I have the following code:
class MyView(View):
var2 = Choices.objects.get(id=1)
my_strings = ['0','1','2','3']
#login_required
def myfunction(self,request):
return render(request,
'app/submit.html',{'my_strings':my_strings, 'var2':var2})
I want to access "var2" and "my_string" variables and display them in the template submit.html. If I use only the function without putting it in a class, everything works fine. But inside the class it shows errors.
Can anybody tell me how to access "var2" and "my_string" class variables in "myfunction" ?
You have to use self. In front of class variables.
Your function names in class based views should correspond to what http method you try to use(get, post etc...)
#login_required
def get(self,request):
return render(request,
'app/submit.html',{'my_strings':self.my_strings, 'var2':self.var2})
Please also read:
https://docs.djangoproject.com/en/1.9/topics/class-based-views/intro/
You don't have to write custom function to dispatch request...Django internally have the GET and POST method to do that... And also preferred way to handle login required is method_decorator
from django.utils.decorators import method_decorator
#method_decorator(login_required, name='dispatch')
class MyView(View):
string = "your string"
def dispatch(self, *args, **kwargs):
return super(MyView, self).dispatch(*args, **kwargs)
def get(self, request):
return render(request, 'template', {'string': self.string})
Related
I have Url like /foo/bar and Class based view has been defined as below.
class FooBar(View):
def handle_post_bar(self, request):
pass
def handle_get_bar(self, request):
pass
def handle_put_bar(self, request):
pass
In url i define as path('foo/bar/', FooBar.as_view())
Based on the http method and path i would like build view method names ex: handle_{0}_{1}'.format(method, path)
Please suggest me how to achive this, this should be common to all the urls and views.
i tried exploring the possibility of django middleware, but endedup in no luck.
Okey, it's certainly possible, you should write your logic like this:
class FooBar(View):
func_expr = 'handle_{0}_bar'
#csrf_exempt
def dispatch(self, request, *args, **kwargs):
method = request.method.lower()
func = self.func_expr.format(method)
if hasattr(self, func):
return getattr(self, func)(request)
raise Http404
def handle_post_bar(self, request):
print('POST')
return JsonResponse({'result': 'POST'})
def handle_get_bar(self, request):
print('GET')
return JsonResponse({'result': 'GET'})
def handle_put_bar(self, request):
print('PUT')
return JsonResponse({'result': 'PUT'})
It works for me:
Generally things like this you code on method called dispatch.
If you want to achieve it on more views (not only one) without repeating code, you should write own mixin that uses this logic.
I created a view that manages the products which belong to the current log-in user (so the current user can watch its own products):
class ProductList(View):
def get(self, request, *args, **kwargs):
products = Product.objects.get(user=self.request.user)
#...
I would like to subclass another view from it, which manages the products that belong to a user specified as a GET parameter in the url (probably different to the current user). Is it possible to do it with super() and overriding the method in product_list? Something like this:
class ProductListFromUser(ProductList):
def get(self, request, *args, **kwargs):
#not sure what code if necessary to put here...
super().get(self, request, *args, **kwargs):
#or here
#...
Basically, how can I override the get method from product_list , changing only "self.request.user" by the parameter taken from the URL
You shouldn't do either of these.
If you have a view that renders a list of items, you should use a subclass of ListView. In that view, you can define the product list in the get_queryset method, which you can define in the relevant way in your two different views.
class ProductList(ListView):
def get_queryset(self, *args, **kwargs):
return Product.objects.filter(user=self.request.user)
class ProductListFromUser(ListView):
def get_queryset(self, *args, **kwargs):
return Product.objects.filter(user__username=self.request.GET['user'])
You should rarely need to define get (or post) directly in a class-based view.
I would move the retrieval of the appropriate QuerySet to an extra method which you can override in order to reuse as much of the initial code as possible:
class ProductList(View):
def get_products(self):
return Product.objects.all()
def get(self, request, *args, **kwargs):
products = self.get_products()
# ...
class ProductList(View):
def get_products(self):
qs = super().get_products()
qs = qs.filter(user=self.request.user)
return qs
# no get needed
This very functionality comes with django's ListView and its get_queryset method.
If you retrieve the queryset for a given request using the get_queryset method, that CBV such as DetailView use, then you can simply override the get_queryset of the parent-class.
I am not very comfortable using class-based views but I am aware of their perks so I am forcing myself to start using them more often.
There's this view that receives a path param: manage/:id to manage a particular entity.
class MyView(TemplateView):
template_name = '...'
def get_context_data(self, **kwargs):
context = super(MyView, self).get_context_data(**kwargs)
context['entity'] = get_object_or_404(Entity, pk=self.args[0])
return context
An Entity includes a list of authorized users to perform special actions. This view, MyView is one of those special actions.
I tried making a decorator for the view but it required finding the Entity first so I wasn't sure how to work that out.
Now, I have a check_permission(request, entity) function that checks if the current user is one of these authorized ones.
