Re: ModelForms

[Mario Gudelj]

It doesn't matter how you generate your form, your CSS should be applied
from inside the template. You need to add a CSS file link to a template to
which you're passing the form to inside your context from within a view, or
you can embed it into your template using 

Re: filtered admin change-list

[omerd]

thank you. I will try it

On 19 מרץ, 19:26, Rajeesh Nair  wrote:
> Add a field on your model to identify the user who created each instance &
> then extend your model_admin's queryset method to filter queryset by the
> user.
>
>
>
>
>
>
>
> On Sunday, March 18, 2012 4:37:43 AM UTC+5:30, omerd wrote:
>
> > every user will see only the instances that he'd created. Of
> > course, this user doesn't have permissions to view or edit instances
> > of other users.

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: filtered admin change-list

[Marc Aymerich]

On Sun, Mar 18, 2012 at 12:07 AM, omerd  wrote:
> Hi,
>
> I want to be able to show parts of the change list, by the user that
> view it.
> The case is that every super-user can create instances of a certain
> model. I wan't that in the change-list page of that model in the admin
> site, every user will see only the instances that he'd created. Of
> course, this user doesn't have permissions to view or edit instances
> of other users.
>
> What is the best approach to accomplish this?
>

take a look at this project:
https://github.com/lukaszb/django-guardian

or search in google by: django admin row level permission
-- 
Marc

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Automatic indexes on foreign keys

[Aryeh Leib Taurog]

With the following models:

class Group(models.Model):
group_name = models.CharField(max_length=10, primary_key=True)

class Item(models.Model):
item_name = models.CharField(max_length=10)
group = models.ForeignKey(Group)
class Meta:
unique_together = [('item_name','group')]

Django's ORM seems to create *two* indexes automatically:
CREATE INDEX "myapp_item_group_id" ON "myapp_item" ("group_id");
CREATE INDEX "myapp_item_group_id_like" ON "myapp_item" ("group_id"
varchar_pattern_ops);

Two!? Is this really necessary?  My understanding is that one usually
wants an index on the *referenced* field, not the *referencing*
field.  In my case the referenced field is indexed implicitly by the
db, since it is already a primary key.  I am looking for ways to
improve insert performance on the referencing table, and my
unique_together constraint already implies all the index I need on
this table.  Is there any reason why I shouldn't drop the indexes
django creates for me?

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Loading Of Tweets

[coded kid]

Hi guys, I;ve been facing some problem with loading of tweets in my
django project. The question now is; how can I load users tweets in my
django site. I'm using omab/django social auth to authenticate users.
Anyone have the idea?

Thanks!

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Is it secure to have IDs show up in URLs?

[Bastien]

I am concerned about seeing the IDs of objects appearing in the URL and in 
a totally predictable manner. It is very convenient and clean to do all 
sorts of things but can be abused very easily to retrieve all the content 
of the site, ie: photos... 
Is it a good idea to try to change this behavior? Maybe with some sort of 
middleware? Is there any project doing it already? For instance the urls in 
Instagram seem to be encoded at least.

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/django-users/-/UBBLhaPnHf4J.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: Is it secure to have IDs show up in URLs?

[Vovk Donets]

Hello, why not use _slug_ then?? You can show in URLs whatever you want.

2012/3/23 Bastien 

> I am concerned about seeing the IDs of objects appearing in the URL and in
> a totally predictable manner. It is very convenient and clean to do all
> sorts of things but can be abused very easily to retrieve all the content
> of the site, ie: photos...
> Is it a good idea to try to change this behavior? Maybe with some sort of
> middleware? Is there any project doing it already? For instance the urls in
> Instagram seem to be encoded at least.
>
> --
> You received this message because you are subscribed to the Google Groups
> "Django users" group.
> To view this discussion on the web visit
> https://groups.google.com/d/msg/django-users/-/UBBLhaPnHf4J.
> To post to this group, send email to django-users@googlegroups.com.
> To unsubscribe from this group, send email to
> django-users+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/django-users?hl=en.
>



-- 
*Vovk Donets*
 python developer

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: Is it secure to have IDs show up in URLs?

[Bastian Ballmann]

Hi Bastien,

it's the task of the backend to manage the authorization including
users and permissions. 

If the view and permission system allows all users to see everything
and you dont want it that way than you have to check permission in your
views.
See https://docs.djangoproject.com/en/1.3/topics/auth/

This has nothing to do with having the id in the url or not cause
hiding the id wont help you get a more secure system if your auth
backend is crappy. Security by obscurity doesnt work.

HTH && Greets

Basti


Am Fri, 23 Mar 2012 04:06:45 -0700 (PDT)
schrieb Bastien :

> I am concerned about seeing the IDs of objects appearing in the URL
> and in a totally predictable manner. It is very convenient and clean
> to do all sorts of things but can be abused very easily to retrieve
> all the content of the site, ie: photos... 
> Is it a good idea to try to change this behavior? Maybe with some
> sort of middleware? Is there any project doing it already? For
> instance the urls in Instagram seem to be encoded at least.
> 



-- 
 Bastian Ballmann / Web Developer
Notch Interactive GmbH / Badenerstrasse 571 / 8048 Zürich
Phone +41 43 818 20 91 / www.notch-interactive.com

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: Is it secure to have IDs show up in URLs?

[Bastien]

Sorry maybe my post was not very clear, I am talking about public content 
here, that should be accessed by anyone, even anonymous users not logged in.
For instance if we talk about photos, publicly available, the url would 
look something like /photos/1, /photos/2  1 and 2 being the pk of the 
object in the db. If someone wants to download or link to these photos in a 
totally uncontrollable way (without using an API), with that system we are 
making it very easy to do mass content leakage. I don't want to promote 
security by obscurity here, just want to know what people in the group 
think about it and what solutions can be implemented, or if it is relevant 
at all.

The idea of slug could do the trick, but wouldn't it require some sort of 
date or title or a combination of both in the url? Not the most convenient 
in this case.

On Friday, March 23, 2012 12:17:02 PM UTC+1, Bastian Ballmann wrote:
>
> Hi Bastien,
>
> it's the task of the backend to manage the authorization including
> users and permissions. 
>
> If the view and permission system allows all users to see everything
> and you dont want it that way than you have to check permission in your
> views.
> See 
> https://docs.djangoproject.​com/en/1.3/topics/auth/
>
> This has nothing to do with having the id in the url or not cause
> hiding the id wont help you get a more secure system if your auth
> backend is crappy. Security by obscurity doesnt work.
>
> HTH && Greets
>
> Basti
>
>
> Am Fri, 23 Mar 2012 04:06:45 -0700 (PDT)
> schrieb Bastien <>:
>
> > I am concerned about seeing the IDs of objects appearing in the URL
> > and in a totally predictable manner. It is very convenient and clean
> > to do all sorts of things but can be abused very easily to retrieve
> > all the content of the site, ie: photos... 
> > Is it a good idea to try to change this behavior? Maybe with some
> > sort of middleware? Is there any project doing it already? For
> > instance the urls in Instagram seem to be encoded at least.
> > 
>
> -- 
>  Bastian Ballmann / Web Developer
> Notch Interactive GmbH / Badenerstrasse 571 / 8048 Zürich
> Phone +41 43 818 20 91 / www.notch-interactive.com
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/django-users/-/JXu3CCHKtaQJ.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: Is it secure to have IDs show up in URLs?

[Brett Parker]

On 23 Mar 04:38, Bastien wrote:
> Sorry maybe my post was not very clear, I am talking about public content 
> here, that should be accessed by anyone, even anonymous users not logged in.
> For instance if we talk about photos, publicly available, the url would 
> look something like /photos/1, /photos/2  1 and 2 being the pk of the 
> object in the db. If someone wants to download or link to these photos in a 
> totally uncontrollable way (without using an API), with that system we are 
> making it very easy to do mass content leakage. I don't want to promote 
> security by obscurity here, just want to know what people in the group 
> think about it and what solutions can be implemented, or if it is relevant 
> at all.

Are there links on the site to those bits of content, anyways? If so,
then this is entirely irrelevant, as they're already entirely
spidarable, and there's plenty of software out there that will parse web
pages and download all content, and follow links, etc.

Cheers,
-- 
Brett Parker

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: Is it secure to have IDs show up in URLs?

[Tom Evans]

On Fri, Mar 23, 2012 at 11:38 AM, Bastien  wrote:
> Sorry maybe my post was not very clear, I am talking about public content
> here, that should be accessed by anyone, even anonymous users not logged in.
> For instance if we talk about photos, publicly available, the url would look
> something like /photos/1, /photos/2  1 and 2 being the pk of the object
> in the db. If someone wants to download or link to these photos in a totally
> uncontrollable way (without using an API), with that system we are making it
> very easy to do mass content leakage. I don't want to promote security by
> obscurity here, just want to know what people in the group think about it
> and what solutions can be implemented, or if it is relevant at all.
>
> The idea of slug could do the trick, but wouldn't it require some sort of
> date or title or a combination of both in the url? Not the most convenient
> in this case.
>

If you are concerned about predictable URLs, then you could instead
add a random uuid for each object, use that as an db index and index
your URLs with the uuid.

