I have 2 Django forms: one, where the user uploads an article, and the second, where the user can edit a list of article words into one of three buckets (change the column value: bucket 1-3).
forms.py
class UploadForm(forms.ModelForm):
class Meta:
model = Upload
fields = ('name','last_name','docfile',)
class Doc_wordsForm(forms.ModelForm):
class Meta:
model= Doc_words
fields= ('id','word','word_type','upload',) #upload is foreign key value
After the user uploads the article, I have a function in views.py that breaks down the uploaded article into a list of words.
I want these words to be looped through and added to a database table(where each row is a word), then have the second form reference these words.
Views.py
# upload_id = (request.GET.get("id"))
if request.method == 'POST':
form = UploadForm(request.POST, request.FILES)
if form.is_valid():
form.save()
data = request.FILES['docfile']#.read().decode('UTF-8')
words=get_keywords(data)
results=list(find_skills(words))
for word in results:
form2 = Resume_words(word = word, word_type='exclude', upload = upload_id)
form2.save()
return render(request, 'word_list.html',{
"results":results
})
else:
form = UploadForm()
return render(request, 'upload.html', {
'form':form
})
I having trouble pulling these pieces together and I'm desperate for help of any kind! I having trouble with the following steps:
I don't know how to capture the current users instance when saving to the table. I get an error in the above Views.py code.
I don't know how to have the second form reference the current user from the first form.
Please let me know if I can provide more information or clarity on anything above. Also, feel free to answer one question, or simply point me to where there is an example similar to this, any light shed is greatly appreciated.
There are many ways to get user's info in view. the most basic way (not recommended, AT ALL!) is to pass user's id to every view from every view. for example in login view you pass user's id in context:
return render(request, 'main_page.html',{
"user_id":user.id
})
and make every view get this id whether in url or query parameter.
using url:
urls.py
path('any/pk/', AnyView.as_view(), name='carrot'),
view.py
class AnyView(Views):
def get(request, pk):
user=User.objects.get(pk=pk)
def post(request, pk):
user=User.objects.get(pk=pk)
your_template.html
<!-- post request -->
<form action="{% url 'carrot' user_id %}" method="post">...</form>
<!-- get request -->
<a href={% url 'carrot' user_id %}></a>
using query parameters:
urls.py
path('any/', AnyView.as_view(), name='carrot'),
view.py
class AnyView(Views):
def get(request):
user=request.GET.get('pk', False)
if user:
user=User.objects.get(pk=pk)
def post(request):
user=request.POST.get('pk', False)
if user:
user=User.objects.get(pk=pk)
your_template.html
<!-- post request -->
<form action="{% url 'carrot' %}?pk={{ user_id }}" method="post">...</form>
<!-- get request -->
a much much better way is using django default authentication for log in, log out, permission handling and finally getting user information from request without all this unnecessary code.
view.py
class AnyView(Views):
def get(request):
user=request.user
def post(request):
user=request.user
to implement django authentication check this link:
https://developer.mozilla.org/en-US/docs/Learn/Server-side/Django/Authentication
Related
I am working on an application that stores data on different artists, venues, and notes the user can create for shows. I am currently trying to implement a feature to delete an existing note based off it's PK and the users PK associated with that note. I have most the work done but I don't know how they are storing the current logged in users PK to check before deleting.
Here is what I have so far and links for reference:
https://github.com/claraj/lmn/blob/master/lmn/views/views_notes.py
# Note related paths
path('notes/latest/', views_notes.latest_notes, name='latest_notes'),
path('notes/detail/<int:note_pk>/', views_notes.note_detail, name='note_detail'),
path('notes/for_show/<int:show_pk>/', views_notes.notes_for_show, name='notes_for_show'),
path('notes/add/<int:show_pk>/', views_notes.new_note, name='new_note'),
path('notes/detail/<int:show_pk>/delete', views_notes.delete_note, name='delete_note'),
https://github.com/claraj/lmn/blob/master/lmn/urls.py
# Delete note for show
#login_required
def delete_note(request, show_pk):
