Django community: RSS
This page, updated regularly, aggregates Django Q&A from the Django community.
-
How to make Django Rest-Framework to respond 401 on a unauthenticated request?
I'm using the default django authentication, I have this APIView class: class MatchesViewSet(APIView): ... permission_classes = (permissions.IsAuthenticated,) ... def get(self, request, format=None): ... return JsonResponse(data) And this test methods: class MainTests(TestCase): def setUp(self): ... self.c = Client() ... def test_only_for_logged_in_users(self): r = self.c.get("/api/matches") self.assertEqual(r.status_code, 401) The problem is I am getting a HTTP_403_FORBIDDEN while I would like to get a HTTP_401_UNAUTHORIZED -
Django ManyToManyField : how to choose its place?
I have two possibilities concerning the ManyToManyField in django : putting it in the "parent" class : from django.db import models class Person(models.Model): pass class Group(models.Model): members = models.ManyToManyField(Person, related_name='group') putting it in the "child" class from django.db import models class Group(models.Model): pass class Person(models.Model): groups = models.ManyToManyField(Group, related_name='members') What is the difference between these two options ? Is there a reason to privilege one over the other ? -
DetailView for Django Formset
I'm using Django inlineformsets for the first time and I'm trying to work on my views. I've been able to create my Create and Update views but I'm lost on how to go about the Detail View. I basically have 2 models - SchoolMain and SchoolSub with SchoolSub having a fk relationship with SchoolMain. SchoolSub is my formset. My Create View is below - class SchoolSubCreate(LoginRequiredMixin,UserPassesTestMixin,generic.CreateView): model = SchoolMain fields = '__all__' def get_context_data(self, **kwargs): data = super(SchoolSubCreate, self).get_context_data(**kwargs) if self.request.POST: data['schoolsub'] = SchoolSubFormSet(self.request.POST) else: data['schoolsub'] = SchoolSubFormSet() def form_valid(self, form): context = self.get_context_data() schoolsub = context['schoolsub'] with transaction.atomic(): form.instance.user = self.request.user self.object = form.save() if schoolsub.is_valid(): schoolsub.instance = self.object schoolsub.save() return super(SchoolSubCreate, self).form_valid(form) I understand how to go about creating a general DetailView, but that is only able to get the object of my primary model i.e. the SchoolMain model. But I'm unable to access the objects in the formset. Would appreciate any help. Thanks. -
printing json data in format of key value pair in django
I am trying to print json data in format of key value pair so that i can render them in my html template. def ecpd(request): r= requests.get('http://jira.xxx.xxx.com/rest/api/2/issue/key-XXX',auth=HTTPBasicAuth('user','pass'),headers = {'Content-Type' : 'application/json'}) jsonDict = json.loads(r.content) return HttpResponse(jsonDict['fields']) as a response, I am only getting list of Keys in the "fields". like:customfield_10070customfield_10071customfield_10072customfield_10073customfield_13221customfield_10074customfield_13220customfield_10075. I need a key-value pair in dict format. -
Act like proxy user without login to that user account in django-python
The scenario is A and B are two users and A is assigned as a proxy user for B. So A can do stuff behalf of B based on permission assigned to A by B while giving proxy access. Now when A switches account as a proxy for B, A must be able to access functionality behalf of B with the same session. I do not want to log in with python code or not want to screw request.user. -
Setting up docker, gunicorn, nginx & django. Mounts denied
I know this has been discussed a lot and I tried to google but all post seem old or don't work. I'm trying to setup docker. I would like to start from the standard Python3 image, add gunicorn and nginx. It shouldn't be too hard. My Dockerfile looks like this: # Set the base image FROM python:3 ENV PYTHONUNBUFFERED 1 # Set variables for project name, and where to place files in container. ENV PROJECT=analyticme ENV CONTAINER_HOME=/opt ENV CONTAINER_PROJECT=$CONTAINER_HOME/$PROJECT RUN mkdir /code WORKDIR /code ADD requirements.txt /code/ RUN pip install -r requirements.txt ADD . /code/ This should just start a python3 image and install my requirements. My docker-compose.yml looks like this: version: '3' services: nginx: image: nginx:latest container_name: NGINX ports: - "8000:8000" volumes: - ./src:/src - ./config/nginx:/etc/nginx/conf.d - /www/static:/static depends_on: - web web: build: . container_name: ANALYTICMEDJANGO command: bash -c "python3 manage.py makemigrations && python manage.py migrate && gunicorn analyticme.wsgi -b 0.0.0.0:8000" depends_on: - db volumes: - ./src:/src - /static:/static expose: - "8000" db: image: postgres:latest container_name: PSQLDATABASE Which ideally starts 3 services, an nginx image, my django app and my database.. It should also run the migrations, however ideally I would get those things out of my docker-compose file … -