Your uuid field could simply be a char field, or there are several
UUIDField implementations out there in the internet - ideally, you'd
be using postgres (which has a uuid field type), and it would get
stored as a 128 bit integer rather than a 36 character string.

Cheers

Tom

PS: This is the uuid field I use: https://github.com/dcramer/django-uuidfield

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: Is it secure to have IDs show up in URLs?

[Tom Evans]

On Fri, Mar 23, 2012 at 12:00 PM, Brett Parker
 wrote:
> On 23 Mar 04:38, Bastien wrote:
>> Sorry maybe my post was not very clear, I am talking about public content
>> here, that should be accessed by anyone, even anonymous users not logged in.
>> For instance if we talk about photos, publicly available, the url would
>> look something like /photos/1, /photos/2  1 and 2 being the pk of the
>> object in the db. If someone wants to download or link to these photos in a
>> totally uncontrollable way (without using an API), with that system we are
>> making it very easy to do mass content leakage. I don't want to promote
>> security by obscurity here, just want to know what people in the group
>> think about it and what solutions can be implemented, or if it is relevant
>> at all.
>
> Are there links on the site to those bits of content, anyways? If so,
> then this is entirely irrelevant, as they're already entirely
> spidarable, and there's plenty of software out there that will parse web
> pages and download all content, and follow links, etc.
>
> Cheers,
> --
> Brett Parker
>

You might have a page with links to '/photos/1' and '/photos/2'. You
don't want someone to try to download all the photos by guessing that
there may be content at '/photos/3' as well. Using non-predictable
URIs for resources allows you to control how and when a user is linked
to a resource.

Cheers

Tom

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: Is it secure to have IDs show up in URLs?

[Brett Parker]

On 23 Mar 12:04, Tom Evans wrote:
> On Fri, Mar 23, 2012 at 12:00 PM, Brett Parker
>  wrote:
> > On 23 Mar 04:38, Bastien wrote:
> >> Sorry maybe my post was not very clear, I am talking about public content
> >> here, that should be accessed by anyone, even anonymous users not logged 
> >> in.
> >> For instance if we talk about photos, publicly available, the url would
> >> look something like /photos/1, /photos/2  1 and 2 being the pk of the
> >> object in the db. If someone wants to download or link to these photos in a
> >> totally uncontrollable way (without using an API), with that system we are
> >> making it very easy to do mass content leakage. I don't want to promote
> >> security by obscurity here, just want to know what people in the group
> >> think about it and what solutions can be implemented, or if it is relevant
> >> at all.
> >
> > Are there links on the site to those bits of content, anyways? If so,
> > then this is entirely irrelevant, as they're already entirely
> > spidarable, and there's plenty of software out there that will parse web
> > pages and download all content, and follow links, etc.
> >
> > Cheers,
> > --
> > Brett Parker
> >
> 
> You might have a page with links to '/photos/1' and '/photos/2'. You
> don't want someone to try to download all the photos by guessing that
> there may be content at '/photos/3' as well. Using non-predictable
> URIs for resources allows you to control how and when a user is linked
> to a resource.

*if* they wanted all the photos, then spidering the site isn't exactly
difficult, see wget -m. They'll end up with more than they need, but
it'll all be local, and it'd take them minutes to then just weed out the
photos - obscuring urls and using random ids just appears to be a waste
of time for public content.

-- 
Brett Parker

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Broken INTERNAL link error emails on flat pages.

[Arek]

This is my first post here so hello everybody.

when SEND_BROKEN_LINK_EMAILS=True, every time flat page is visited
django-1.3.1 sends emails like this:

Referrer: http://example.com/
Requested URL: /contact/
User agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; 
.NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET CLR 
3.0.4506.2152; .NET CLR 3.5.30729; InfoPath.2)
IP address: 11.22.333.444

anyone knows how to fix this? 

Cheers,
Arek





-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: Using _set.all in template when ForiegnKey is linked to Self

[Jam]

I actually managed to find a way to do this.

instead of using {% for fieldname_set.all %} I used {% for RelatedName.all 
%}

That worked perfectly.

On Thursday, March 22, 2012 11:52:19 PM UTC+2, Daniel Roseman wrote:
>
> On Thursday, 22 March 2012 01:12:21 UTC-7, Jam wrote:
>>
>> Hi All,
>>
>> I have a model where it can link to itself using ForeignKey('self'). This 
>> is so I can have parent and child objects.
>>
>> I have called the parent and in the template I want to be able to access 
>> all the child objects.
>>
>> I have been using the _set.all template command on the field but it 
>> returns no results.
>>
>> Any ideas why this would happen? This is the first time I have used 
>> ForeignKey('self') so I am a bit clueless.
>>
>> Thank you all
>> Jamie
>>
>
> You'll need to be a bit more specific. Please show your model, and the 
> exact template code you are using. 
> --
> DR.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/django-users/-/aud_H6IwckMJ.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: Is it secure to have IDs show up in URLs?

[Tom Evans]

On Fri, Mar 23, 2012 at 12:11 PM, Brett Parker
 wrote:
> *if* they wanted all the photos, then spidering the site isn't exactly
> difficult, see wget -m.

You assume that all the content is indexed on the website. Consider a
press release model; you may have a 'published' flag on the
PressRelease model, so that a press release being prepared does not
appear in the list of press releases on the site.

The user uploads several images to include in the press release, the
images have commercially sensitive information in them that you can
only show after the release is published.

Should someone be able to get lucky and guess the ids of photos that
have not been included in a published release?

> They'll end up with more than they need, but
> it'll all be local, and it'd take them minutes to then just weed out the
> photos - obscuring urls and using random ids just appears to be a waste
> of time for public content.
>

It isn't obscuring the URI; it is making it non-predictable. There are
many occasions where generating non-predictable URIs is essential, and
assigning objects a UUID (also called a GUID) is extremely common, as
it gives a way of uniquely identifying arbitrary items.

Stuff like this seems pointless and arbitrary until it's not. Only the
OP knows his needs; if he needs non-predictable URIs, he needs
non-predictable URIs.

Cheers

Tom

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: Abridged summary of django-users@googlegroups.com - 27 Messages in 14 Topics

[William Slippey]

On Fri, Mar 23, 2012 at 9:18 AM,  wrote:

>   Today's Topic Summary
>
> Group: http://groups.google.com/group/django-users/topics
>
>- Is it secure to have IDs show up in 
> URLs?<#1363fb5b1f3e4a26_group_thread_0>[9 Updates]
>- Using _set.all in template when ForiegnKey is linked to 
> Self<#1363fb5b1f3e4a26_group_thread_1>[2 Updates]
>- Broken INTERNAL link error emails on flat 
> pages.<#1363fb5b1f3e4a26_group_thread_2>[1 Update]
>- Loading Of Tweets <#1363fb5b1f3e4a26_group_thread_3> [1 Update]
>- Automatic indexes on foreign keys <#1363fb5b1f3e4a26_group_thread_4>[1 
> Update]
>- filtered admin change-list <#1363fb5b1f3e4a26_group_thread_5> [2
>Updates]
>- ModelForms <#1363fb5b1f3e4a26_group_thread_6> [2 Updates]
>- Preventing JOIN while checking if a self referencing FK is 
> null<#1363fb5b1f3e4a26_group_thread_7>[1 Update]
>- implement form for listfield <#1363fb5b1f3e4a26_group_thread_8> [1
>Update]
>- Django-1.4c2 logging issue on Snow 
> Leopard<#1363fb5b1f3e4a26_group_thread_9>[1 Update]
>- Autofill dropdown with django <#1363fb5b1f3e4a26_group_thread_10> [3
>Updates]
>- [1.4c2] The storage backend of the staticfiles finder doesn't have a
>valid location. <#1363fb5b1f3e4a26_group_thread_11> [1 Update]
>- Weird stacktrace coming from manage.py 
> test<#1363fb5b1f3e4a26_group_thread_12>[1 Update]
>- Is there a place for new Django specialized 
> hosting?<#1363fb5b1f3e4a26_group_thread_13>[1 Update]
>
>   Is it secure to have IDs show up in 
> URLs?
>
>Bastien  Mar 23 04:06AM -0700
>
>I am concerned about seeing the IDs of objects appearing in the URL
>and in
>a totally predictable manner. It is very convenient and clean to do
>all
>sorts of things but can be abused very easily to ...more
>
>
>Vovk Donets  Mar 23 05:11PM +0600
>
>Hello, why not use _slug_ then?? You can show in URLs whatever you
>want.
>
>2012/3/23 Bastien 
>
>
>--
>*Vovk Donets*
>python developer
>...more
>
>
>Bastian Ballmann  Mar 23
>12:17PM +0100
>
>Hi Bastien,
>
>it's the task of the backend to manage the authorization including
>users and permissions.
>
>If the view and permission system allows all users to see everything
>and you dont want it ...more
>
>
>Bastien  Mar 23 04:38AM -0700
>
>Sorry maybe my post was not very clear, I am talking about public
>content
>here, that should be accessed by anyone, even anonymous users not
>logged in.
>For instance if we talk about photos, publicly ...more
>
>
>Brett Parker  Mar 23 12:00PM
>
>On 23 Mar 04:38, Bastien wrote:
>> security by obscurity here, just want to know what people in the
>group
>> think about it and what solutions can be implemented, or if it is
>relevant
>> at all.
>...more
>
>
>Tom Evans  Mar 23 12:01PM
>
>
>> The idea of slug could do the trick, but wouldn't it require some
>sort of
>> date or title or a combination of both in the url? Not the most
>convenient
>> in this case.
>
>If you are concerned ...more
>
>
>Tom Evans  Mar 23 12:04PM
>
>On Fri, Mar 23, 2012 at 12:00 PM, Brett Parker
>
>> Cheers,
>> --
>> Brett Parker
>
>You might have a page with links to '/photos/1' and '/photos/2'. You
>don't want someone to try to download all the ...more
>
>
>Brett Parker  Mar 23 12:11PM
>
>On 23 Mar 12:04, Tom Evans wrote:
>> there may be content at '/photos/3' as well. Using non-predictable
>> URIs for resources allows you to control how and when a user is
>linked
>> to a resource.
>...more
>
>
>Tom Evans  Mar 23 12:48PM
>
>On Fri, Mar 23, 2012 at 12:11 PM, Brett Parker
>> *if* they wanted all the photos, then spidering the site isn't
>exactly
>> difficult, see wget -m.
>
>You assume that all the content is indexed on the ...more
>
>   Using _set.all in template when ForiegnKey is linked to 
> Self
>
>Daniel Roseman  Mar 22 02:52PM -0700
>
>On Thursday, 22 March 2012 01:12:21 UTC-7, Jam wrote:
>> ForeignKey('self') so I am a bit clueless.
>
>> Thank you all
>> Jamie
>
>You'll need to be a bit more specific. Please show your model, and
>...more
>
>
>Jam  Mar 23 05:22AM -0700
>
>I actually managed to find a way to do this.
>
>instead of using {% for fieldname_set.all %} I used {% for
>RelatedName.all
>%}
>
>That worked perfectly.
>
>On Thursday, March 22, 2012 11:52:19 PM ...more
>
>   Broken INTERNAL link error emails on flat 
> pages.
>
>Arek  Mar 23 12:13PM
>
>This is my first post here so hello everybody.
>
>when SEND_BROKEN_LINK_EMAILS=True, every time flat page is visited
>django-1.3.1 sends ema

