I am trying to get my form work using previous stackoverflow answers and google but nothing seems to work for me.
I have a model Project and a project team and I would like the user to be able to choose from one of the teams that he created and link it to the project.
I am using a custom user called MyUser
that is my form in order to select a team:
from django import forms
from django.contrib.auth.models import User
from registration.models import MyUser
from .models import Project, Team
from django.contrib.auth import get_user_model
User = get_user_model()
class EditSelectTeam(forms.Form):
team_choice = forms.ModelChoiceField(widget=forms.RadioSelect, queryset=None)
def __init__(self, User, request, *args, **kwargs):
super(EditSelectTeam, self).__init__(*args, **kwargs)
self.fields['team_choice'].queryset = Team.objects.all().filter(team_hr_admin = request.User)
my views:
def TeamSelect(request):
if request.method == "POST":
select_form = EditSelectTeam(request.user, request.POST)
if select_form.is_valid():
print('sucess')
else:
print('Fail')
else:
select_form = EditSelectTeam(request)
return render(request,'link_project.html',
{'select_form':select_form })
If in my form I put request.User I get the error in my view that :
TypeError: __init__() missing 1 required positional argument: 'request'
If I do not put user in my __init__ I get the form but when I click POST I get the error
AttributeError: 'MyUser' object has no attribute 'user'
Your __init__ method takes User and request,
def __init__(self, User, request, *args, **kwargs):
but you only ever pass one of these to the form:
select_form = EditSelectTeam(request.user, request.POST)
...
select_form = EditSelectTeam(request)
I would change the __init__ method to just take user (lowercase),
def __init__(self, user, *args, **kwargs):
super(EditSelectTeam, self).__init__(*args, **kwargs)
self.fields['team_choice'].queryset = Team.objects.all().filter(team_hr_admin=user)
then change the view to always pass request.user.
select_form = EditSelectTeam(request.user, request.POST)
...
select_form = EditSelectTeam(request.user)
Related
I'm new to Django Class Based Views and I can't get my form to pass through neither form_valid() nor form_invalid().
I have taken most of this code from the Django allauth module, so I extend some mixins (AjaxCapableProcessFormViewMixin & LogoutFunctionalityMixin) that I do not know well.
This form is meant to allow users to change their passwords upon receiving an email. As it is now, users are able to change their password but since the form_valid() function is never triggered, they do no get redirected to the success URL as is intended. Instead the password change is registered but the users stay on the same page.
The functions dispatch(), get_form_kwargs() & get_form_class() are all triggered and behave in the way that they should. Still, it's unclear to me why they execute in the order that they do (dispatch() is triggered first, then get_form_class() and finally get_form_kwargs(). I suppose they implicitely have an order as presented in this documentation: https://ccbv.co.uk/projects/Django/4.0/django.views.generic.edit/FormView/)
I am lacking some intuition about how this works, therefore I don't know if there is a way to redirect to the success URL without passing through form_valid() because that would also solve my problem.
As is mentionned in the title, neither form_valid() nor form_invalid() is triggered after submitting a new password. The last executed bit of code is the return kwargs from the get_form_kwargs() function.
Here is my code:
class PasswordResetFromKeyView(AjaxCapableProcessFormViewMixin, LogoutFunctionalityMixin, FormView):
template_name = "account/password_reset_from_key." + app_settings.TEMPLATE_EXTENSION
form_class = ResetPasswordKeyForm
success_url = '/'
reset_url_key = "set-password"
def get_form_class(self):
return get_form_class(
app_settings.FORMS, "reset_password_from_key", self.form_class
)
def dispatch(self, request, uuid, **kwargs):
self.request = request
token = get_object_or_404(ResetToken, token=uuid)
if token.redeemed == False:
self.reset_user = token.client
self.token = token
response = self.render_to_response(self.get_context_data(token_fail=False))
else:
return super(PasswordResetFromKeyView, self).dispatch(
request, uuid, **kwargs
)
return response
def get_form_kwargs(self, **kwargs):
kwargs = super(PasswordResetFromKeyView, self).get_form_kwargs(**kwargs)
kwargs["user"] = self.reset_user
if len(kwargs) > 3:
try:
if kwargs['data']['password1'] == kwargs['data']['password2']:
self.reset_user.set_password(kwargs['data']['password1'])
self.reset_user.save()
self.token.redeemed = True
self.token.date_redeemed = datetime.now()
self.token.save()
perform_login(
self.request,
self.reset_user,
email_verification=app_settings.EMAIL_VERIFICATION,
)
else:
pass
##passwords dont match
except:
##couldnt change the password
pass
return kwargs
def form_valid(self, form, **kwargs):
form.save()
return super(PasswordResetFromKeyView, self).form_valid(form)
def form_invalid(self, form):
response = super().form_invalid(form)
if self.request.accepts('text/html'):
return response
else:
return JsonResponse(form.errors, status=400)
If both methods are not triggered, it means - you requests.method is never is 'POST'.