# I need to grab the existing note PK and user PK associated with that note
# Then check if the current user matches the PK associated with that note to delete or return a 403 status code.
if note.user == request.user:
note.delete()
return redirect('latest_notes')
else:
return HttpResponseForbidden
https://github.com/claraj/lmn/blob/master/lmn/templates/lmn/notes/note_list.html
# Grabs PK for specific note
<form action="{% url 'delete_note' note.pk %}" method="POST">
{% csrf_token %}
<button type="submit" class="delete">Delete</button>
</form>
You can do the filtering in a single .delete() query:
from django.http import HttpResponseForbidden
# Delete note for show
#login_required
def delete_note(request, show_pk):
dels, __ = Note.objects.filter(
pk=show_pk,
user=request.user
).delete()
if dels:
return return redirect('latest_notes')
return HttpResponseForbidden()
A GET request however is not supposed to change entities. Only requests like POST, PUT, PATCH, DELETE, etc. are. Therefore you might want to restrict this to only POST requests:
from django.http import HttpResponseForbidden
from django.views.decorators.http import require_http_methods
# Delete note for show
#login_required
#require_http_methods(['POST', 'DELETE'])
def delete_note(request, show_pk):
dels, __ = Note.objects.filter(
pk=show_pk,
user=request.user
).delete()
if dels:
return return redirect('latest_notes')
return HttpResponseForbidden()
So currently I'm on a page with a url link like this
urls.py :
path('key/<int:pk>', views.KeyDetailView.as_view(), name='roomkey-detail'),
views.py :
class KeyDetailView(generic.DetailView):
model = RoomKey
this lists out a list of keys available to be borrowed for a particular room. Then when I try to head to the next page, where is a request I can make to borrow out one of the keys for that room, Here is the urls and views responsible for rendering the roomkey-request page
urls.py :
path('key/<int:pk>/request', views.KeyRequestCreate.as_view(), name='roomkey-request')
views.py :
class KeyRequestCreate(CreateView):
model = KeyRequest
fields = ['roomkey', 'requester', 'borrower', 'request_comments']
template_name = 'catalog/roomkey_request_form.html'
there is a button that on that page that links to a terms and agreement page that looks like this
roomkey_request_form.html :
terms and conditions
urls.py :
path('key/<int:pk>/request/agreement', views.KeyAgreement, name='key-agreement'),
views.py :
def KeyAgreement(request):
return render(
request,
'catalog/roomkey_agreement.html',
)
however when try to click on that request button to request a key, django throws an error
NoReverseMatch at /catalog/key/2/request
Reverse for 'key-agreement' with arguments '('',)' not found. 1 pattern(s)
tried: ['catalog\\/key\\/(?P<pk>[0-9]+)\\/request\\/agreement$']
I have a button on the terms and agreement to go back to the request page something that looks like this
<button href="{% url 'roomkey-request' roomkey.pk %}" >Return to request</button>
will this return to the request page with the correct pk? I think i'm just confused with how the url handles pk and how it get's passed on.I am thinking this had to do with something the keyagreement not being able to take in that pk from the details page, can someone please explain to me what I am doing wrong or point me to some resource that can help me understand how urls pass along the pk from view to view? I am fairly new to django so thanks for your help in advance!!
Try:
def KeyAgreement(request, pk): #-->pk in argument
return render(
request,
'catalog/roomkey_agreement.html',
)
If you want to use roomkey.pk in the roomkey_request_form.html template, you need to add roomkey to the template context. You can do this in the get_context_data method.
Since you already have the roomkey pk from the URL, you can remove it from fields. Then set roomkey in the form_valid method before saving.
class KeyRequestCreate(CreateView):
model = KeyRequest
fields = ['requester', 'borrower', 'request_comments']
template_name = 'catalog/roomkey_request_form.html'
def get_context_data(self, **kwargs):
context = super(KeyRequestCreate, self).get_context_data(**kwargs)
context['roomkey'] = get_object_or_404(RoomKey, pk=pk)
def form_valid(self, form):
form.instance.roomkey = get_object_or_404(RoomKey, pk=pk)
return super(KeyRequestCreate, self).get_form(form)
If you want to use roomkey in the agreement view, you'll have to make some changes to it as well.
First, you need to add pk to the function signature since you have <int:pk> in its URL pattern.
Then, you need to include roomkey in the template context.
from django.shortcuts import get_object_or_404
def key_agreement(request, pk):
roomkey = get_object_or_404(roomkey, pk=pk)
return render(
request,
'catalog/roomkey_agreement.html',
{'roomkey': roomkey}
)
Note that I've renamed the view function to key_agreement to match the recommended style. You'll need to update the URL pattern as well.
path('key/<int:pk>/request/agreement', views.KeyAgreement, name='key-agreement'),
Imagine we have a detail page for the blog posts of a blog and we accept comments on this page, now we need to know which post we are commenting on, in our views so we can make a comment object for that post.