Django log lines spamming syslog

[Scott Gould]

Hi folks,

Our syslog has been filling up for some time with this stuff and we
only just noticed due to logrotate breaking on us. For what appears to
be every django request across all virtual hosts, we are getting a
pair of lines, like so (blank lines inserted by me):

Jan 27 14:48:52 cloweb01 apache2: SessionMiddleware.process_request -
id 0x7f6dabfb35d0 - cookie None - session
915ffaa7831b5de78876abb7746dfc1f - path /serverstatus/api/v1/status/
Jan 27 14:48:52 cloweb01 apache2: WSGIHandler.__call__ - id
0x7f6dabfb35d0 - cookie None - session
879f844cb6ea0213b445f60e11b22978 - path /serverstatus/api/v1/status/

Jan 27 14:48:54 cloweb01 apache2: SessionMiddleware.process_request -
id 0x7f6dab5abb10 - cookie 3f7dc260e50d4da7a6168627f087fa96 - session
3f7dc260e50d4da7a6168627f087fa96 - path /
Jan 27 14:48:55 cloweb01 apache2: WSGIHandler.__call__ - id
0x7f6dab5abb10 - cookie 3f7dc260e50d4da7a6168627f087fa96 - session
3f7dc260e50d4da7a6168627f087fa96 - path /

Jan 27 14:48:55 cloweb01 apache2: SessionMiddleware.process_request -
id 0x7f6dac318950 - cookie ad94336c4f21abd813f52d5a6f8d3f42 - session
ad94336c4f21abd813f52d5a6f8d3f42 - path /
Jan 27 14:48:55 cloweb01 apache2: WSGIHandler.__call__ - id
0x7f6dac318950 - cookie ad94336c4f21abd813f52d5a6f8d3f42 - session
ad94336c4f21abd813f52d5a6f8d3f42 - path /

There's nothing I'm aware of in my own code that's creating these
lines, and my knowledge about the inner workings of the various
components in play decreases as you move further away from Django.
Could anyone hazard a guess as to where this might be coming from? We
don't explicitly/knowlingly send anything to syslog from apache. The
vitals: Ubuntu 10.04, Apache/2.2.14, mod_wsgi 2.8, Python 2.6.5,
Django 1.2.

Thanks all.

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: Is it secure to have IDs show up in URLs?

[Bastian Ballmann]

I dont get it. You want to make all your stuff publicly available, but
complain about the matter that everyone can access everything? 

Anyway for on any reason you want not so easy guessable links why not
use md5 or sha1 checksum in hex of the photo as link?

Greets

Basti


Am Fri, 23 Mar 2012 04:38:43 -0700 (PDT)
schrieb Bastien :

> Sorry maybe my post was not very clear, I am talking about public
> content here, that should be accessed by anyone, even anonymous users
> not logged in. For instance if we talk about photos, publicly
> available, the url would look something
> like /photos/1, /photos/2  1 and 2 being the pk of the object in
> the db. If someone wants to download or link to these photos in a
> totally uncontrollable way (without using an API), with that system
> we are making it very easy to do mass content leakage. I don't want
> to promote security by obscurity here, just want to know what people
> in the group think about it and what solutions can be implemented, or
> if it is relevant at all.
> 
> The idea of slug could do the trick, but wouldn't it require some
> sort of date or title or a combination of both in the url? Not the
> most convenient in this case.
> 
> On Friday, March 23, 2012 12:17:02 PM UTC+1, Bastian Ballmann wrote:
> >
> > Hi Bastien,
> >
> > it's the task of the backend to manage the authorization including
> > users and permissions. 
> >
> > If the view and permission system allows all users to see everything
> > and you dont want it that way than you have to check permission in
> > your views.
> > See
> > https://docs.djangoproject.​com/en/1.3/topics/auth/
> >
> > This has nothing to do with having the id in the url or not cause
> > hiding the id wont help you get a more secure system if your auth
> > backend is crappy. Security by obscurity doesnt work.
> >
> > HTH && Greets
> >
> > Basti
> >
> >
> > Am Fri, 23 Mar 2012 04:06:45 -0700 (PDT)
> > schrieb Bastien <>:
> >
> > > I am concerned about seeing the IDs of objects appearing in the
> > > URL and in a totally predictable manner. It is very convenient
> > > and clean to do all sorts of things but can be abused very easily
> > > to retrieve all the content of the site, ie: photos... 
> > > Is it a good idea to try to change this behavior? Maybe with some
> > > sort of middleware? Is there any project doing it already? For
> > > instance the urls in Instagram seem to be encoded at least.
> > > 
> >
> > -- 
> >  Bastian Ballmann / Web Developer
> > Notch Interactive GmbH / Badenerstrasse 571 / 8048 Zürich
> > Phone +41 43 818 20 91 / www.notch-interactive.com
> >
> >
> 



-- 
 Bastian Ballmann / Web Developer
Notch Interactive GmbH / Badenerstrasse 571 / 8048 Zürich
Phone +41 43 818 20 91 / www.notch-interactive.com

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: Automatic indexes on foreign keys

[Javier Guerra Giraldez]

On Fri, Mar 23, 2012 at 4:37 AM, Aryeh Leib Taurog  wrote:
> My understanding is that one usually
> wants an index on the *referenced* field, not the *referencing*
> field.

it's for the back-reference link.  so that you can do
group.item_set.all() and get all the items that share a group.

yes, the unique_together index implies the other one and could be
used, but Django doesn't do that analysis for you.  yes, it seems you
could drop the index, but be sure to test if any of your queries is
affected.

-- 
Javier

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Customizie admin views

[jsdey]

 I have a project photos that has a model Album.  Admin (/admin/photos/
album/  page has a button "Add Album".  I want to write a custom page
for that action but can't find the view that does the processing.  Any
guidance would be appreciated.  Thanks.

John

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: Weird stacktrace coming from manage.py test

[Reinout van Rees]

On 22-03-12 17:34, Jeff Heard wrote:

Has anyone seen this before?  Am I missing something?  This hasn't even
gotten to my code yet.  I'm using this in my settings.py:

TEST_RUNNER = 'django.contrib.gis.tests.GeoDjangoTestSuiteRunner'

I have a template PostGIS database setup properly.  And I'm running the
stable release of Django 1.3.

---

Traceback (most recent call last):

...

self.connection.connection.autocommit = True
psycopg2.ProgrammingError: autocommit cannot be used inside a transaction


For me, this normally means the database definition is not quite right.

In your geodjango case, do you perhaps miss django.contrib.gis in your 
INSTALLED_APPS list?



Reinout

--
Reinout van Reeshttp://reinout.vanrees.org/
rein...@vanrees.org http://www.nelen-schuurmans.nl/
"If you're not sure what to do, make something. -- Paul Graham"

--
You received this message because you are subscribed to the Google Groups "Django 
users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: Django-1.4c2 logging issue on Snow Leopard

[Reinout van Rees]

On 22-03-12 21:09, Jeff Heard wrote:

   File
"/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/logging/config.py",
line 562, in configure
 'filter %r: %s' % (name, e))
ValueError: Unable to configure filter 'require_debug_false': Cannot
resolve 'django.utils.log.RequireDebugFalse': No module named
RequireDebugFalse

I'm using virtualenv and the system python.