Making SSO with django rest framework
We have two apps App1 with domain www.app1.com and App2 with domain www.app2.com. Backend of both apps is api based using django-rest-framework. On frontend side we are using Angular2. Both apps had their different user base but now we decided to merge the user base and want a single authentication service. Both apps needs to use eachother's functionality. And we want seemless experience for user. If a user a singed in one app. It should not be login from other app. I did some research and find out that it can be achieved with SSO. Here is the link to the relevant stack-overflow question (Implementing SSO with django). I also find many libraries Most of them are very old so can't use legacy code. Following are the libraries that i have tried and why these couldn't fit into my problem. Server with django-mama-cas and client with django-cas-ng. This worked perfectly but only for session based apps and my client apps are rest-api based. Another one is django-rest-framework-sso. This is year old library and also i am not sure how will sure the jwt between angular apps. So can you please share how to implement SSO with rest-fraemwork ? -
Django Postgresql JsonField query related dictionary keys
A part of the model that I have, which uses Django Model field, is like the following: class SalesModel(models.Model): some_data = models.PositiveIntegerField(db_index=True) some_other_data = models.CharField(max_length=50) json_data = JSONField(blank=True, null=True) Now following is the format of the JsonData field: [{"id": val, "contribution": "some_val", }, {"id": some_val, "contribution": "some_other_val",}, {"id": other_val, "contribution": "some_another_val"}] i.e., the format is: [{'id':XX, 'contribution':XX},{'id':YY, 'contribution':YY},{'id':ZZ, 'contribution':ZZ}] Currently I can filter the Django table with the val of ID. I would now, like to know the contribution of that particular ID. For eg, if val = 1, I would like to filter the model SalesModel which has JsonField with id = 1, and I want to show the related contribution. So, that would mean, out of the 3 possible dictionaries (as per the field construction), I would only show one dictionary (filtered by the 'ID' key of that dictionary). That would mean, if the 2nd dictionary has a matching ID, show only the 2nd contribution, if the 1st ID is matching show only the 1st contribution, and similarly for the 3rd dictionary. Is there a way that can be done? -
Django Removing url and view gives NoReverseMatch
I am facing a problem with the urls and views and a No Reverse Match to an removed page. My project is a small CRM. At first I had only a list of customers. So my page had the hierarchy: Customer list (home.html) -Customer details -Edit one customer Now, I want to enlarge the system, that means each customer get subsidiaries: Customer list (home.html) -Customer subsidiaries list -Details to one customer subsidiary -Edit one customer subsidiary My Question is: I have inserted in a first simple step a subsidiary page and linked it from home. But now I get an Reverse Match Error on home html on the edit page? Don't get why. I have even removed all links to edit. Nowhere else I have a usage of the edit page. Why do I get a Reverse Match error? Does Django saveformer relations? Do you have any hint? error Exception Type: NoReverseMatch Exception Value: Reverse for 'edit_customer' not found. 'edit_customer' is not a valid view function or pattern name. urls.py urlpatterns = [ url(r'^$', views.home, name='home'), url(r'^customerSubs/(?P<pk>\d+)/$', views.customer_subs, name='customer_subs'), url(r'^customerDetails/(?P<pk>\d+)/$', views.customer_details, name='customer_details'), # url(r'^customerDetails/(?P<pk>\d+)/edit/$', views.edit_customer, name='edit_customer'), views.py def home(request): customers = Customer.objects.all() return render(request, 'home.html', {'customers': customers}) def customer_subs(request, pk): … -
Requested setting DEFAULT_INDEX_TABLESPACE
I'm making an populate.py script to transfer data from a mysql database to a django mysqlite database. I keep getting this error when I run my populate.py script: Requested setting DEFAULT_INDEX_TABLESPACE, but settings are not configured. You must either define the environment variable DJANGO_SETTINGS_MODULE or call settings.configure() before accessing settings. So what I found from my researches was that I had to add settings.configure(), so I did that but still getting the error and have no clue anymore what it could be. This is what I import: import django import time import datetime import os from mysql.connector import connection from django.conf import settings from user import models from techportal import models settings.configure() django.setup() os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'itdb.settings') I've made this function to