Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update docs for on_delete requirement in Filer fields for Django 5.1 #1508

Merged
merged 3 commits into from
Nov 19, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 8 additions & 0 deletions CHANGELOG.rst
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,14 @@
CHANGELOG
=========

3.3.0 (2024-11-19)
==================

* fix: Restrict upload of binary or unknown file types by default by @fsbraun in https://github.com/django-cms/django-filer/pull/1507
* fix: remove extra brace in generated HTML of data-max-filesize attribute by @fabien-michel in https://github.com/django-cms/django-filer/pull/1502
* fix: uploadButton data-max-filesize attribute is not passed to file-uploader by @fabien-michel in https://github.com/django-cms/django-filer/pull/1503
* docs: Update for on_delete requirement in Filer fields

3.2.3 (2024-09-18)
==================

Expand Down
20 changes: 0 additions & 20 deletions README.rst
Original file line number Diff line number Diff line change
Expand Up @@ -49,26 +49,6 @@ Documentation
Please head over to the separate `documentation <https://django-filer.readthedocs.io/en/latest/index.html>`_
for all the details on how to install, configure and use django-filer.

Upgrading
=========

Version 3.3
-----------

django-filer version 3 contains a change in security policy for file uploads.
**By default, binary file or files of unknown type are not allowed to be uploaded.**
To allow upload of binary files in your project, add

.. code-block:: python

FILER_REMOVE_FILE_VALIDATORS = [
"application/octet-stream",
]

to your project's settings. Be aware that binary files always are a security risk.
See the documentation for more information on how to configure file upload validators,
e.g., running files through a virus checker.


.. |pypi| image:: https://badge.fury.io/py/django-filer.svg
:target: http://badge.fury.io/py/django-filer
Expand Down
19 changes: 19 additions & 0 deletions docs/upgrading.rst
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,25 @@ Usually upgrade procedure is straightforward: update the package and run migrati
require special attention from the developer and here we provide upgrade instructions for such cases.


from 3.x to 3.3
---------------

django-filer version 3.3 contains a change in security policy for file uploads.
**By default, binary file or files of unknown type are not allowed to be uploaded.**
To allow upload of binary files in your project, add

.. code-block:: python

FILER_REMOVE_FILE_VALIDATORS = [
"application/octet-stream",
]

to your project's settings. Be aware that binary files always are a security risk.
See :ref:`check_virus` for more information on how to configure file upload validators,
e.g., running files through a virus checker.



from 2.x to 3.0
---------------

Expand Down
25 changes: 18 additions & 7 deletions docs/usage.rst
Original file line number Diff line number Diff line change
Expand Up @@ -42,9 +42,11 @@ Simple example ``models.py``::
class Company(models.Model):
name = models.CharField(max_length=255)
logo = FilerImageField(null=True, blank=True,
related_name="logo_company")
related_name="logo_company",
on_delete=models.SET_NULL)
disclaimer = FilerFileField(null=True, blank=True,
related_name="disclaimer_company")
related_name="disclaimer_company",
on_delete=models.SET_NULL)

multiple file fields on the same model::

Expand All @@ -53,12 +55,21 @@ multiple file fields on the same model::

class Book(models.Model):
title = models.CharField(max_length=255)
cover = FilerImageField(related_name="book_covers")
back = FilerImageField(related_name="book_backs")
cover = FilerImageField(related_name="book_covers",
on_delete=models.CASCADE)
back = FilerImageField(related_name="book_backs",
on_delete=models.CASCADE)

As with `django.db.models.ForeignKey`_ in general, you have to define a
non-clashing ``related_name`` if there are multiple ``ForeignKey`` s to the
same model.
As with `django.db.models.ForeignKey`_ in general:

* You must specify an ``on_delete`` parameter to define what happens when the referenced file is deleted
* You have to define a non-clashing ``related_name`` if there are multiple ``ForeignKey`` s to the same model

Common ``on_delete`` options:

* ``models.CASCADE`` - Delete the model containing the FilerFileField when the referenced file is deleted
* ``models.SET_NULL`` - Set the reference to NULL when the file is deleted (requires ``null=True``)
* ``models.PROTECT`` - Prevent deletion of the referenced file

templates
.........
Expand Down
2 changes: 2 additions & 0 deletions docs/validation.rst
Original file line number Diff line number Diff line change
Expand Up @@ -264,6 +264,8 @@ If you distinguish validation by the mime type, remember to register the
validator function for all relevant mime types.


.. _check_virus:

Checking uploads for viruses using ClamAV
-----------------------------------------

Expand Down
2 changes: 1 addition & 1 deletion filer/__init__.py
Original file line number Diff line number Diff line change
Expand Up @@ -13,4 +13,4 @@
8. Publish the release and it will automatically release to pypi
"""

__version__ = '3.2.3'
__version__ = '3.3.0'
Loading