Guess: You have django installed both in your virtualenv and in your 
system python and they're probably interfering. Look in your manage.py 
script if you spot something wrong with sys.path or so. Or the `#!` 
python line at the top.




Reinout

--
Reinout van Reeshttp://reinout.vanrees.org/
rein...@vanrees.org http://www.nelen-schuurmans.nl/
"If you're not sure what to do, make something. -- Paul Graham"

--
You received this message because you are subscribed to the Google Groups "Django 
users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: Weird stacktrace coming from manage.py test

[Jeff Heard]

No, it turned out that my django-startproject.py was still the one for 1.3...

On Fri, Mar 23, 2012 at 10:47 AM, Reinout van Rees  wrote:
> On 22-03-12 17:34, Jeff Heard wrote:
>>
>> Has anyone seen this before?  Am I missing something?  This hasn't even
>> gotten to my code yet.  I'm using this in my settings.py:
>>
>> TEST_RUNNER = 'django.contrib.gis.tests.GeoDjangoTestSuiteRunner'
>>
>> I have a template PostGIS database setup properly.  And I'm running the
>> stable release of Django 1.3.
>>
>> ---
>>
>> Traceback (most recent call last):
>
> ...
>
>>    self.connection.connection.autocommit = True
>> psycopg2.ProgrammingError: autocommit cannot be used inside a transaction
>
>
> For me, this normally means the database definition is not quite right.
>
> In your geodjango case, do you perhaps miss django.contrib.gis in your
> INSTALLED_APPS list?
>
>
> Reinout
>
> --
> Reinout van Rees                    http://reinout.vanrees.org/
> rein...@vanrees.org             http://www.nelen-schuurmans.nl/
> "If you're not sure what to do, make something. -- Paul Graham"
>
> --
> You received this message because you are subscribed to the Google Groups
> "Django users" group.
> To post to this group, send email to django-users@googlegroups.com.
> To unsubscribe from this group, send email to
> django-users+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/django-users?hl=en.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Pip install matplotlib error with virtualenv

[darwin_tech]

I am trying to install matplotlib in a new virtualenv.

When I do:

pip install matplotlib

or

pip install 
http://sourceforge.net/projects/matplotlib/files/matplotlib/matplotlib-1.1.0/matplotlib-1.1.0.tar.gz

I get this error:

building 'matplotlib._png' extension

gcc -pthread -fno-strict-aliasing -DNDEBUG -g -fwrapv -O2 -Wall -fPIC -  
DPY_ARRAY_UNIQUE_SYMBOL=MPL_ARRAY_API -DPYCXX_ISO_CPP_LIB=1 
-I/usr/local/include -I/usr/include -I. 
-I/home/sam/django-projects/datazone/local/lib/python2.7/site-packages/numpy/core/include
 -I. -I/usr/include/python2.7 -c src/_png.cpp -o 
build/temp.linux-x86_64-2.7/src/_png.o

src/_png.cpp:10:20: fatal error: png.h: No such file or directory

compilation terminated.

error: command 'gcc' failed with exit status 1

Anyone have an idea what is going on?

Any help much appreciated.

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/django-users/-/dxesrtK_PvUJ.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: Pip install matplotlib error with virtualenv

[Tom Evans]

On Fri, Mar 23, 2012 at 3:06 PM, darwin_tech  wrote:
> I am trying to install matplotlib in a new virtualenv.
>
> When I do:
>
> pip install matplotlib
>
> or
>
> pip install
> http://sourceforge.net/projects/matplotlib/files/matplotlib/matplotlib-1.1.0/matplotlib-1.1.0.tar.gz
>
> I get this error:
>
> building 'matplotlib._png' extension
>
> gcc -pthread -fno-strict-aliasing -DNDEBUG -g -fwrapv -O2 -Wall -fPIC -
> DPY_ARRAY_UNIQUE_SYMBOL=MPL_ARRAY_API -DPYCXX_ISO_CPP_LIB=1
> -I/usr/local/include -I/usr/include -I.
> -I/home/sam/django-projects/datazone/local/lib/python2.7/site-packages/numpy/core/include
> -I. -I/usr/include/python2.7 -c src/_png.cpp -o
> build/temp.linux-x86_64-2.7/src/_png.o
>
> src/_png.cpp:10:20: fatal error: png.h: No such file or directory
>
> compilation terminated.
>
> error: command 'gcc' failed with exit status 1
>
> Anyone have an idea what is going on?
>
> Any help much appreciated.
>

(going from the error messages only)

matplotlib requires libpng headers and libraries to be installed to
compile. You don't have (at least) the headers installed.

Not really related to django this, is it?

Cheers

Tom

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

reverse urls on admin

[Marc Aymerich]

Hi,
I've overrided the get_urls() of one of my ModelAdmin in order to
provide some extra views. what I did is:

def get_urls(self):
"""Returns the additional urls used by the Contact admin."""

select_urls = patterns("",
url("^contract_pack/(?P\d+)/",
include(ContractPackAdmin(Pack, admin_site).get_urls()),
name="contract_pack"),)
return select_urls + urls

so now I'm trying to get the  reverse url with reverse() but I've
failed on every try I did. I've tried with:

reverse('admin:"app_label"_"app_module"_contract_pack',
kwargs={'contact_id': 1})
reverse('admin:contract_pack',  kwargs={'contact_id': 1})
reverse('contract_pack',  kwargs={'contact_id': 1})

What acutally is the correct string for getting this url via reverse()?

Thanks!!!
-- 
Marc

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: Django log lines spamming syslog

[Reinout van Rees]

On 23-03-12 14:49, Scott Gould wrote:


Our syslog has been filling up for some time with this stuff and we
only just noticed due to logrotate breaking on us. For what appears to
be every django request across all virtual hosts, we are getting a
pair of lines, like so (blank lines inserted by me):

Jan 27 14:48:52 cloweb01 apache2: SessionMiddleware.process_request -
id 0x7f6dabfb35d0 - cookie None - session
915ffaa7831b5de78876abb7746dfc1f - path /serverstatus/api/v1/status/
Jan 27 14:48:52 cloweb01 apache2: WSGIHandler.__call__ - id
0x7f6dabfb35d0 - cookie None - session
879f844cb6ea0213b445f60e11b22978 - path /serverstatus/api/v1/status/


I looked at django/contrib/sessions/middleware.py and there's no logging 
or printing happening there.


That the syslog ends up with this info probably means that django prints 
it out on the console, which would normally end up in your apache's 
error log. Probably you configured apache to send it to the syslog instead.


Printing on the console means "print ..." or a logger that's configured 
to print to the console. Did you do the latter?



My guess: someone put a print statement in 
django/contrib/sessions/middleware.py for debug purposes. So check the 
django that your site is using and see if you have to beat someone with 
a stout stick.



Reinout

--
Reinout van Reeshttp://reinout.vanrees.org/
rein...@vanrees.org http://www.nelen-schuurmans.nl/
"If you're not sure what to do, make something. -- Paul Graham"

--
You received this message because you are subscribed to the Google Groups "Django 
users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: Pip install matplotlib error with virtualenv

[darwin_tech]

Thanks for the reply. 

I guess not directly related to Django, though this virtualenv is very much 
for the purpose of a Django project and I hoped other Django users had come 
across this particular problem. 

Thankyou for the response though - do I need to install libpng in the 
virtualenv (sorry - just starting to use virtualenv) ?

Sam

On Friday, 23 March 2012 09:22:57 UTC-6, Tom Evans wrote:
>
> On Fri, Mar 23, 2012 at 3:06 PM, darwin_tech wrote:
> > I am trying to install matplotlib in a new virtualenv.
> >
> > When I do:
> >
> > pip install matplotlib
> >
> > or
> >
> > pip install
> > 
> http://sourceforge.net/​projects/matplotlib/files/​matplotlib/matplotlib-1.1.0/​matplotlib-1.1.0.tar.gz
> >
> > I get this error:
> >
> > building 'matplotlib._png' extension
> >
> > gcc -pthread -fno-strict-aliasing -DNDEBUG -g -fwrapv -O2 -Wall -fPIC -
> > DPY_ARRAY_UNIQUE_SYMBOL=MPL_​ARRAY_API -DPYCXX_ISO_CPP_LIB=1
> > -I/usr/local/include -I/usr/include -I.
> > 
> -I/home/sam/django-projects/​datazone/local/lib/python2.7/​site-packages/numpy/core/​include
> > -I. -I/usr/include/python2.7 -c src/_png.cpp -o
> > build/temp.linux-x86_64-2.7/​src/_png.o
> >
> > src/_png.cpp:10:20: fatal error: png.h: No such file or directory
> >
> > compilation terminated.
> >
> > error: command 'gcc' failed with exit status 1
> >
> > Anyone have an idea what is going on?
> >
> > Any help much appreciated.
> >
>
> (going from the error messages only)
>
> matplotlib requires libpng headers and libraries to be installed to
> compile. You don't have (at least) the headers installed.
>
> Not really related to django this, is it?
>
> Cheers
>
> Tom
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/django-users/-/6y-RQd9gtC8J.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: Django log lines spamming syslog

[Scott Gould]

Nail, meet head.

