added support for transform references in expressions.
Thanks Mariusz Felisiak and Simon Charette for reviews.
2020-11-27 20:42:04 +01:00
Hasan Ramezani
3f7b327562 Fixed #31235 -- Made assertQuerysetEqual() compare querysets directly.
This also replaces assertQuerysetEqual() to
assertSequenceEqual()/assertCountEqual() where appropriate.

Co-authored-by: Peter Inglesby <peter.inglesby@gmail.com>
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2020-11-06 09:24:50 +01:00
Adam Johnson
a56586eafe Fixed #32134 -- Fixed crash of __range lookup with namedtuple.
Regression in 8be79984dc.

Thanks Gordon Wrigley for the report.
2020-10-23 18:01:31 +02:00
Tim Graham
afcad0f1b1
Relaxed some query ordering assertions in expressions tests.
It accounts for differences seen on CockroachDB.
2020-10-19 19:21:31 +02:00
Nick Pope
06c5d3fafc Fixed #32060 -- Added Random database function. 2020-10-02 06:58:03 +02:00
Simon Charette
38fce49c82 Fixed #31919 -- Resolved output_field of IntegerField subclasses combinations. 2020-08-31 06:42:40 +02:00
Simon Charette
40894f2967 Refs #30446 -- Added tests for resolving output_field of CombinedExpression. 2020-08-31 06:40:39 +02:00
Simon Charette
51297a9232 Fixed #31792 -- Made Exists() reuse QuerySet.exists() optimizations.
The latter is already optimized to limit the number of results, avoid
selecting unnecessary fields, and drop ordering if possible without
altering the semantic of the query.
2020-08-13 14:10:36 +02:00
Simon Charette
156a2138db Refs #30446 -- Removed unnecessary Value(..., output_field) in docs and tests. 2020-07-15 10:58:38 +02:00
Simon Charette
1e38f1191d Fixed #30446 -- Resolved Value.output_field for stdlib types.
This required implementing a limited form of dynamic dispatch to combine
expressions with numerical output. Refs #26355 should eventually provide
a better interface for that.
2020-07-15 10:58:29 +02:00
Simon Charette
f783a99072 Refs #25425 -- Allowed unresolved Value() instances to be compiled.
Previously unresolved Value() instances were only allowed to be
compiled if they weren't initialized with an output_field.

Given the usage of unresolved Value() instances is relatively common in
as_sql() overrides it's less controversial to add explicit support for
this previously undefined behavior now and revisit whether or not it
should be deprecated in the future.
2020-07-14 07:20:20 +02:00
Sergey Fedoseev
9d519d3dc4 Fixed #31755 -- Made temporal subtraction resolve output field. 2020-07-01 23:02:27 +02:00
Sergey Fedoseev
ed6b14d459
Refs #28621 -- Fixed crash of annotations with nested OuterRef. 2020-07-01 11:01:46 +02:00
Sergey Fedoseev
dd5aa8cb5f Fixed #28925 -- Fixed durations-only expressions crash on SQLite and MySQL.
This removes also unused DatabaseOperations.date_interval_sql().
2020-06-30 07:04:55 +02:00
Mariusz Felisiak
aeb8996a67 Fixed #31659 -- Made ExpressionWrapper preserve output_field for combined expressions.
Regression in df32fd42b8.

Thanks Simon Charette for the review.
2020-06-12 07:20:06 +02:00
Thodoris Sotiropoulos
df32fd42b8 Fixed #31651 -- Made ExpressionWrapper use grouping columns from wrapped expression. 2020-06-03 07:29:41 +02:00
Mariusz Felisiak
a125da6a7c Fixed #31607 -- Fixed evaluated Subquery equality.
Regression in 691def10a0.
2020-05-19 22:44:57 +02:00
Nick Pope
8f10ceaa90 Changed '%s' % value pattern to str(value). 2020-05-04 08:27:18 +02:00