The class FormView calls this two methods only if post.method == 'POST':
# code from django.views.generic.edit
...
def post(self, request, *args, **kwargs):
"""
Handle POST requests: instantiate a form instance with the passed
POST variables and then check if it's valid.
"""
form = self.get_form()
if form.is_valid():
return self.form_valid(form)
else:
return self.form_invalid(form)
By the way in dispatch, if token.redeemed == False you should return self.form_invalid().
I checked the other posts on here that have the attribute error that I have, but they seem to be for different reasons. I am currently requesting the information from a form for users to update a project page. Then, if the form is valid, I am saving the form, saving the project, then trying to return redirect to the project page; however, when I click the button, the computer renders the error page. I will attach my forms.py, views.py, models.py, and urls.py:
Views.py for the update section:
#wraps(function)
def wrap(request, *args, **kwargs):
user = request.user
name = kwargs.get('name')
if uProjects.objects.filter(project=Project.objects.get(name=name), user=user, ifAdmin=True).exists():
return function(request, *args, **kwargs)
else:
return HttpResponseRedirect('/')
return wrap
#admin_check
def update(request, name):
project = Project.objects.get(name = name)
if request.method == "POST":
pr_form = ProjectUpdateForm(request.POST,
request.FILES,
instance=project)
#if is_admin in Member == True: #need to authenticate user, access user permissions, if user has permission:
if pr_form.is_valid():
pr_form.save()
messages.success(request, f'This project has been updated.')
request.project.save()
return redirect('project')
else:
pr_form = ProjectUpdateForm(instance=project)
context = {
'pr_form': pr_form
}
return render(request, 'projects/updateproject.html', context)
forms.py for ProjectUpdateForm:
class ProjectUpdateForm(forms.ModelForm):
class Meta:
model = Project
fields=['name', 'department', 'department','bPic', 'logo',
'department', 'purpose', 'projectTag', 'lookingFor', 'recruiting']
urls.py
from projects import views as p
path('project/<str:name>/', p.project, name='project'),
path('editproject/<str:name>/', p.update, name="editproject"),
Thanks, please let me know what I can do.
Your error is in line request.project.save(), request doesn't have project attribute.
And actually you don't need to call save() method for project.
Because ProjectUpdateForm is the ModelForm and ModelForm.save() (Django docs) method will create a new instance of the specified model or update assigned instance.
#admin_check
def update(request, name):
project = Project.objects.get(name = name)
if request.method == "POST":
pr_form = ProjectUpdateForm(request.POST,
request.FILES,
instance=project)
#if is_admin in Member == True: #need to authenticate user, access user permissions, if user has permission:
if pr_form.is_valid():
# save() returns an instance object, you can use it to manipulate your object.
instance = pr_form.save()
messages.success(request, f'This project has been updated.')
# YOUR ERROR IS ⬇️ HERE request doesn't have project attribute
# request.project.save()
# redirect with arguments
return redirect('project', name=instance.name)
...
Also your redirect must contain argument name, because your project url required name attribute:
redirect('project', name=instance.name)
My views.py have a mix of def and ClassViews:
#login_required(login_url='login')
#allowed_users(allowed_roles=['Admin', 'Staff', 'Lite Scan'])
def litescan(request):
filteredOutput = Stock.objects.all()
val = {}...
#method_decorator(login_required(login_url='login'), name='dispatch')
class HomeView(ListView):
model = Post
template_name = 'community.html'
ordering = ['-id']
And here's my decorators.py if that is helpful:
from django.shortcuts import redirect
from django.http import HttpResponseRedirect
def unauthenticated_user(view_func):
def wrapper_func(request, *args, **kwargs):
if request.user.is_authenticated:
return redirect('home')
else:
return view_func(request, *args, **kwargs)
return wrapper_func
def allowed_users(allowed_roles=[]):
def decorator(view_func):
def wrapper_func(request, *args, **kwargs):
group = None
if request.user.groups.exists():
group = request.user.groups.all()[0].name
if group in allowed_roles:
return view_func(request, *args, **kwargs)
else:
url = ('/forbidden')
return HttpResponseRedirect(url)
return wrapper_func
return decorator
I found out that #login_required and #allowed_users give out an error when used with ClassView. So i used #method_decorator which brings me to the login page before redirecting to the page. However, I can not find a way to restrict access to only certain groups like Admin, Staff, Lite Scan with my ClassView.