Thanks! I was thinking along similar lines but stupidly checked
everywhere (my code, apache confs, etc.) except the django source on
the server itself.

On Mar 23, 11:36 am, Reinout van Rees  wrote:
> On 23-03-12 14:49, Scott Gould wrote:
>
>
>
> > Our syslog has been filling up for some time with this stuff and we
> > only just noticed due to logrotate breaking on us. For what appears to
> > be every django request across all virtual hosts, we are getting a
> > pair of lines, like so (blank lines inserted by me):
>
> > Jan 27 14:48:52 cloweb01 apache2: SessionMiddleware.process_request -
> > id 0x7f6dabfb35d0 - cookie None - session
> > 915ffaa7831b5de78876abb7746dfc1f - path /serverstatus/api/v1/status/
> > Jan 27 14:48:52 cloweb01 apache2: WSGIHandler.__call__ - id
> > 0x7f6dabfb35d0 - cookie None - session
> > 879f844cb6ea0213b445f60e11b22978 - path /serverstatus/api/v1/status/
>
> I looked at django/contrib/sessions/middleware.py and there's no logging
> or printing happening there.
>
> That the syslog ends up with this info probably means that django prints
> it out on the console, which would normally end up in your apache's
> error log. Probably you configured apache to send it to the syslog instead.
>
> Printing on the console means "print ..." or a logger that's configured
> to print to the console. Did you do the latter?
>
> My guess: someone put a print statement in
> django/contrib/sessions/middleware.py for debug purposes. So check the
> django that your site is using and see if you have to beat someone with
> a stout stick.
>
> Reinout
>
> --
> Reinout van Rees                    http://reinout.vanrees.org/
> rein...@vanrees.org            http://www.nelen-schuurmans.nl/
> "If you're not sure what to do, make something. -- Paul Graham"

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: Django deployment practices -- do people use setup.py?

[John Griessen]

On 03/14/2012 09:13 PM, Matt Schinckel wrote:

For project deployment, I use a fabfile that does the following:

* installs public keys onto the server (if necessary)
* creates the directory structure required (if necessary)
* copies the project onto the server
* installs requirements from REQUIREMENTS.txt
* runs collectstatic, migrate, etc
* restarts the web server (apache/nginx/whatever).


I hadn't thought of doing database migrates along with deploy
commands -- I'd thought they needed special handling

How much migrating of database info is reasonable to
script like this?  Does anyone work with web storefronts
that do some of the inventory bookkeeping, and so they
have transaction info that cannot be lost, and how do you
force the django app to stop doing any new transactions
before you do a migrate?  Do the usual Django web store modules
handle this idea already?  Do any migrate scripts handle stopping
new transactions first?

John

--
You received this message because you are subscribed to the Google Groups "Django 
users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: Pip install matplotlib error with virtualenv

[Tom Evans]

On Fri, Mar 23, 2012 at 3:45 PM, darwin_tech  wrote:
> Thanks for the reply.
>
> I guess not directly related to Django, though this virtualenv is very much
> for the purpose of a Django project and I hoped other Django users had come
> across this particular problem.
>
> Thankyou for the response though - do I need to install libpng in the
> virtualenv (sorry - just starting to use virtualenv) ?
>
> Sam
>

No, the C compiler is entirely ignorant about virtualenv, they are
solely a python thing. You probably have libpng installed, but not
libpng-devel, which supplies the headers that allow programs to
compile against libpng*. Alternatively, you may not have libpng
installed at all...

Cheers

Tom

* Do Linux distros still do this? I use FreeBSD, so am not affected by
this madness. Why would an OS install a binary library and not install
the headers, the very thing that allow you to use the library
yourself. Madness.

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: Pip install matplotlib error with virtualenv

[Reinout van Rees]

On 23-03-12 16:59, Tom Evans wrote:

* Do Linux distros still do this? I use FreeBSD, so am not affected by
this madness. Why would an OS install a binary library and not install
the headers, the very thing that allow you to use the library
yourself. Madness.


At least ubuntu still does this.

Only reason I can think of is that it might be safer on the server or 
something like that.



Reinout

--
Reinout van Reeshttp://reinout.vanrees.org/
rein...@vanrees.org http://www.nelen-schuurmans.nl/
"If you're not sure what to do, make something. -- Paul Graham"

--
You received this message because you are subscribed to the Google Groups "Django 
users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: ModelForms

[Tim Ney]

I think the best thing for you do is to create the css outside the
template. Like this - create the css file, separately, then reference the
file in the template.

Or, better yet, add the css you need for your form in you main css file
that is referenced in your base template and just inherit it by
using a tag {{ extends "base.html""}, then you will have a uniform look
throughout the site and you won't have to worry about but once.



On Fri, Mar 23, 2012 at 3:10 AM, Mario Gudelj wrote:

> It doesn't matter how you generate your form, your CSS should be applied
> from inside the template. You need to add a CSS file link to a template to
> which you're passing the form to inside your context from within a view, or
> you can embed it into your template using 

Re: ModelForms

[Kurtis Mullins]

If you're worried about stylizing specific fields, it'll be setup as a
table, ul, or paragraph based upon how you "render the form" (paragraph by
default I think). The individual fields are named with the following
convention (if I recall correctly) . So
for a field named "password" in a paragraph rendered form, it'll end up
sort of like this:

password

Of course I don't use these pre-rendered forms because mine typically need
too much customization. So what we do is the following:

{% csrf_token %}
...


...


and you can easily add in your own stylizing CSS and elements as needed.

On Fri, Mar 23, 2012 at 12:25 PM, Tim Ney  wrote:

> I think the best thing for you do is to create the css outside the
> template. Like this - create the css file, separately, then reference the
> file in the template.
>
> Or, better yet, add the css you need for your form in you main css file
> that is referenced in your base template and just inherit it by
> using a tag {{ extends "base.html""}, then you will have a uniform look
> throughout the site and you won't have to worry about but once.
>
>
>
> On Fri, Mar 23, 2012 at 3:10 AM, Mario Gudelj wrote:
>
>> It doesn't matter how you generate your form, your CSS should be applied
>> from inside the template. You need to add a CSS file link to a template to
>> which you're passing the form to inside your context from within a view, or
>> you can embed it into your template using 

Re: ModelForms

[Tim Ney]

Not to gild the lilly, but, you could also do this, and it would work:
either as part of the css you are inheriting from the "base" or,
separately, you could create a whole slew of named css styles in one file,
then apply each file to the template tags, table tags you use to call the
data into the template as you see fit, you could then modify the css rther
easily to get the appearance you want. I don't know if this helps, or not,
but all my static files, css, javascript are called up by a separate
server, not apache, and if you don't have all the urls right, no static
file, css renders.

On Fri, Mar 23, 2012 at 12:34 PM, Kurtis Mullins
wrote:

> If you're worried about stylizing specific fields, it'll be setup as a
> table, ul, or paragraph based upon how you "render the form" (paragraph by
> default I think). The individual fields are named with the following
> convention (if I recall correctly) . So
> for a field named "password" in a paragraph rendered form, it'll end up
> sort of like this:
>
> password name="password" id="id_password" />
>
> Of course I don't use these pre-rendered forms because mine typically need
> too much customization. So what we do is the following:
>
> {% csrf_token %}
> ...
> 
> 
> ...
> 
>
> and you can easily add in your own stylizing CSS and elements as needed.
>
> On Fri, Mar 23, 2012 at 12:25 PM, Tim Ney  wrote:
>
>> I think the best thing for you do is to create the css outside the
>> template. Like this - create the css file, separately, then reference the
>> file in the template.
>>
>> Or, better yet, add the css you need for your form in you main css file
>> that is referenced in your base template and just inherit it by
>> using a tag {{ extends "base.html""}, then you will have a uniform look
>> throughout the site and you won't have to worry about but once.
>>
>>
>>
>> On Fri, Mar 23, 2012 at 3:10 AM, Mario Gudelj wrote:
>>
>>> It doesn't matter how you generate your form, your CSS should be applied
>>> from inside the template. You need to add a CSS file link to a template to
>>> which you're passing the form to inside your context from within a view, or
>>> you can embed it into your template using 

Re: Is it secure to have IDs show up in URLs?

[Daniel Sokolowski]

Rather then obscuring the urls, in my mind per object level permission, or 
even a simple status fields with a live(...) objects manager would do the 
trick  better.


One can attempt guess and access the next sequence but it won't show. I 
personally use status field on almost all my models and per object level on 
sites with users. See https://github.com/lukaszb/django-guardian.


