Commits · db21a600c1e1d27adc395adc5bf5bc693937ffd6 · Python-Dev / flask-admin

14 Sep, 2016 1 commit

Fix CSRF for production deployments · db21a600

Andrew Grigorev authored Sep 14, 2016

Current SecureForm implementation generates CSRF secret using
`os.urandom()` every time when application start up. CSRF secret is used
to calculate csrf_token check value, so if someone would use a command
similar to

    gunicorn --workers=8 app

to run his flask-admin app on production then most form submissions
would silently fail (silently - as for now, it is probably another one
bug).

Instead of custom `os.urandom()` logic the `app.secret_key` value should
be used to produce CSRF token values.

db21a600

08 Sep, 2016 4 commits
- Merge pull request #1343 from vToMy/feature/association_proxy · d7ee730a
  Serge S. Koval authored Sep 08, 2016
```
Added support for sqla association proxy in model view.
```
  d7ee730a
- updated association proxy example doc. · 709a9cba
  Tom Kedem authored Sep 08, 2016
  
  709a9cba
- Added support for sqla association proxy in model view. · df9a3dd1
  Tom Kedem authored Sep 08, 2016
  
  df9a3dd1
- Merge pull request #1331 from SkyLothar/master · 0e42ee3c
  Serge S. Koval authored Sep 08, 2016
```
allow user to set  flag "ignore_hidden"
```
  0e42ee3c
05 Sep, 2016 3 commits
- Merge pull request #1340 from ei-grad/master · 391bdc8e
  Serge S. Koval authored Sep 05, 2016
```
Fix geoa.GeoJSONField
```
  391bdc8e
- GeoJSONField._value() shouldn't return None · b9c71bbc
  Andrew Grigorev authored Sep 05, 2016
  
  b9c71bbc
- Fix geoa.GeoJSONField · eabc326e
  Andrew Grigorev authored Sep 05, 2016
  
  eabc326e
03 Sep, 2016 2 commits
- Merge pull request #1334 from alanhamlett/master · 22e206c4
  Serge S. Koval authored Sep 03, 2016
```
support for WTForms >= 3.0
```
  22e206c4
- support for WTForms >= 3.0 · 0d80fd78
  Alan Hamlett authored Sep 03, 2016
  
  0d80fd78
31 Aug, 2016 2 commits
- Merge pull request #1323 from vToMy/feature/hybrid_property_detection · 7f97396d
  Serge S. Koval authored Aug 31, 2016
```
Updated hybrid property detection to new sqlalchemy API
```
  7f97396d
- Removed sqlalchemy-utils dependency. · 4d79c706
  Tom Kedem authored Aug 31, 2016
```
Modified hybrid property example to make use of the scaffold mechanism to create filters.
```
  4d79c706
30 Aug, 2016 1 commit
- added sqlalchemy-utils as dependency. · 1187b8ea
  Tom Kedem authored Aug 30, 2016
  
  1187b8ea
28 Aug, 2016 1 commit
- Merge pull request #1296 from stepsame/feature_multiple_sort · 0cd24273
  Serge S. Koval authored Aug 28, 2016
```
support multiple column sort with column_sortable_list
```
  0cd24273
25 Aug, 2016 7 commits
- Merge pull request #1333 from aq1/master · e0b3aa59
  Serge S. Koval authored Aug 25, 2016
```
Update actions.js
```
  e0b3aa59
- fixed hybrid property detection and made it robust. · 1eb5c806
  Tom Kedem authored Aug 25, 2016
  
  1eb5c806
- Fixed wtforms babel domain · 0fce18e3
  Serge S. Koval authored Aug 25, 2016
  
  0fce18e3
- Merge branch 'master' of github.com:flask-admin/flask-admin · 216a66b6
  Serge S. Koval authored Aug 25, 2016
  
  216a66b6
- Fixed peewee tests · e8833279
  Serge S. Koval authored Aug 25, 2016
  
  e8833279
- Merge pull request #1320 from iurisilvio/fix_named_filters_l10n · ed5943b8
  Serge S. Koval authored Aug 25, 2016
```
Fix url generation with localized named filters.
```
  ed5943b8
- Update actions.js · 8eb8b688
  aq1 authored Aug 25, 2016
```
Create function to toggle row checkbox if all checkboxes were toggled manually
```
  8eb8b688
16 Aug, 2016 1 commit
- allow user to set flag · 1690fbe5
  SkyLothar authored Aug 16, 2016
  
  1690fbe5
28 Jul, 2016 1 commit
- updated hybrid property detection to new sqlalchemy api. · bd1a80b8
  Tom Kedem authored Jul 28, 2016
  
  bd1a80b8
26 Jul, 2016 1 commit
- Fix url generation with localized named filters. · abad6601
  Iuri de Silvio authored Jul 26, 2016
  
  abad6601
21 Jul, 2016 3 commits
- Merge pull request #1282 from uSpike/master · 4348d60b
  Serge S. Koval authored Jul 21, 2016
```
Support single table inheritance for inline models (sqla)
```
  4348d60b
- Merge pull request #1316 from irvingpop/appengine_after_model_actions · f0fa9dc4
  Serge S. Koval authored Jul 21, 2016
```
Enable support for after_model_ actions in appengine
```
  f0fa9dc4
- Enable support for after_model_ actions in appengine · c451d395
  Irving Popovetsky authored Jul 21, 2016
  
  c451d395
17 Jul, 2016 3 commits
- Merge pull request #1312 from datran/coremabu · c73875b3
  Serge S. Koval authored Jul 17, 2016
```
Support form_args for appengine
```
  c73875b3
- modify modelconverter to support GeoPtProperty of appengine · 5b3a64ab
  Duc Anh Tran authored Jul 17, 2016
  
  5b3a64ab
- modify modelconverter to support GeoPtProperty of appengine · 7d05926b
  Duc Anh Tran authored Jul 17, 2016
  
  7d05926b
16 Jul, 2016 5 commits
- Add model_form_converter · 46ee5369
  Duc Anh Tran authored Jul 16, 2016
  
  46ee5369
- Add support export_max_rows for appengine · 045ff3f0
  Duc Anh Tran authored Jul 16, 2016
  
  045ff3f0
- Add page_size argument for get_list of appengine · 01c07e64
  Duc Anh Tran authored Jul 16, 2016
```
This is needed for export function to work
```
  01c07e64
- Add excluded_columns support for appengine · 3703e512
  Duc Anh Tran authored Jul 16, 2016
  
  3703e512
- Support form_args for appengine · 1f408689
  Duc Anh Tran authored Jul 16, 2016
  
  1f408689
15 Jul, 2016 4 commits
- Merge pull request #1309 from datran/coremabu · 971ce904
  Serge S. Koval authored Jul 15, 2016
```
Coremabu
```
  971ce904
- Add SelectField to support appengine · 30d2add1
  Duc Anh Tran authored Jul 15, 2016
  
  30d2add1
- Add TextProperty and KeyProperty Field to support appengine · 355f4b01
  Duc Anh Tran authored Jul 15, 2016
  
  355f4b01
- Update view.py · 4ab117db
  Duc Anh Tran authored Jul 15, 2016
```
Add scaffold_list_form to allow edit in list view
```
  4ab117db
16 Jun, 2016 1 commit
- Merge pull request #1302 from adamchainz/readthedocs.io · 7bc2f2d8
  Serge S. Koval authored Jun 16, 2016
```
Convert readthedocs links for their .org -> .io migration for hosted projects
```
  7bc2f2d8