transfer the data: # Insert all technologies def technologies(): current = con_mysql.cursor() current_query = ("SELECT technology_id title, description, company_id, author, contactor, publish_date, edit_date, is_hidden, visible FROM technologies") current.execute(current_query) for (technology_id, title, description, company_id, author, contactor, publish_date, edit_date, is_hidden, visible) in current: # Converts datetime to (int)unixtimestamp if (publish_date == "0000-00-00 00:00:00"): publish_date = time.mktime(datetime.datetime.strptime(str(datetime.datetime.now().replace(microsecond=0)), "%Y-%m-%d %H:%M:%S").timetuple()) else: publish_date = time.mktime(datetime.datetime.strptime(publish_date, "%Y-%m-%d %H:%M:%S").timetuple()) # Converts datetime to (int)unixtimestamp if (edit_date == "0000-00-00 00:00:00"): edit_date = time.mktime(datetime.datetime.strptime(str(datetime.datetime.now().replace(microsecond=0)), "%Y-%m-%d %H:%M:%S").timetuple()) else: edit_date = … -
How secure are Pinax apps?
There seem to be many pinax apps that work with ajax using a specific urlpattern for that pinax app. For example there is the ratings app. It uses ajax. Normally you'd ajax to the page the product is on. You'd need to get CSRF token from there. So, the user or a bot would actually need to visit the page to rate the product. So all the security mixins would work. However pinax uses a url like site.com/ratings. Where does this ratings form get the CSRF from? If it can only get it from the product page it is secure, cos we can apply security measures on the page. How ever if the CSRF is got from the sites.com/ratings a bot could easily bypass all the security mixins on the product page and directly mass upvote or downvote or rate the products. Does it get the CSRF from site.com/ratings or the product or view page in which the widget is embedded. Same goes for likes and similar apps. TL;DR: 1) Can someone create a bot to mass rate or vote pinax apps like ratings that works without even visiting the product or post or model view and just by visiting … -
What all things the startapp done in Django?
When we use : django-admin startapp app_one whats the things the django done for us? Because I want to know whether we can delete the app directory directly. I am not sure whether all the app related data are deleted (Because I don't know the all the django-admin startapp things). -
Django url resolver
On this line in the template: {% url object|smart_admin_urlname:'change' object.pk %} I got: Exception Value: Reverse for 'exercises_exercise_change' with arguments '(3,)' and keyword arguments '{}' not found. 0 pattern(s) tried: [] exercises/admin.py class ExerciseAdmin(ModelAdmin): actions = ['apply_tag', 'show', 'hide'] inlines = [SolutionInline, FileInline] search_fields = ['short_title'] list_filter = ['exercise_set', 'visible', 'exercise_set'] list_display = ['short_title', 'visible', 'exercise_set'] # ommited a bunch of other staff class PythonExerciseAdmin(ExerciseAdmin): form = PythonExerciseAdminForm class SqlExerciseAdmin(ExerciseAdmin): form = SqlExerciseAdminForm The working url in administration site should look like: http://127.0.0.1/admin/exercises/pythonexercise/3/ http://127.0.0.1/admin/exercises/sqlexercise/4/ I'm not sure where to look, or change to fix this bug. -
Django Admin - Link from history page to edit page
in my Django project I use this link to go from edit page to history page. {% url opts|admin_urlname:'history' original.pk|admin_urlquote as history_url %} <a href="{% add_preserved_filters history_url %}">History</a> But if in my history page I use this link: {% url opts|admin_urlname:'change' original.pk|admin_urlquote as change_url %} <a href="{% add_preserved_filters change_url %}">Edit</a> I don't get any results because the generated linkis empty. How can I solve? -
Django dependency hell with migrations
We had a 3rd party library which got outdated and I would like to get rid of it. The problem is it is used in one of previous migrations. How could this be dealt with? modifying migrations by hand, deleting this migration and using some django features to solve problems or am I doomed to keep it? This is 0026_something_something migraration: from __future__ import unicode_literals from django.db import migrations, models import django.db.models.deletion # import multi_email_field.fields class Migration(migrations.Migration): dependencies = [ ('invoices', '0025_auto_20161106_0931'), ] operations = [ migrations.AlterField( model_name='company', name='email', field=multi_email_field.fields.MultiEmailField(verbose_name='email'), ), migrations.AlterField( model_name='invoice', name='bank_transfer', field=models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.SET_NULL, related_name='invoices', to='invoices.BankTransfer', verbose_name='bank transfer'), ), ] The problem library is this multi_email_field. We have a few changes since then. -
How to query the user's group information in Django-Rest-Framework?