Sample model managers:

class ProductCategoryManager(models.Manager):
   """
   Additional methods / constants to ProductCategory's objects manager:

   ``ProductCategoryManager.objects.active()`` - all active instances
   """
   ### Model (db table) wide constants - we put these and not in model 
definition to avoid circular imports.
   ### One can access these constants through .objects.STATUS_DISABLED 
or ImageManager.STATUS_DISABLED

   STATUS_DISABLED = 0
   STATUS_ENABLED = 100
   STATUS_ARCHIVED = 500
   STATUS_CHOICES = (
   (STATUS_DISABLED, "Disabled"),
   (STATUS_ENABLED, "Enabled"),
   (STATUS_ARCHIVED, "Archived"),
   )
   # we keep status and filters naming a little different as
   # it is not one-to-one mapping in all situations
   def live(self):
   """ Returns all entries accessible through front end site"""
   return self.all().filter(status=self.STATUS_ENABLED)
   def current(self):
   """ Returns entries that are live and considered 'fresh' """
   return self.all().filter(status=self.STATUS_ENABLED, ... date range, 
other condition, etc)

   def retired(self):
   """ Returns entries that are live and considered 'old' """
   return self.all().filter(status=self.STATUS_ARCHIVED)

Then you do ProdcutCategory.objects.live() , etc.

-Original Message- 
From: Tom Evans

Sent: Friday, March 23, 2012 8:48 AM
To: django-users@googlegroups.com
Subject: Re: Is it secure to have IDs show up in URLs?

On Fri, Mar 23, 2012 at 12:11 PM, Brett Parker
 wrote:

*if* they wanted all the photos, then spidering the site isn't exactly
difficult, see wget -m.


You assume that all the content is indexed on the website. Consider a
press release model; you may have a 'published' flag on the
PressRelease model, so that a press release being prepared does not
appear in the list of press releases on the site.

The user uploads several images to include in the press release, the
images have commercially sensitive information in them that you can
only show after the release is published.

Should someone be able to get lucky and guess the ids of photos that
have not been included in a published release?


They'll end up with more than they need, but
it'll all be local, and it'd take them minutes to then just weed out the
photos - obscuring urls and using random ids just appears to be a waste
of time for public content.



It isn't obscuring the URI; it is making it non-predictable. There are
many occasions where generating non-predictable URIs is essential, and
assigning objects a UUID (also called a GUID) is extremely common, as
it gives a way of uniquely identifying arbitrary items.

Stuff like this seems pointless and arbitrary until it's not. Only the
OP knows his needs; if he needs non-predictable URIs, he needs
non-predictable URIs.

Cheers

Tom

--
You received this message because you are subscribed to the Google Groups 
"Django users" group.

To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.


--
You received this message because you are subscribed to the Google Groups "Django 
users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

ANNOUNCE: Django 1.4 released

[James Bennett]

Django 1.4 is finally here!

For details, checkout the weblog:

https://www.djangoproject.com/weblog/2012/mar/23/14/

And the release notes:

https://docs.djangoproject.com/en/dev/releases/1.4/

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: Pip install matplotlib error with virtualenv

[darwin_tech]

Hi Tom,

the weird thing is that matplotlib works fine on my system. If I have a 
Django project running outside of virtualenv, there is no problem and 
matplotlib is on the pythonpath. 

Sam

On Friday, 23 March 2012 09:59:25 UTC-6, Tom Evans wrote:
>
> On Fri, Mar 23, 2012 at 3:45 PM, darwin_tech wrote:
> > Thanks for the reply.
> >
> > I guess not directly related to Django, though this virtualenv is very 
> much
> > for the purpose of a Django project and I hoped other Django users had 
> come
> > across this particular problem.
> >
> > Thankyou for the response though - do I need to install libpng in the
> > virtualenv (sorry - just starting to use virtualenv) ?
> >
> > Sam
> >
>
> No, the C compiler is entirely ignorant about virtualenv, they are
> solely a python thing. You probably have libpng installed, but not
> libpng-devel, which supplies the headers that allow programs to
> compile against libpng*. Alternatively, you may not have libpng
> installed at all...
>
> Cheers
>
> Tom
>
> * Do Linux distros still do this? I use FreeBSD, so am not affected by
> this madness. Why would an OS install a binary library and not install
> the headers, the very thing that allow you to use the library
> yourself. Madness.
>
>
On Friday, 23 March 2012 09:59:25 UTC-6, Tom Evans wrote:
>
> On Fri, Mar 23, 2012 at 3:45 PM, darwin_tech  
> wrote:
> > Thanks for the reply.
> >
> > I guess not directly related to Django, though this virtualenv is very 
> much
> > for the purpose of a Django project and I hoped other Django users had 
> come
> > across this particular problem.
> >
> > Thankyou for the response though - do I need to install libpng in the
> > virtualenv (sorry - just starting to use virtualenv) ?
> >
> > Sam
> >
>
> No, the C compiler is entirely ignorant about virtualenv, they are
> solely a python thing. You probably have libpng installed, but not
> libpng-devel, which supplies the headers that allow programs to
> compile against libpng*. Alternatively, you may not have libpng
> installed at all...
>
> Cheers
>
> Tom
>
> * Do Linux distros still do this? I use FreeBSD, so am not affected by
> this madness. Why would an OS install a binary library and not install
> the headers, the very thing that allow you to use the library
> yourself. Madness.
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/django-users/-/dXuPEeWsqJcJ.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Accessing objects from a dictionary in templates

[gowtham]

Hi Everyone,
I am trying to pass a dictionary with numerical  as key and a object as
value to my template...
i construct it like this:
reslibdic[res.result_id]=Library.objects.get(libraryresult__result__result_id=res.result_id)

But, in template, rather than iterating over the dictionary (using for and
items)  i would like to access them using keys. So, i wrote the following
template tag fiter.

def hash(h,key):
if key in h:
return h[key]
else:
return None

And in template i am using it like following.
{{ reslibdic|hash:res.result_id }}

But, this gives me the primary key of the object NOT the OBJECT itself. I
would like to get the object itself so that i can access and print its
different values/fields.

Any idea? Or am I too stupid not being able to google
this successfully since this morning.

I can alter the filter say return h[key]. to work. But, i just
dont think it is efficient to make one filter for each filed.


Thanks a bunch in advance,
Gowthaman


{code}
reslibdic = {}
allres = Result.objects.filter(resultslgene__geneid=geneid)
 for res in allres:
reslibdic[res.result_id]=Library.objects.get(libraryresult__result__result_id=res.result_id)

{code}

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: ANNOUNCE: Django 1.4 released

[Mário Neto]

Great! \,,/_

2012/3/23 James Bennett 

> Django 1.4 is finally here!
>
> For details, checkout the weblog:
>
> https://www.djangoproject.com/weblog/2012/mar/23/14/
>
> And the release notes:
>
> https://docs.djangoproject.com/en/dev/releases/1.4/
>
> --
> You received this message because you are subscribed to the Google Groups
> "Django users" group.
> To post to this group, send email to django-users@googlegroups.com.
> To unsubscribe from this group, send email to
> django-users+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/django-users?hl=en.
>
>


-- 
Att. *Mário Araújo Chaves Neto*
*Programmer, Designer and U.I. Engineer*
*
*
*MBA in Design Digital* - 2008 - FIC
*Analysis and Systems Development* - 2011 - Estácio
*D**esign and Implementation of Internet Environments* - 2003 - FIC

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: ANNOUNCE: Django 1.4 released

[Jeff Heard]

Do the PyCharm devs read this list? Will 1.4 work inside pycharm 2.5?


On Mar 23, 2012, at 3:58 PM, Mário Neto  wrote:

> Great! \,,/_
> 
> 2012/3/23 James Bennett 
> Django 1.4 is finally here!
> 
> For details, checkout the weblog:
> 
> https://www.djangoproject.com/weblog/2012/mar/23/14/
> 
> And the release notes:
> 
> https://docs.djangoproject.com/en/dev/releases/1.4/
> 
> --
> You received this message because you are subscribed to the Google Groups 
> "Django users" group.
> To post to this group, send email to django-users@googlegroups.com.
> To unsubscribe from this group, send email to 
> django-users+unsubscr...@googlegroups.com.
> For more options, visit this group at 
> http://groups.google.com/group/django-users?hl=en.
> 
> 
> 
> 
> -- 
> Att. Mário Araújo Chaves Neto
> Programmer, Designer and U.I. Engineer
> 
> MBA in Design Digital - 2008 - FIC
> Analysis and Systems Development - 2011 - Estácio
> Design and Implementation of Internet Environments - 2003 - FIC
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Django users" group.
> To post to this group, send email to django-users@googlegroups.com.
> To unsubscribe from this group, send email to 
> django-users+unsubscr...@googlegroups.com.
> For more options, visit this group at 
> http://groups.google.com/group/django-users?hl=en.

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: ANNOUNCE: Django 1.4 released

[Andre Terra]

Hooray!

Congrats to everyone involved, especially all that worked on bringing
timezone support to this increasingly amazing web framework.

I don't mean to nitpick but a minor detail in the release notes requires
some attention:

"Django does not support Python 3.x at this time. At some point before the
release of Django 1.4, we plan to publish a document outlining our full
timeline for deprecating Python 2.x and moving to Python 3.x."

Have we got a timeline yet?

