On 29/05/2018 11:44 AM, Mike Dewhirst wrote:
On 29/05/2018 11:04 AM, Dylan Moreland wrote:
Hello,
I'm building an employee performance tracker for my company, and I'd
like each employee to be able to view their own infractions (late to
a shift, missed punch, etc.) and no one else's, obviously. I plan to
use the built-in Django admin interface to allow HR to modify the
database as necessary, and I also want to build a frontend for
employees to access.
I also meant to say you don't need a separate Employee model. The
existing Django auth.user has what you need. You probably want a
user_profile model to carry 1:1 information not available in auth.user
The docs recommend that you create your own user by inheriting from
django.contrib.auth.models.AbstractUser and maybe that's what you are
doing with your Employee model. I think it is a good idea unless you you
are sure you won't need to.
https://docs.djangoproject.com/en/1.11/topics/auth/customizing/#extending-the-existing-user-model
You write views to extract data from the database and render the
result in a frontend template. Provided you force the users to
authenticate, generally by decorating the views with @login_required,
then the http request object Django gives you has the authenticated
user as an attribute. ie., request.user is the employee object.
If you then retrieve infraction data from the database keyed on
request.user, that employee will only see his or her own infractions
and no-one else's.
There are other things you need to watch. For example, don't let
employees access the admin (user.is_staff = False) unless you have
taken care to prevent them seeing other data. It is more complex than
doing it in your own views but it can be done.
You might also think about warning users to logout after visiting
their page because by default a Django session lasts two weeks. It is
a bit problematic trying to force logout from the server.
Good luck. I think you will enjoy the flexibility and power of Django.
My models are currently set up as follows:
*_'Employee' model:_*
- first_name (CharField)
- last_name (CharField)
*_'InfractionType' model:_*
- description (CharField)
*_'Infraction' model:_*
- timestamp (DateTimeField)
- employee (ForeignKey, Employee)
- type (ForeignKey, InfractionType)
- has_comment (Boolean) #true if employee has added an explanatory
comment to our timecard system, false if they haven't
- description (CharField)
I am also using the django.contrib.auth and django.contrib.admin
libraries and their corresponding database tables.
How should I set up my templates such that each logged-in user has
access to only their own employee information? I get the sense that I
will need to add a one-to-one relationship between the User table and
Employee table, but I'm not sure if I'm on the right track.
Also, I've been developing in Django for about three days now, so I'm
very new to all of this. I appreciate your patience and support.
Thanks so much for your help,
Dylan
--
You received this message because you are subscribed to the Google
Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it,
send an email to django-users+unsubscr...@googlegroups.com
<mailto:django-users+unsubscr...@googlegroups.com>.
To post to this group, send email to django-users@googlegroups.com
<mailto:django-users@googlegroups.com>.
Visit this group at https://groups.google.com/group/django-users.
To view this discussion on the web visit
https://groups.google.com/d/msgid/django-users/ba106eda-7a33-412f-ad90-c0fc8540a006%40googlegroups.com
<https://groups.google.com/d/msgid/django-users/ba106eda-7a33-412f-ad90-c0fc8540a006%40googlegroups.com?utm_medium=email&utm_source=footer>.
For more options, visit https://groups.google.com/d/optout.
--
You received this message because you are subscribed to the Google Groups "Django
users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at https://groups.google.com/group/django-users.
To view this discussion on the web visit
https://groups.google.com/d/msgid/django-users/e92b1814-e6f0-706b-fa4a-ca9dba475923%40dewhirst.com.au.
For more options, visit https://groups.google.com/d/optout.