I have a User, which is subclass from AbstractUser, and it has its default Group propery: from django.contrib.auth.models import AbstractUser class User(AbstractUser): real_name = models.CharField(max_length=12, null=True,blank=True) phone = models.CharField( max_length=11) ... In the serializers: class UserListSerializer(ModelSerializer): """ user list """ account = AccountSerializer(many=False, read_only=True) class Meta: model = User exclude = [ 'password', ] The views: class UserListAPIView(ListAPIView): """ the user list api view """ queryset = User.objects.filter( is_admin=False, is_staff=False, is_superuser=False) filter_backends = [SearchFilter, OrderingFilter] search_fields = ['username', 'qq', 'email'] pagination_class = UserPageNumberPagination class Meta: ordering = ['-id'] def get_serializer_class(self): if self.request.user.is_superuser: return UserListSerializer When I access the ListAPIView, the returned json will like bellow: [ .... {...... "is_admin": false, "is_staff": false, "is_superuser": false, "ctime": "2017-11-08T16:47:16.066383+08:00", "uptime": "2017-11-29T21:13:53.990363+08:00", "status": "1", "groups": [ 3 ], "user_permissions": [1, 3, ...] }, ...... ] But you know I want the groups and user_permissions to be query its all information (or its name), not the id. how to query that? -
Try using 'django.db.backends.XXX', where XXX is one of: 'oracle', 'postgresql', 'sqlite3'
raise ImproperlyConfigured(error_msg) django.core.exceptions.ImproperlyConfigured: 'django.db.backend.mysql' isn't an available database backend. Try using 'django.db.backends.XXX', where XXX is one of: 'oracle', 'postgresql', 'sqlite3' Error was: No module named backend.mysql.base i use djang1.9.5 connect mysql. it worked in OS-X system. but when i transplant to centOS, it give me an error .the list is not contains mysql how to solve this problem -
django wagtail bootstraping cms features and a CRUD API
What I am trying to achieve. Create user for closed user group through API Wagatail admin logs in and see's all pending users in a panel similar to that provided by wagatil for wagtail users Accept user or deny user by checking a box. Background I have need for a closed user group. This user group will have the following fields. First name, Last Name, Email, PAssword, Status. I would like to use the Wagatil API V2 to be able to create a user with the given fields but based on the doc the rest API V2 is only based on retrieving data ? Secondly I'm trying to bootstap Wagtail CMS features. The closed user group differ from the users I create for wagtail (settings/users). I do not want these users to be wagtail admins. However I would like my Wagtail admins to manage them with similar ease that wagtail provides for their users from the settings/users panel. Can I use the same features wagtail provides internally for their users to my closed user group from my cms panel? What I have managed to come across is to customize CMS templates. This doesn't provide me what I want as I … -
How to write the model default function correctly?
