Client-side validation fails on forms with prefilled file upload fields -
see https://code.djangoproject.com/ticket/27037. This is fixed in Django 1.10.1,
so as a workaround we disable client-side validation (using the 'novalidate'
attribute) for forms with enctype="multipart/form-data" on Django 1.10 only.
Fixes #2897
When building a dummy request, you can now pass in the original request object
to add additional information to the dummy. Currently, that includes the
following headers:
REMOTE_ADDR
HTTP_X_FORWARDED_FOR
HTTP_COOKIE
HTTP_USER_AGENT
More may be added later.
This changes ensures that middleware which work on the client IP aren't flumuxed
by its absense, and also makes it possible for previews to be rendered as the
logged in user (they had previously been rendered using an AnnonymousUser).
Because the user's logged in state is now detectable in a Page previews, the
Wagtail userbar now hides itself explicitly during previews, rather than relying
on the fact that previews used to be built with AnonymousUser.
As mentioned in the comments I didn't see the first pull request (https://github.com/torchbox/wagtail/pull/2509)
However, I think my changes were a tiny bit more complete in terms of UI/UX. I allow to delete a user directly from the user list + you can delete any user if you are superuser, except yourself. This way we are sure to keep at least one superuser but we can still delete superusers.
I added some tests from this PR to my code and also added the permission denied on the delete page.
The `form_template` attribute was mentioned in passing in the docs, but was missing various things
to make it fully useful:
- context passed to form_template now includes 'prefix' and 'block_definition'
- context for the form is now populated in a separate overrideable `get_form_context` method
- full documentation and tests for form_template and get_form_context added
