Mon 13 Nov 2017

Django

It's a web framework with an ORM, templating and routing build in.

Reverse URL Lookup

from django.core.urlresolvers import reverse

Forms

Django has some form objects for validating and cleaning up data.

These can also help with templating.

ModelForm make a form for a given Django Model, with some customization allowed.

Formsets

Many forms on one page.

Users and Groups

https://docs.djangoproject.com/en/1.11/topics/auth/

"view tools for logging in users, or restricting content"

permissions: yes/no flags designating whether a user may perform a certain task

User object:

  • username
  • password
  • email
  • firstname
  • lastname

Django provides a property request.user. This is also available in templates as {{ user }}.

Their permissions are available as {{ perms }}. https://docs.djangoproject.com/en/1.11/topics/auth/default/#permissions

View tools

Adding @login_required from django.contrib.auth.decorators to a view redirects to the login page if needed.

Alternatively, LoginRequiredMixin does the same thing.

The @user_passes_test decorator also redirects.

@permission_required("app_name.permission_code") .

Django-Admin Permissions

Defaults for each Django model class:

  • add
  • change
  • delete

You can also set permissions per model instance.

Custom permissions go in the model's meta class.

You can access them with user.has_perm('app_name.permission_model').

For example: user.has_perm('chariot.delete_sensor).