My question is where should I call this function in the class-based views like MyView which will be any of these views considered "special actions"?
Should I call it just from get_context_data()?
put it into dispatch(). It could look like this:
class MyView(TemplateView):
template_name = '...'
def dispatch(self, request, *args, **kwargs):
entity = get_object_or_404(Entity, pk=args[0])
if not check_permission(request, entity):
raise Http404
return super(MyView, self).dispatch(request, *args, **kwargs)
You can check permissions in the dispatch as yedpodtrzitko has said. I think it's also a good idea to throw it inside of a mixin that you can put on your views.
Here's an example:
from django.core.exceptions import PermissionDenied
class ViewPermissionsMixin(object):
"""Base class for all custom permission mixins to inherit from"""
def has_permissions(self):
return True
def dispatch(self, request, *args, **kwargs):
if not self.has_permissions():
raise PermissionDenied
return super(ViewPermissionsMixin, self).dispatch(
request, *args, **kwargs)
class MyCustomPermissionMixin(ViewPermissionsMixin):
def has_permissions(self):
# here you will have access to both
# self.get_object() and self.request.user
return self.request.user in self.get_object().special_list_of_people
Now you can throw MyCustomPermissionMixin on your view:
class MyView(MyCustomPermissionMixin, TemplateView):
# ...
In your case, since you're using a TemplateView, you should also make a get_object() method that returns the object that you want to deal with. Template views don't have this method by default.
Finally, just want to say that you will love Django's class based views once you learn some more about how to use them.
Take a look at Django Braces, it's a solid set of mixins which are designed around permissions.
How specifically you deal with permissions depends largely on implementation. I've done it in dispatch() before which is the way Braces does it but if it's specific to an object or queryset, I'll do it in the actual get_object or get_queryset methods as part of a DetailView.
For example if you had a creator associated with an Entity, you could override get_object to check the current logged in user is the Entity's creator.
class EntityView(LoginRequiredMixin, DetailView):
model = Thing
def get_object(self, **kwargs):
return Entity.objects.get_object_or_404(
pk=kwargs['entity_id'],
creator=self.request.user
)
Note: LoginRequiredMixin is a part of Braces. Very slick.
For example, if I don't want to give access to the "Register" view if the user is already logged in?
I use this at the top of each view, and it works fine:
def get(self, request, *args, **kwargs):
if request.user.is_authenticated():
return HttpResponseRedirect('/')
return super(MyCBV_vw, self).get(request, *args, **kwargs)
But maybe there is a decorator o mixin for this, I would like to know if there is a better way to do this? Thanks!
Django has a user_passes_test decorator which I think is what you need. The decorator takes a function (with other optional ones) as argument.
You can write this function to redirect all logged in users who are trying to access that view:
from django.contrib.auth.decorators import user_passes_test
def not_logged_in(user):
return not user.is_authenticated()
#user_passes_test(not_logged_in)
def my_view(request, *args, **kwargs):
# your code
Remember to use a method_decorator to apply this decorator to your get method.
You could create a custom 'LogoutRequiredMixin':
class LogoutRequiredMixin(View):
def dispatch(self, *args, **kwargs):
if request.user.is_authenticated():
return HttpResponseRedirect('/')
return super(LogoutRequiredMixin, self).dispatch(*args, **kwargs)
Then use it in your views:
class RegisterView(LogoutRequiredMixin):
def get(...):
...
I'm using class based views, so, I had to used a mixin:
class NotLoggedAllow(UserPassesTestMixin):
login_url = '/profile/'
def test_func(self):
return not self.request.user.is_authenticated()
class Register_vw(NotLoggedAllow, FormView):
This way I just have to add the name of my mixin at each view, and it does deny the access to a logged in users. Nailed #Moses Koledoye, thanks everyone!
Are declaring variables in dispatch method valid in following sample code?
if not is there better coding standards in CBV? my idea is avoiding redeclare the same variable in every http methods
class MyClsName(View):
template_name = "setup/code_install.html"
def dispatch(self, request, *args, **kwargs):
self.name = request.session['name']
self.obj = MyModel.objects.get(Name=self.name)
return super(MyClsName, self).dispatch(request, *args, **kwargs)
def get(self, request):
# obj = MyModel.objects.get(Name=self.name) --> to avoid
context = {'account': self.obj}
return render(request, self.template_name, context)
def post(self, request):
# obj = MyModel.objects.get(Name=self.name) --> to avoid
context = {'account': self.obj}
return render(request, self.template_name, context)
This is not invalid, but it is definitely not taking advantage of the features of class-based views. It is rarely necessary to overwrite either of dispatch or get/post. Instead, you should choose a more appropriate view to subclass, and override the specific methods it provides. In this case, since you want to display a single object, the appropriate base class is DetailView, and the method to override is get_object.
class MyClsName(DetailView):
template_name = "setup/code_install.html"
def get_object(self, queryset=None):
return MyModel.objects.get(Name=self.request.session['name'])
Note no need to define dispatch, get, or post at all.