Cheers,
AT
On Mar 23, 2012 2:11 PM, "James Bennett"  wrote:

> Django 1.4 is finally here!
>
> For details, checkout the weblog:
>
> https://www.djangoproject.com/weblog/2012/mar/23/14/
>
> And the release notes:
>
> https://docs.djangoproject.com/en/dev/releases/1.4/
>
> --
> You received this message because you are subscribed to the Google Groups
> "Django developers" group.
> To post to this group, send email to django-develop...@googlegroups.com.
> To unsubscribe from this group, send email to
> django-developers+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/django-developers?hl=en.
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: Pip install matplotlib error with virtualenv

[Reinout van Rees]

On 23-03-12 18:51, darwin_tech wrote:

the weird thing is that matplotlib works fine on my system. If I have a
Django project running outside of virtualenv, there is no problem and
matplotlib is on the pythonpath.


One of virtualenv's options is to isolate you *completely* from the 
system python. "virtualenv -s" or something like that.


Perhaps you passed along that option? In that case, nothing in your 
virtualenv can find the system python's matplotlib.




Reinout

--
Reinout van Reeshttp://reinout.vanrees.org/
rein...@vanrees.org http://www.nelen-schuurmans.nl/
"If you're not sure what to do, make something. -- Paul Graham"

--
You received this message because you are subscribed to the Google Groups "Django 
users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: Pip install matplotlib error with virtualenv

[Reinout van Rees]

On 23-03-12 21:37, Reinout van Rees wrote:

On 23-03-12 18:51, darwin_tech wrote:

the weird thing is that matplotlib works fine on my system. If I have a
Django project running outside of virtualenv, there is no problem and
matplotlib is on the pythonpath.


One of virtualenv's options is to isolate you *completely* from the
system python. "virtualenv -s" or something like that.


I checked, it is '--no-site-packages'.


Reinout

--
Reinout van Reeshttp://reinout.vanrees.org/
rein...@vanrees.org http://www.nelen-schuurmans.nl/
"If you're not sure what to do, make something. -- Paul Graham"

--
You received this message because you are subscribed to the Google Groups "Django 
users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: Accessing objects from a dictionary in templates

[Reinout van Rees]

On 23-03-12 20:56, gowtham wrote:


But, in template, rather than iterating over the dictionary (using for
and items)  i would like to access them using keys.


You can, can't you?  {{ my_dict.some_key }}.

You're using numerical keys, which might not work as well.
But you can try something like {{ my_dict.42 }}.


Reinout

--
Reinout van Reeshttp://reinout.vanrees.org/
rein...@vanrees.org http://www.nelen-schuurmans.nl/
"If you're not sure what to do, make something. -- Paul Graham"

--
You received this message because you are subscribed to the Google Groups "Django 
users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: Accessing objects from a dictionary in templates

[gowtham]

Hi Reinout,
Thanks.

But, i could not get it.  It prints the primary key of the stored object
rather than the object itself.

Gowthaman

On Fri, Mar 23, 2012 at 1:41 PM, Reinout van Rees wrote:

> On 23-03-12 20:56, gowtham wrote:
>
>>
>> But, in template, rather than iterating over the dictionary (using for
>> and items)  i would like to access them using keys.
>>
>
> You can, can't you?  {{ my_dict.some_key }}.
>
> You're using numerical keys, which might not work as well.
> But you can try something like {{ my_dict.42 }}.
>
>
> Reinout
>
> --
> Reinout van Reeshttp://reinout.vanrees.org/
> rein...@vanrees.org 
> http://www.nelen-schuurmans.**nl/
> "If you're not sure what to do, make something. -- Paul Graham"
>
> --
> You received this message because you are subscribed to the Google Groups
> "Django users" group.
> To post to this group, send email to django-users@googlegroups.com.
> To unsubscribe from this group, send email to django-users+unsubscribe@**
> googlegroups.com .
> For more options, visit this group at http://groups.google.com/**
> group/django-users?hl=en
> .
>
>


-- 
Gowthaman

Bioinformatics Systems Programmer.
SBRI, 307 West lake Ave N Suite 500
Seattle, WA. 98109-5219
Phone : LAB 206-256-7188 (direct).

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: Accessing objects from a dictionary in templates

[Reinout van Rees]

On 23-03-12 22:00, gowtham wrote:


But, i could not get it.  It prints the primary key of the stored object
rather than the object itself.


Well, I don't know what's in the stored object. How are you supposed to 
print it?


Something like {{ my_object.name }}{{ my_object.description }} or so?



Reinout

--
Reinout van Reeshttp://reinout.vanrees.org/
rein...@vanrees.org http://www.nelen-schuurmans.nl/
"If you're not sure what to do, make something. -- Paul Graham"

--
You received this message because you are subscribed to the Google Groups "Django 
users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: Multiple Choice Quiz

[jbr3]

Hi again,

I've been trying to figure this out for awhile, but to no avail. I'll
try to list the problems I've had in understanding it.

1. I'm not sure what the forms.py file should look like.

Going by Shawn's model, would it be something like:

" class GuessForm(ModelForm):
  class Meta:
  model= Guess
  exclude = ('user') "

This gives me a dropdown list of possible answers, but no form changes
I've tried to make give me multiple radio buttons or multiple
checkboxes. Have I selected the wrong model to make the modelform
from ?

2. I don't completely understand the concept of using Booleans. I've
added admin functionality to the app so I can add questions and
potential answers as well as select (using a checkbox) the correct
response. Based on the model Shawn provided, selecting one of the
checkboxes generated in admin makes that choice true and the others
false. The user's answer needs to be compared against these, but I
don't understand how I would achieve that. I assume I'm supposed to
set this up in the form, but I can't get the radio buttons or
checkboxes to work there. I can successfully submit an answer from the
dropdown, but I still have no idea how it would be compared to the
stored boolean value. Do I have to write more code for this ? And what
would the best way be to retrieve it ?

Also, in the examples I've seen, BooleanField() in forms involves
creating a list of choices in the form. But it doesn't seem like I
would need such a thing if I'm just using radio buttons whose value
will be checked against a changing option for each question. Yet I
can't really see how an alternative approach would work.

3. I don't know what the template should look like. It seems like I
should be mixing the form fields with data passed directly from the
model by using views. In my view, I've set
"Question.objects.get(id=1)" to a variable. I've passed that to the
template. But I've also used "{{ form.as_p }}". That gives me the
possible answers that had been entered in the admin in the template.
But, the answers aren't generated as radio buttons with text next to
them. It seems like I would have to pass the actual text of the
answers using views (setting "variable.answer_set.all()  to another
variable and then passing it to the template) and then generate radio
buttons some other way. When I generated the buttons in the template,
though, the submission failed. I don't see how these could be checked
against the boolean value stored for the right answer. And, like I
said, I can't figure out how to make them work properly with the
form.

I know I've asked this already, but is it possible for anyone to show
some sample code so I can understand how this should be done using
Shawn's models. I've been trying to get this for awhile now, but I
still don't really understand it. I know there are about fifty
different questions here, but if anyone could help out in any way it
would be appreciated.

Thanks




On Mar 14, 11:36 pm, jbr3  wrote:
> Can anyone help me with some questions I still have about this ? I
> haven't had much experience with web programming, so trying to
> understand this is kind of challenging.
>
> 1. I created the models Shawn suggested. And I'm now able to add a
> question and possible answers to it in the admin area. Each possible
> answer has a checkbox next to it with the "Correct" label from the
> model. Does setting the correct response require anything more than
> selecting the appropriate checkbox and saving the question ?
>
> 2. I still don't understand how I'm supposed to combine these three
> models together in order to get the right output for the user. I've
> been trying different approaches in views.py, forms.py and my
> template. But I can't really figure out how this should be set up. I
> don't like to keep asking for such direct examples.
> But would anyone be able to provide kind of an abstract view based on
> the model Shawn provided.
>
> On Mar 11, 5:16 pm, jbr3  wrote:
>
> > Thanks for responding Shawn. I guess I was thinking that if I wanted
> > to save the user's responses and the correct answers a different model
> > would be needed for both.
>
> > On Mar 11, 4:11 pm, Shawn Milochik  wrote:
>
> > > I think I'd do this:
>
> > > Models:
>
> > >      Question
> > >          question text
>
> > >      Answer
> > >          question foreign key
> > >          answer text
> > >          correct (boolean)
>
> > >      Guess
> > >          user foreign key
> > >          answer foreign key
>
> > > That should be all you need (along with the User model or your own
> > > method of tracking unique users without forcing them to register).
>
> > > I don't understand what your fourth model is for.

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more option

Re: Accessing objects from a dictionary in templates

[gowtham]

Yes, That is correct.

Let me step back a bit and explain you what i am trying. It's quite
possible i am doing the right thing.

I have two models (Library and Result) linked by a third linking model
(libraryresult (has id, library_id and result_id fields FKeyed to
respective tables). A many to many relationship.

[ And please point to me if I can query it in any other way?]

I want to pick a set of results (result_id) and want to get all the related
libraries with them.

1. So, i query Results first.
allres = Result.objects.filter(resultslgene__geneid=geneid)

2. Then for each result_id, i get a library object and store it in a
dictionary.
reslibdic[res.result_id]=Library.objects.get(libraryresult__result__result_id=res.result_id)

3. I pass both 'allres' objects list and 'reslibdic' dictionary to template
to display

{% for res in allres %}
{{ res.result_id }}
{{ res.genome.organism.organismcode }}
{{ reslibdic.res.result_id.librarycode }} =? this does not
work obviously. but indicates what i want to do

{% endfor %}

In template, i want to access the all the library objects (passed as
dictinary values) and print values for that.