How is possible to set the {{ post.id }} in a HiddenInput widget value so we can then use it in our comment views
I tried to manually add this to my html form but I want to use form template tags so I can validate the form later:
<input type="hidden" name="post_comment" value="{{post.id}}>
forms.py:
comment_post = forms.Field(widget=forms.HiddenInput())
views.py:
def comment(request):
if request.method == 'POST':
form = CommentForm(request.POST)
if form.is_valid():
Comment.objects.create(text=form.cleaned_data['comment_text'],post=form.cleaned_data['comment_post'] ,cm_author=request.user)
return HttpResponseRedirect(request.META.get('HTTP_REFERER'))
In general I'd do this by setting the post ID based on something other than a form value. In order to set the post to comment relationship your view has to know which post is being commented on - probably as a URL element - so I'd just use that directly rather than passing it around as form data. Something like:
from django.shortcuts import get_object_or_404
def comment(request, post_id):
post = get_object_or_404(Post, id=post_id)
if request.method == 'POST':
form = CommentForm(request.POST)
if form.is_valid():
new_comment = form.save(commit=False)
new_comment.post = post
new_comment.save()
# usual form boilerplate below here
One way you could implement this in your uris.py is:
uris:
url(r'(?P<post_id>\d+)/$', views.comment, name="comment")
Depending on the rest of your URL structure it might be clearer to include more context:
url(r'post/(?P<post_id>\d+)/comment/$', views.comment, name="comment")
But that's basically down to personal preference unless you're aiming for a REST-style API.
There's no need to specify the form action differently - the usual action="" will submit the form to a URI that includes the ID, since it's part of the URI that displays the form.
If for some reason you want to do this with the hidden input, use an initial argument when creating the form.
if request.method == 'POST':
form = CommentForm(request.POST, initial={'comment_post': post})
# usual processing
else:
form = CommentForm(initial={'comment_post': post})
# and render
I assume your model Comment has a foreign key relationship with Post, you can just use forms.ModelChoiceField for comment_post:
comment_post = forms.ModelChoiceField(queryset=Post.objects.all(),
widget=forms.HiddenInput())
In the views, give current post object as initial data to the comment_post:
# assume you have a variable that called "current post"
comment_form = CommentForm(request.POST, initial={'comment_post': current_post})
Just in case you are not sure what's the behavior, it's going to create a hidden form field and pre-populate selected data with current_post, then when you POST the form, the form already contains the data, you call comment_form.save() and that's it.
Is there a way I can pass data from a form submission over to the 'thank you' page. The reason i'd like to do this is because I have a form on the website, where the user will select multiple fields which all contains different PDF's.
So once the user has submitted the form the idea is to re-direct them to a thankyou page, where they can view the list of pdf/files they have selected on the form.
I hope this is enough info to go on. Here are my views / models.
def document_request(request, *args):
# template = kwargs['name'] + ".html"
if request.method == 'POST':
form = forms.ReportEnquiryForm(request.POST)
print(request.POST)
if form.is_valid():
docrequest = form.save()
return HttpResponseRedirect(reverse('thank_you', kwargs={'id': docrequest.id}))
else:
form = forms.ReportEnquiryForm()
return render_to_response('test.html',{'form':form})
def thank_you(request):
docrequest = DocumentRequest.objects.get(pk=id)
return render_to_response('thankyou.html',
{'docrequest' : docrequest },
context_instance=RequestContext(request))
My initial idea was to pass the data to a new view called thank_you. But not this is possible.
class DocumentUpload(models.Model):
name = models.CharField(max_length="200")
document_upload = models.FileField(upload_to="uploads/documents")
def __unicode__(self):
return "%s" % self.name
class DocumentRequest(models.Model):
name = models.CharField(max_length="200")
company = models.CharField(max_length="200")
job_title = models.CharField(max_length="200")
email = models.EmailField(max_length="200")
report = models.ManyToManyField(DocumentUpload)
def __unicode__(self):
return "%s" % self.name
form.py
class ReportEnquiryForm(forms.ModelForm):
class Meta:
model = models.DocumentRequest
fields = ('name', 'company', 'job_title', 'email', 'report')
If you need anymore info, please ask :)
You've saved the user's submission in a DocumentRequest object. So you can pass the ID of that object in the URL when you redirect, and in the thank_you view you can get the DocumentRequest and render the list.