How to write the model default function correctly? I have a TestDefalt model, and its default function: def genefunc(instance, detail): str = instance.name + "/abc/" return str class TestDefalt(models.Model): name = models.CharField(max_length=11) detail = models.CharField(default=genefunc, max_length=11) And in my serializers and views: # serializer class TestDefaultSerializer(ModelSerializer): class Meta: model = TestDefalt fields = "__all__" # view class TestDCreateAPIView(CreateAPIView): serializer_class = TestDefaultSerializer permission_classes = [] queryset = TestDefalt.objects.all() When I access the TestDCreateAPIView, I get bellow error: TypeError at /test04/ Got a `TypeError` when calling `TestDefalt.objects.create()`. This may be because you have a writable field on the serializer class that is not a valid argument to `TestDefalt.objects.create()`. You may need to make the field read-only, or override the TestDefaultSerializer.create() method to handle this correctly. ... File "/Library/Frameworks/Python.framework/Versions/3.5/lib/python3.5/site-packages/django/db/models/fields/__init__.py", line 782, in get_default return self._get_default() TypeError: genefunc() missing 2 required positional arguments: 'instance' and 'detail' -
Adding table of contents in Django pdfkit
How do I add 'table of contents' in the PDF generated from 'pdfkit' in Django? Should it be in the options = {} or there is another way to do it. My Options contains the following parameters: options = { 'page-size': 'A4', 'margin-top': '0.75in', 'margin-right': '0.5in', 'margin-bottom': '0.75in', 'margin-left': '0.5in', 'encoding': "UTF-8", 'no-outline': None, 'footer-right': '[page] of [topage]', } -
Alternative form in UpdateView
Can I use alternative form in UpdateView ? I mean if it created already . I tried to use 'form_class' but it has exception : " init() got an unexpected keyword argument 'instance'" -
Storing a users access token in djago view
I am tryig to store a shopify access token in a django view upon first installation/auth (before they create an account & connect to DB). I am new to django so please be nice. How do I store this access token for usage later on? Can it be stored in "session"? is it already? Here's my repo and python view: def finalize(request): shop_url = request.GET['shop'] auth_code = request.GET['code'] hashed = request.GET['hmac'] ts = request.GET['timestamp'] print("shopURL", shop_url) print("success request") try: r = requests.post('https://'+shop_url+'/admin/oauth/access_token', data = {'client_id':'xx','client_secret':'xx','code':auth_code}) print("request response > > > > ", r.json()) this_response = r.json() print(this_response["access_token"],"this_response[access_token]") # >>>>>> STORE THIS TOKEN SOMEWHERE? request.session['shopify'] = { "shop_url": shop_url, "access_token": this_response["access_token"] } except Exception: messages.error(request, "Could not log in to Shopify store.") return redirect(reverse('shopify_app_login')) messages.info(request, "Logged in to shopify store.") response = redirect(_return_address(request)) request.session.pop('return_to', None) return response -
Json dump to separate variable
I have view: def hero(request): rfc='some value' depends_on=1234 result_set = {'rfc': rfc, 'depends_on': depends_on} return HttpResponse(json.dumps(result_set)) Now in template i want in two js variable one with rfc vaue and another with depends_on value .SO that i can use those variables to populate some fields. How is it possible . kindly help. -
Django ORM Query or raw SQL Query
I need to make a query, where I can display the total amount of clothes ordered by clients, something like this: Client_1 | Cloth_Type_X_SUM | Cloth_Type_Y_SUM | Cloth_Type_Z_SUM | SUM_ALL Client_2 | Cloth_Type_X_SUM | Cloth_Type_Y_SUM | Cloth_Type_Z_SUM | SUM_ALL Client_3 | Cloth_Type_X_SUM | Cloth_Type_Y_SUM | Cloth_Type_Z_SUM | SUM_ALL models.py class Cloth(models.Model): description = models.CharField(max_length=30) type = models.CharField(max_length=2) class Order(models.Model): client = models.ForeignKey(Client, on_delete=models.CASCADE) date = models.DateTimeField(auto_now_add=True) class Order_Detail(models.Model): order = models.ForeignKey(Order, on_delete=models.CASCADE) cloth = models.ForeignKey(Cloth, on_delete=models.CASCADE) weight = models.FloatField() The closest that I got was: Order_Detail.objects.values('order__client__name','cloth__type').annotate(Sum('weight'))description The problem with this is that it will retrieve an object for each cloth type: Client_1 | Cloth_Type_X | SUM_X Client_1 | Cloth_Type_Y | SUM_Y Client_1 | Cloth_Type_Z | SUM_Z Client_2 | Cloth_Type_X | SUM_X Client_2 | Cloth_Type_Y | SUM_Y Client_2 | Cloth_Type_Z | SUM_Z Client_3 | Cloth_Type_X | SUM_X Client_3 | Cloth_Type_Y | SUM_Y Client_3 | Cloth_Type_Z | SUM_Z Isn't there a better approach? -
sound parameter cannot be gotten
sound parameter cannot be gotten.I wrote codes def common(request): if request.FILES: file = request.FILES['sound'].temporary_file_path() return HttpResponse('<h1>OK</h1>') else: file = None return HttpResponse('<h1>NG</h1>') I send wav file via POSTMAN like Now if I set sound parameter in POSTMAN,always NG is returned.I really cannot understand why this program do so.I print out request.FILES so is printed out.So am I wrong to write the way of writing if-else statement branch?How should I fix this?
