Re: Support for extending the django.contrib.auth User model

This has been discussed extensively, both on this list and the ticket at http://code.djangoproject.com/ticket/3011 It's been rejected for 1.1 (now is not really a good time to be proposing features), but you can try mentioning this again when 1.2 planning starts. -bob

Re: Reminder: Django 1.1 beta this week means feature freeze

Digging through the (huge) 1.1 milestone list a bit, the following seem to be closer to improvements than bugs (IMO). If you have any favorites in here, they should probably be looked at for last-minute additions to 1.1 beta, or they may be in danger of missing 1.1 entirely:

Re: Proposal: enable CSRF middleware by default

On Mar 19, 3:42 pm, Jacob Kaplan-Moss <jacob.kaplanm...@gmail.com> wrote: > On Thu, Mar 19, 2009 at 2:18 PM, Bob Thomas <robert.w.tho...@gmail.com> wrote: > > So, if the template tag wasn't hard enough to write, it's not helpful? > > Um. That's not what I read from wh

Re: Proposal: enable CSRF middleware by default

On Mar 19, 2:49 pm, Luke Plant wrote: > The hard work isn't the template tag, it's: > >  - tests (the existing ones are in django/contrib/csrf/tests.py) >  - documentation >  - converting the admin (I really think this needs to be done >    before we can check this in,

Re: QuerySet.values() Shallow Copy

On Mar 19, 8:17 am, Vitaly wrote: > I wanted json serialize a tree of django model objects: Schedule -> > Player -> django.models.User. > django.core.serializers.serialize does shallow serialization of > QuerySet but I want a deep one. Next, I looked at QuerySet.values() >

Re: Proposal: enable CSRF middleware by default

On Mar 18, 1:25 pm, Luke Plant wrote: > > Yep, agreed. I plan to replace the content re-writing stuff with a > template tag which hopefully won't be too nasty.  It's just I haven't > had time yet, and I'd rather fix the security hole now, and improve > the implementation

Re: 'week_day' starting with sunday as first day of a week need to be fixed

Would it be possible to use cron's weekday numbering? Would that make anyone happy? 0-7, with both 0 and 7 representing Sunday. That would at least avoid the %7 part of the workaround (from the user's perspective, anyway). The "Monday as first day" camp could use 1-7 for their week numbering,

Backwards-incompatible patches for FormPreview

There are 3 outstanding tickets for FormPreview that add functionality that exists in FormWizard. Unfortunately, patches for two of them are backwards-incompatible changes. Both of the backwards-incompatible tickers are marked "design decision needed", so . . . here I am, looking for a decision!

Re: CSRF / SafeForm

I added a ticket (with patch) for implementing the template tag: http://code.djangoproject.com/ticket/9977 It also adds a CSRF context processor, which is used by the tag. The diff doesn't look quite right. There obviously needs to be an empty __init__.py file added to the templatetags folder

Re: CSRF / SafeForm

On Dec 3, 9:14 am, Luke Plant wrote: > > At the moment, once you've factored everything in, I think 'view > middleware' + template tag is the way to go, with some more custom > solution for loginCSRF.  The SafeForm ends up having an unwieldly > API, which means it won't

Localization in the admin site and date/time filters.

See tickets #2203 and #9366. They're two opposite sides of an issue that needs to be reconciled somehow, and I figured this list was the best way to fight it out. #2203 summary - Date/time formats in the admin interface use the {DATE,TIME,DATETIME}_FORMAT string from translation files, and fall

Re: DRAFT 1.1 roadmap posted

> >         - the SafeForm feature (eight +0). Personally, I suspect we >         should stop trying to second-guess form features for a bit, but >         if somebody came up with the perfect code, there's no real >         reason to defer that one (it got 8 +0 votes and nothing else, so >