From c15f307e5a974e1cee8196ef7782d9b3512a7aef Mon Sep 17 00:00:00 2001 From: Brandon Taylor Date: Mon, 14 Jan 2019 09:40:54 -0500 Subject: [PATCH] CSRF_HEADER_NAME - Get CSRF_HEADER_NAME from settings to pass to jquery.django-csrf.html template - Version bump to 2.1.10 - Update readme --- README.md | 4 +-- README.rst | 31 ++++++++++++------- adminsortable/__init__.py | 2 +- adminsortable/admin.py | 2 ++ .../csrf/jquery.django-csrf.html | 2 +- 5 files changed, 26 insertions(+), 15 deletions(-) diff --git a/README.md b/README.md index 426c7da..01332c8 100644 --- a/README.md +++ b/README.md @@ -606,8 +606,8 @@ ordering on top of that just seemed a little much in my opinion. ### Status django-admin-sortable is currently used in production. -### What's new in 2.1.9? -- get_next() and get_previous() methods now accept filter arguments as a list to support Q objects. +### What's new in 2.1.10? +- Updated admin templates to use the `CSRF_HEADER_NAME` from [settings](https://docs.djangoproject.com/en/2.1/ref/settings/#csrf-header-name) instead of using a hard-coded value. ### Future - Better template support for foreign keys that are self referential. If someone would like to take on rendering recursive sortables, that would be super. diff --git a/README.rst b/README.rst index 415e024..d7090f7 100644 --- a/README.rst +++ b/README.rst @@ -9,6 +9,9 @@ This project makes it easy to add drag-and-drop ordering to any model in Django admin. Inlines for a sortable model may also be made sortable, enabling individual items or groups of items to be sortable. +If you find Django Admin Sortable to be helpful, consider `buying me a +coffee `__! + Sorting model instances with a sortable parent: .. figure:: http://res.cloudinary.com/alsoicode/image/upload/v1451237555/django-admin-sortable/sortable-models.jpg @@ -55,7 +58,7 @@ Download django-admin-sortable from `source `__ 1. Unzip the directory and cd into the uncompressed project directory -2. +2. - Optional: Enable your virtualenv @@ -302,19 +305,23 @@ If you wish to override this behavior, pass in: your_instance.get_next(filter_on_sortable_fk=False) -You may also pass in additional ORM "filer_args" as a list, or "filter_kwargs" as a dictionary, should you need to: +You may also pass in additional ORM “filer_args” as a list, or +“filter_kwargs” as a dictionary, should you need to: .. code:: python - your_instance.get_next( - filter_args=[Q(field1=True) | Q(field2=True)], - filter_kwargs={'title__icontains': 'blue'} - ) + your_instance.get_next( + filter_args=[Q(field1=True) | Q(field2=True)], + filter_kwargs={'title__icontains': 'blue'} + ) Deprecation Warning -^^^^^^^^^^^^^^^^^^^^^ +^^^^^^^^^^^^^^^^^^^ -Previously "filter_kwargs" was named "extra_filters". With the addition of "filter_args", "extra_filters" was renamed for consistency. "extra_filters" will be removed in the next version of django-admin-sortable. +Previously “filter_kwargs” was named “extra_filters”. With the addition +of “filter_args”, “extra_filters” was renamed for consistency. +“extra_filters” will be removed in the next version of +django-admin-sortable. Adding Sorting to an existing model ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ @@ -738,10 +745,12 @@ Status django-admin-sortable is currently used in production. -What’s new in 2.1.9? -~~~~~~~~~~~~~~~~~~~~ +What’s new in 2.1.10? +~~~~~~~~~~~~~~~~~~~~~ -- get_next() and get_previous() methods now accept filter arguments as a list to support Q objects. +- Updated admin templates to use the ``CSRF_HEADER_NAME`` from + `settings `__ + instead of using a hard-coded value. Future ~~~~~~ diff --git a/adminsortable/__init__.py b/adminsortable/__init__.py index 2335d46..81b0584 100644 --- a/adminsortable/__init__.py +++ b/adminsortable/__init__.py @@ -1,4 +1,4 @@ -VERSION = (2, 1, 9) +VERSION = (2, 1, 10) DEV_N = None diff --git a/adminsortable/admin.py b/adminsortable/admin.py index ea3fd8f..99a7ddb 100644 --- a/adminsortable/admin.py +++ b/adminsortable/admin.py @@ -230,6 +230,7 @@ class SortableAdmin(SortableAdminBase, ModelAdmin): 'sortable_by_class_display_name': sortable_by_class_display_name, 'jquery_lib_path': jquery_lib_path, 'csrf_cookie_name': getattr(settings, 'CSRF_COOKIE_NAME', 'csrftoken'), + 'csrf_header_name': getattr(settings, 'CSRF_HEADER_NAME', 'HTTP_X_CSRFTOKEN'), 'after_sorting_js_callback_name': self.after_sorting_js_callback_name }) return render(request, self.sortable_change_list_template, context) @@ -254,6 +255,7 @@ class SortableAdmin(SortableAdminBase, ModelAdmin): 'has_sortable_tabular_inlines': self.has_sortable_tabular_inlines, 'has_sortable_stacked_inlines': self.has_sortable_stacked_inlines, 'csrf_cookie_name': getattr(settings, 'CSRF_COOKIE_NAME', 'csrftoken'), + 'csrf_header_name': getattr(settings, 'CSRF_HEADER_NAME', 'HTTP_X_CSRFTOKEN'), 'after_sorting_js_callback_name': self.after_sorting_js_callback_name }) diff --git a/adminsortable/templates/adminsortable/csrf/jquery.django-csrf.html b/adminsortable/templates/adminsortable/csrf/jquery.django-csrf.html index b9488a8..315a022 100644 --- a/adminsortable/templates/adminsortable/csrf/jquery.django-csrf.html +++ b/adminsortable/templates/adminsortable/csrf/jquery.django-csrf.html @@ -27,7 +27,7 @@ crossDomain: false, // obviates need for sameOrigin test beforeSend: function(xhr, settings) { if (!csrfSafeMethod(settings.type)) { - xhr.setRequestHeader("X-CSRFToken", csrftoken); + xhr.setRequestHeader("{{ csrf_header_name }}", csrftoken); } } });