Little help will be appreciated. Thanks!
You can use AccessMixin for your class views.
Example I found:
from django.contrib.auth.mixins import AccessMixin
from django.http import HttpResponseRedirect
class FinanceOverview(AccessMixin, TemplateMixin):
def dispatch(self, request, *args, **kwargs):
if not request.user.is_authenticated:
# This will redirect to the login view
return self.handle_no_permission()
if not self.request.user.groups.filter(name="FinanceGrp").exists():
# Redirect the user to somewhere else - add your URL here
return HttpResponseRedirect(...)
# Checks pass, let http method handlers process the request
return super().dispatch(request, *args, **kwargs)
More info found here: Use LoginRequiredMixin and UserPassesTestMixin at the same time
Relying on Django Permissions may be a far simpler approach to giving access to such a view. Rather than checking for a specific list of groups, you can assign permissions to those groups and give access to the view based on whether the user's groups have the appropriate permissions.
views.py
from django.contrib.auth.decorators import permission_required
from django.contrib.auth.mixins import PermissionsRequiredMixin
#permission_required('foo.view_bar')
def my_view(request):
...
class MyView(PermissionRequiredMixin, DetailView):
permission_required = ('foo.view_bar', )
...
Settings:
django==1.8
django-tastypie==0.13
django-axes==2.3
I've got login resource through tastypie what looks like below
from django.contrib.auth import login
class LoginResource(Resource):
class Meta:
resource_name = 'login'
allowed_methods = ['post']
def obj_create(self, bundle, **kwargs):
form = AuthForm(data=bundle.data)
if form.is_valid():
request.session.set_expiry(0)
if form.get_user():
login(bundle.request, form.get_user())
raise ImmediateHttpResponse(response=HttpResponse(status=200))
raise ImmediateHttpResponse(response=http.HttpBadRequest(status=400))
And I can't figure out how to log these login attempts in django-axes.
My own solution was next: I write custom login view in views.py
from django.contrib.auth.views import login
def core_login(request, *args, **kwargs):
kwargs["authentication_form"] = AuthForm
return login(request, *args, **kwargs)
And in tastypie resource:
from core.views import core_login
class LoginResource(Resource):
class Meta:
resource_name = 'login'
allowed_methods = ['post']
def obj_create(self, bundle, **kwargs):
bundle.request.POST = bundle.data
if core_login(bundle.request).status_code == 302:
raise ImmediateHttpResponse(response=HttpResponse(status=200))
raise ImmediateHttpResponse(response=http.HttpBadRequest(status=400))
Looking at the code from django-axes we can see it uses a decorator called watch_login to provide its functionality.
To log the login attempts using your resource you will have to apply that decorator to the view that is called when the user tries to login using that given resource.
Based on tastypie code, you could override prepend_urls method of your resource and add your url. Like this (this is just an example, wasn't tested):
def prepend_urls(self):
from axes.decorators import watch_login
urls = [
url(r"^(?P<resource_name>%s)/login$" % (self._meta.resource_name,), watch_login(self.wrap_view('dispatch_list')), name="login-enpoint")
]
return urls
How to get the session_key in form Class? It is not possible to get the request parameter to do something like this : request.user
I've got this situation, and I need to pass to function get_user session_key which is also
not possible to retrieve from request.
class CustomEntryAdminForm(EntryAdminForm):
def get_user(session_key):
session = Session.objects.get(session_key=session_key)
uid = session.get_decoded().get('_auth_user_id')
user = User.objects.get(pk=uid)
return user
categories = MPTTModelMultipleChoiceField(
label=_('Categories'), required=False,
queryset=Category.objects.filter(groups__in=get_user('uwry5olhemchxnmwa36v10zt2bg9zeci').groups.all()),
widget=MPTTFilteredSelectMultiple(_('categories'), False,
attrs={'rows': '10'}))
Use pass user as keyword argument to your form. You do not need to jump through hoops and load active session key from request and then load user from decoded session. All you need to do is:
in view:
myform = MyFormClass(user= request.user)
in form:
class MyFormClass(forms.Form):
def __init__(self, *args, **kwargs):
self.user = kwargs.pop('user', None)
super(MyFormClass, self).__init__(*args, **kwargs)
self.fields['categories'].queryset = Category.objects.filter(groups__in = self.user.groups.all())
NB! not complete working code. I just wanted to show you how you can use the self.user in queryset.