Dictinoary works when I iterate via .items. But not direct access using
keys. So, i wrote filters.still i could either get only primary ids of
the library object or with really customized filters (one for each field in
library object) i get what i wanted

Not sure if I clarified well or confused more

Anyway, i really appreciate your efforts to help me.
Gowthaman

On Fri, Mar 23, 2012 at 3:07 PM, Reinout van Rees wrote:

> On 23-03-12 22:00, gowtham wrote:
>
>>
>> But, i could not get it.  It prints the primary key of the stored object
>> rather than the object itself.
>>
>
> Well, I don't know what's in the stored object. How are you supposed to
> print it?
>
> Something like {{ my_object.name }}{{ my_object.description }} or
> so?
>
>
>
>
> Reinout
>
> --
> Reinout van Reeshttp://reinout.vanrees.org/
> rein...@vanrees.org 
> http://www.nelen-schuurmans.**nl/
> "If you're not sure what to do, make something. -- Paul Graham"
>
> --
> You received this message because you are subscribed to the Google Groups
> "Django users" group.
> To post to this group, send email to django-users@googlegroups.com.
> To unsubscribe from this group, send email to django-users+unsubscribe@**
> googlegroups.com .
> For more options, visit this group at http://groups.google.com/**
> group/django-users?hl=en
> .
>
>


-- 
Gowthaman

Bioinformatics Systems Programmer.
SBRI, 307 West lake Ave N Suite 500
Seattle, WA. 98109-5219
Phone : LAB 206-256-7188 (direct).

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: Accessing objects from a dictionary in templates

[gowtham]

sorry, I meant to say
"It's quite possible i am NOT doing the right thing."








On Fri, Mar 23, 2012 at 3:24 PM, gowtham  wrote:

> Yes, That is correct.
>
> Let me step back a bit and explain you what i am trying. It's quite
> possible i am doing the right thing.
>
> I have two models (Library and Result) linked by a third linking model
> (libraryresult (has id, library_id and result_id fields FKeyed to
> respective tables). A many to many relationship.
>
> [ And please point to me if I can query it in any other way?]
>
> I want to pick a set of results (result_id) and want to get all the
> related libraries with them.
>
> 1. So, i query Results first.
> allres = Result.objects.filter(resultslgene__geneid=geneid)
>
> 2. Then for each result_id, i get a library object and store it in a
> dictionary.
>
> reslibdic[res.result_id]=Library.objects.get(libraryresult__result__result_id=res.result_id)
>
> 3. I pass both 'allres' objects list and 'reslibdic' dictionary to
> template to display
>
> {% for res in allres %}
> {{ res.result_id }}
> {{ res.genome.organism.organismcode }}
> {{ reslibdic.res.result_id.librarycode }} =? this does not
> work obviously. but indicates what i want to do
>
> {% endfor %}
>
> In template, i want to access the all the library objects (passed as
> dictinary values) and print values for that.
>
> Dictinoary works when I iterate via .items. But not direct access using
> keys. So, i wrote filters.still i could either get only primary ids of
> the library object or with really customized filters (one for each field in
> library object) i get what i wanted
>
> Not sure if I clarified well or confused more
>
> Anyway, i really appreciate your efforts to help me.
> Gowthaman
>
> On Fri, Mar 23, 2012 at 3:07 PM, Reinout van Rees wrote:
>
>> On 23-03-12 22:00, gowtham wrote:
>>
>>>
>>> But, i could not get it.  It prints the primary key of the stored object
>>> rather than the object itself.
>>>
>>
>> Well, I don't know what's in the stored object. How are you supposed to
>> print it?
>>
>> Something like {{ my_object.name }}{{ my_object.description }} or
>> so?
>>
>>
>>
>>
>> Reinout
>>
>> --
>> Reinout van Reeshttp://reinout.vanrees.org/
>> rein...@vanrees.org 
>> http://www.nelen-schuurmans.**nl/
>> "If you're not sure what to do, make something. -- Paul Graham"
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Django users" group.
>> To post to this group, send email to django-users@googlegroups.com.
>> To unsubscribe from this group, send email to django-users+unsubscribe@**
>> googlegroups.com .
>> For more options, visit this group at http://groups.google.com/**
>> group/django-users?hl=en
>> .
>>
>>
>
>
> --
> Gowthaman
>
> Bioinformatics Systems Programmer.
> SBRI, 307 West lake Ave N Suite 500
> Seattle, WA. 98109-5219
> Phone : LAB 206-256-7188 (direct).
>



-- 
Gowthaman

Bioinformatics Systems Programmer.
SBRI, 307 West lake Ave N Suite 500
Seattle, WA. 98109-5219
Phone : LAB 206-256-7188 (direct).

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: Accessing objects from a dictionary in templates

[gowtham]

Template tag filters like this (made one for each field in the library
object) helps me to get what i wanted But, that seems too silly to do...

in template
{{ reslibdic|hash2libcode:res.result_id }}


in template tag file:

def hash2libcode(h,key):
if key in h:
return h[key].librarycode
else:
return None

register.filter(hash2libcode)

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

serialize queryset metadata - what's the best approach?

[mikeS]

I'm looking at letting my users implement reports via a web interface where 
they can essentially define the report. I need to store that report 
definition in the db, so they can re-run it whenever.

The problem I have is serialize all that to and from a QuerySet.
I've hacked something that builds the query from the web definition using 
Qs.
I pass that into a query set, call _as_sql on it, save/serialize the sql 
and the params in the db.
Then next time, read that and pass it into raw.

It's pretty hacky and I'd like to avoid using _as_sql if possible.
Is there a better way to implement what I want?

Cheers,
Mike S.

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/django-users/-/J12imxAupPkJ.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Django FOrms

[prem]

I'm using Django forms and need to create a list box.

What would be the equivalent of listbox in Django form fields?

Here is my code snippet,

Models.py

class Volunteer(models.Model):
   NO_OF_HRS = (('1','1')   ('2','2'))
  datecreated = models.DateTimeField()
  volposition = models.CharField(max_length=300)
  roledesc= models.CharField(max_length=300)
  Duration= models.CharField(choices=NO_OF_HRS,max_length=1)**
forms.py

class VolunteerForm(forms.ModelForm)
datecreated = forms.DateField(label=u'Creation Date')
volposition = forms.CharField(label=u'Position Name',
max_length=300)
roledesc= forms.roledesc(label=u'Role
description',max_length=5000)
Duration=
forms.CharField(widget=forms.select(choices=NO_OF_HRS),max_length=2)

 When I try to run, I get the following error,

NO_OF_HRS is not defined

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: Django FOrms

[dummyman dummyman]

Hi, u ve not inserted comma after a first entry in the tuple NO_OF_HRS

On Sat, Mar 24, 2012 at 3:11 AM, prem  wrote:

> I'm using Django forms and need to create a list box.
>
> What would be the equivalent of listbox in Django form fields?
>
> Here is my code snippet,
>
> Models.py
>
> class Volunteer(models.Model):
>   NO_OF_HRS = (('1','1')   ('2','2'))
>  datecreated = models.DateTimeField()
>  volposition = models.CharField(max_length=300)
>  roledesc= models.CharField(max_length=300)
>  Duration= models.CharField(choices=NO_OF_HRS,max_length=1)**
> forms.py
>
> class VolunteerForm(forms.ModelForm)
>datecreated = forms.DateField(label=u'Creation Date')
>volposition = forms.CharField(label=u'Position Name',
> max_length=300)
>roledesc= forms.roledesc(label=u'Role
> description',max_length=5000)
>Duration=
> forms.CharField(widget=forms.select(choices=NO_OF_HRS),max_length=2)
>
>  When I try to run, I get the following error,
>
> NO_OF_HRS is not defined
>
> --
> You received this message because you are subscribed to the Google Groups
> "Django users" group.
> To post to this group, send email to django-users@googlegroups.com.
> To unsubscribe from this group, send email to
> django-users+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/django-users?hl=en.
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Filtering a second admin dropdown's contents based on the first dropdown's selection

[Sithembewena Lloyd Dube]

Hi everyone,

I have two dropdowns on the create/ edit pages of an object in the admin
site. I need to filter the second dropdown's contents based on the
selection in the first (as a user-friendliness measure). I have tried the
recommended use of formfield_or_foreignkey with no progress. The difference
is that the following example uses the request object's user, whereas I
need a way to obtain and use the first dropdown's selected item.

I also noticed that the form does not post when a selection is made.

class MyModelAdmin(admin.ModelAdmin):
def formfield_for_foreignkey(self, db_field, request, **kwargs):
if db_field.name == "car":
kwargs["queryset"] = Car.objects.filter(owner=request.user)
return db_field.formfield(**kwargs)
return super(MyModelAdmin,
self).formfield_for_foreignkey(db_field, request, **kwargs)


Any ideas?

-- 
Regards,
Sithembewena Lloyd Dube

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.