Edit The idea is to make the thank_you page like any other view that accepts a parameter from the URL:
url(r'thanks/(?P<id>\d+)/$, 'thank_you', name='thank_you')
and so the POST part of the form view becomes:
if form.is_valid():
docrequest = form.save()
return HttpResponseRedirect(reverse('thank_you', kwargs={'id': docrequest.id}))
and thank_you is:
def thank_you(request, id):
docrequest = DocumentRequest.objects.get(pk=id)
return render_to_response('thankyou.html',
{'docrequest' : docrequest },
context_instance=RequestContext(request))
Second edit
As others have suggested, this makes it possible for anyone to see the request. So a better solution is to put it in the session:
docrequest = form.save()
request.session['docrequest_id'] = docrequest.id
and in thank_you:
def thank_you(request):
if not 'docrequest_id' in request.session:
return HttpResponseForbidden
docrequest = DocumentRequest.objects.get(request.session['docrequest_id'])
You can do as Daniel Roseman said but in this case the thank you pages can be accessed by anyone with the Ids.
Some ways to pass data between views are the following(the list is not mine.):
GET request - First request hits view1->send data to browser -> browser redirects to view2
POST request - (as you suggested) Same flow as above but is suitable when more data is involved
Using django session variables - This is the simplest to implement
Using client-side cookies - Can be used but there is limitations of how much data can be stored.
Maybe using some shared memory at web server level- Tricky but can be done.
Write data into a file & then the next view can read from that file.
If you can have a stand-alone server, then that server can REST API's to invoke views.
Again if a stand-alone server is possible maybe even message queues would work.
Maybe a cache like memcached can act as mediator. But then if one is going this route, its better to use Django sessions as it hides a whole lot of implementation details.
Lastly, as an extension to point 6, instead of files store data in some persistent storage mechanism like mysql.
The simplest way is to use sessions. Just add the id to the session and redirect to the thank you view, you read the id value and query the db with that id.
I've made a nice form, and a big complicated 'add' function for handling it. It starts like this...
def add(req):
if req.method == 'POST':
form = ArticleForm(req.POST)
if form.is_valid():
article = form.save(commit=False)
article.author = req.user
# more processing ...
Now I don't really want to duplicate all that functionality in the edit() method, so I figured edit could use the exact same template, and maybe just add an id field to the form so the add function knew what it was editing. But there's a couple problems with this
Where would I set article.id in the add func? It would have to be after form.save because that's where the article gets created, but it would never even reach that, because the form is invalid due to unique constraints (unless the user edited everything). I can just remove the is_valid check, but then form.save fails instead.
If the form actually is invalid, the field I dynamically added in the edit function isn't preserved.
So how do I deal with this?
If you are extending your form from a ModelForm, use the instance keyword argument. Here we pass either an existing instance or a new one, depending on whether we're editing or adding an existing article. In both cases the author field is set on the instance, so commit=False is not required. Note also that I'm assuming only the author may edit their own articles, hence the HttpResponseForbidden response.
from django.http import HttpResponseForbidden
from django.shortcuts import get_object_or_404, redirect, render, reverse
#login_required
def edit(request, id=None, template_name='article_edit_template.html'):
if id:
article = get_object_or_404(Article, pk=id)
if article.author != request.user:
return HttpResponseForbidden()
else:
article = Article(author=request.user)
form = ArticleForm(request.POST or None, instance=article)
if request.POST and form.is_valid():
form.save()
# Save was successful, so redirect to another page
redirect_url = reverse(article_save_success)
return redirect(redirect_url)
return render(request, template_name, {
'form': form
})
And in your urls.py:
(r'^article/new/$', views.edit, {}, 'article_new'),
(r'^article/edit/(?P<id>\d+)/$', views.edit, {}, 'article_edit'),
The same edit view is used for both adds and edits, but only the edit url pattern passes an id to the view. To make this work well with your form you'll need to omit the author field from the form:
class ArticleForm(forms.ModelForm):
class Meta:
model = Article
exclude = ('author',)
You can have hidden ID field in form and for edit form it will be passed with the form for add form you can set it in req.POST e.g.
formData = req.POST.copy()
formData['id'] = getNewID()
and pass that formData to form