Permalink
Browse files

Fixed #22477 -- Removed contrib middleware from the global settings d…

…efaults.

Also added a compatibility check for changed middleware defaults.

Forwardport of d94de80 from stable/1.7.x
  • Loading branch information...
1 parent cc35bd4 commit 4696cd9671243958fd4a596631d75b3cbca325c3 @mlavin mlavin committed with timgraham Apr 20, 2014
@@ -454,12 +454,7 @@
# response phase the middleware will be applied in reverse order.
MIDDLEWARE_CLASSES = (
'django.middleware.common.CommonMiddleware',
- 'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
- 'django.contrib.auth.middleware.AuthenticationMiddleware',
- 'django.contrib.messages.middleware.MessageMiddleware',
- # 'django.middleware.http.ConditionalGetMiddleware',
- # 'django.middleware.gzip.GZipMiddleware',
)
############
@@ -1,6 +1,5 @@
import os
-from django.conf import global_settings
from django.contrib.auth import authenticate
from django.contrib.auth.tests.utils import skipIfCustomUser
from django.contrib.auth.models import User, Permission
@@ -77,8 +76,13 @@ class AuthContextProcessorTests(TestCase):
fixtures = ['context-processors-users.xml']
@override_settings(
- MIDDLEWARE_CLASSES=global_settings.MIDDLEWARE_CLASSES,
- TEMPLATE_CONTEXT_PROCESSORS=global_settings.TEMPLATE_CONTEXT_PROCESSORS,
+ MIDDLEWARE_CLASSES=(
+ 'django.contrib.sessions.middleware.SessionMiddleware',
+ 'django.contrib.auth.middleware.AuthenticationMiddleware',
+ ),
+ TEMPLATE_CONTEXT_PROCESSORS=(
+ 'django.contrib.auth.context_processors.auth',
+ ),
)
def test_session_not_accessed(self):
"""
@@ -89,8 +93,13 @@ def test_session_not_accessed(self):
self.assertContains(response, "Session not accessed")
@override_settings(
- MIDDLEWARE_CLASSES=global_settings.MIDDLEWARE_CLASSES,
- TEMPLATE_CONTEXT_PROCESSORS=global_settings.TEMPLATE_CONTEXT_PROCESSORS,
+ MIDDLEWARE_CLASSES=(
+ 'django.contrib.sessions.middleware.SessionMiddleware',
+ 'django.contrib.auth.middleware.AuthenticationMiddleware',
+ ),
+ TEMPLATE_CONTEXT_PROCESSORS=(
+ 'django.contrib.auth.context_processors.auth',
+ ),
)
def test_session_is_accessed(self):
"""
@@ -8,6 +8,7 @@
# Import these to force registration of checks
import django.core.checks.compatibility.django_1_6_0 # NOQA
+import django.core.checks.compatibility.django_1_7_0 # NOQA
import django.core.checks.model_checks # NOQA
__all__ = [
@@ -0,0 +1,36 @@
+from __future__ import unicode_literals
+
+from .. import Warning, register, Tags
+
+
+@register(Tags.compatibility)
+def check_1_7_compatibility(**kwargs):
+ errors = []
+ errors.extend(_check_middleware_classes(**kwargs))
+ return errors
+
+
+def _check_middleware_classes(app_configs=None, **kwargs):
+ """
+ Checks if the user has *not* overridden the ``MIDDLEWARE_CLASSES`` setting &
+ warns them about the global default changes.
+ """
+ from django.conf import settings
+
+ # MIDDLEWARE_CLASSES is overridden by default by startproject. If users
+ # have removed this override then we'll warn them about the default changes.
+ if not settings.is_overridden('MIDDLEWARE_CLASSES'):
+ return [
+ Warning(
+ "MIDDLEWARE_CLASSES is not set.",
+ hint=("Django 1.7 changed the global defaults for the MIDDLEWARE_CLASSES."
+ "django.contrib.sessions.middleware.SessionMiddleware, "
+ "django.contrib.auth.middleware.AuthenticationMiddleware, and "
+ "django.contrib.messages.middleware.MessageMiddleware were removed from the defaults."
+ "If your project needs these middleware then you should configure this setting."),
+ obj=None,
+ id='1_7.W001',
+ )
+ ]
+ else:
+ return []
View
@@ -1734,13 +1734,17 @@ MIDDLEWARE_CLASSES
Default::
('django.middleware.common.CommonMiddleware',
- 'django.contrib.sessions.middleware.SessionMiddleware',
- 'django.middleware.csrf.CsrfViewMiddleware',
- 'django.contrib.auth.middleware.AuthenticationMiddleware',
- 'django.contrib.messages.middleware.MessageMiddleware',)
+ 'django.middleware.csrf.CsrfViewMiddleware',)
A tuple of middleware classes to use. See :doc:`/topics/http/middleware`.
+.. versionchanged:: 1.7
+
+ :class:`~django.contrib.sessions.middleware.SessionMiddleware`,
+ :class:`~django.contrib.auth.middleware.AuthenticationMiddleware`, and
+ :class:`~django.contrib.messages.middleware.MessageMiddleware` were removed
+ from this setting.
+
.. setting:: MIGRATION_MODULES
MIGRATION_MODULES
View
@@ -68,6 +68,8 @@ but a few of the key features are:
inside ``TransactionTestCase`` :ref:`unless specifically requested
<test-case-serialized-rollback>`.
+.. _app-loading-refactor-17-release-note:
+
App-loading refactor
~~~~~~~~~~~~~~~~~~~~
@@ -1114,6 +1116,27 @@ in a test class which is a subclass of
:class:`~django.test.TransactionTestCase` rather than
:class:`~django.test.TestCase`.
+Contrib middleware removed from default :setting:`MIDDLEWARE_CLASSES`
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+The :ref:`app-loading refactor <app-loading-refactor-17-release-note>`
+deprecated using models from apps which are not part of the
+:setting:`INSTALLED_APPS` setting. This exposed an incompatibility between
+the default :setting:`INSTALLED_APPS` and :setting:`MIDDLEWARE_CLASSES` in the
+global defaults (``django.conf.global_settings``). To bring these settings in
+sync and prevent deprecation warnings when doing things like testing reusable
+apps with minimal settings,
+:class:`~django.contrib.sessions.middleware.SessionMiddleware`,
+:class:`~django.contrib.auth.middleware.AuthenticationMiddleware`, and
+:class:`~django.contrib.messages.middleware.MessageMiddleware` were removed
+from the defaults. These classes will still be included in the default settings
+generated by :djadmin:`startproject`. Most projects will not be affected by
+this change but if you were not previously declaring the
+:setting:`MIDDLEWARE_CLASSES` in your project settings and relying on the
+global default you should ensure that the new defaults are in line with your
+project's needs. You should also check for any code that accesses
+``django.conf.global_settings.MIDDLEWARE_CLASSES`` directly.
+
Miscellaneous
~~~~~~~~~~~~~
@@ -58,11 +58,12 @@ def write_settings(self, filename, apps=None, is_dir=False, sdict=None, extra=No
'ROOT_URLCONF',
'SECRET_KEY',
'TEST_RUNNER', # We need to include TEST_RUNNER, otherwise we get a compatibility warning.
+ 'MIDDLEWARE_CLASSES', # We need to include MIDDLEWARE_CLASSES, otherwise we get a compatibility warning.
]
for s in exports:
if hasattr(settings, s):
o = getattr(settings, s)
- if not isinstance(o, dict):
+ if not isinstance(o, (dict, tuple, list)):
o = "'%s'" % o
settings_file.write("%s = %s\n" % (s, o))
@@ -10,6 +10,7 @@
from django.core.checks import Error, Warning
from django.core.checks.registry import CheckRegistry
from django.core.checks.compatibility.django_1_6_0 import check_1_6_compatibility
+from django.core.checks.compatibility.django_1_7_0 import check_1_7_compatibility
from django.core.management.base import CommandError
from django.core.management import call_command
from django.db.models.fields import NOT_PROVIDED
@@ -148,6 +149,40 @@ def test_boolean_field_default_value(self):
boolean_field.default = old_default
+class Django_1_7_0_CompatibilityChecks(TestCase):
+
+ @override_settings(MIDDLEWARE_CLASSES=('django.contrib.sessions.middleware.SessionMiddleware',))
+ def test_middleware_classes_overridden(self):
+ errors = check_1_7_compatibility()
+ self.assertEqual(errors, [])
+
+ def test_middleware_classes_not_set_explicitly(self):
+ # If MIDDLEWARE_CLASSES was set explicitly, temporarily pretend it wasn't
+ middleware_classes_overridden = False
+ if 'MIDDLEWARE_CLASSES' in settings._wrapped._explicit_settings:
+ middleware_classes_overridden = True
+ settings._wrapped._explicit_settings.remove('MIDDLEWARE_CLASSES')
+ try:
+ errors = check_1_7_compatibility()
+ expected = [
+ checks.Warning(
+ "MIDDLEWARE_CLASSES is not set.",
+ hint=("Django 1.7 changed the global defaults for the MIDDLEWARE_CLASSES."
+ "django.contrib.sessions.middleware.SessionMiddleware, "
+ "django.contrib.auth.middleware.AuthenticationMiddleware, and "
+ "django.contrib.messages.middleware.MessageMiddleware were removed from the defaults."
+ "If your project needs these middleware then you should configure this setting."),
+ obj=None,
+ id='1_7.W001',
+ )
+ ]
+ self.assertEqual(errors, expected)
+ finally:
+ # Restore settings value
+ if middleware_classes_overridden:
+ settings._wrapped._explicit_settings.add('MIDDLEWARE_CLASSES')
+
+
def simple_system_check(**kwargs):
simple_system_check.kwargs = kwargs
return []
View
@@ -58,6 +58,14 @@
'servers.another_app',
]
+ALWAYS_MIDDLEWARE_CLASSES = (
+ 'django.contrib.sessions.middleware.SessionMiddleware',
+ 'django.middleware.common.CommonMiddleware',
+ 'django.middleware.csrf.CsrfViewMiddleware',
+ 'django.contrib.auth.middleware.AuthenticationMiddleware',
+ 'django.contrib.messages.middleware.MessageMiddleware',
+)
+
def get_test_modules():
from django.contrib.gis.tests.utils import HAS_SPATIAL_DB
@@ -106,6 +114,7 @@ def no_available_apps(self):
'LANGUAGE_CODE': settings.LANGUAGE_CODE,
'STATIC_URL': settings.STATIC_URL,
'STATIC_ROOT': settings.STATIC_ROOT,
+ 'MIDDLEWARE_CLASSES': settings.MIDDLEWARE_CLASSES,
}
# Redirect some settings for the duration of these tests.
@@ -116,6 +125,9 @@ def no_available_apps(self):
settings.TEMPLATE_DIRS = (os.path.join(RUNTESTS_DIR, TEST_TEMPLATE_DIR),)
settings.LANGUAGE_CODE = 'en'
settings.SITE_ID = 1
+ settings.MIDDLEWARE_CLASSES = ALWAYS_MIDDLEWARE_CLASSES
+ # Ensure the middleware classes are seen as overridden otherwise we get a compatibility warning.
+ settings._explicit_settings.add('MIDDLEWARE_CLASSES')
if verbosity > 0:
# Ensure any warnings captured to logging are piped through a verbose

0 comments on commit 4696cd9

Please sign in to comment.