Re: Django apache mod_wsgi permission denied
Thanks a million for the tip :) On Sun, Dec 2, 2012 at 5:08 AM, Chris Cogdon wrote: > > > On Saturday, December 1, 2012 3:47:39 AM UTC-8, Loai Ghoraba wrote: >> >> no I mean the root of my project guys :) thanks a lot :D which lives in >> path/to/my/project :) >> > > Oh thank god for that! > > I'd actually done something similiar once... I'd removed a bunch of > permissions using chmod -R / rather than chmod -R . ... This was on an > oldold NCR Tower 32 running SVR3. I ended up writing a program to go > through the archives on tape (yes, tape) and copy only the permission bits > from all the tape files. > > Anyway, a better form of that command is chmod -R a+rX > > The capital X means "only set the execute bit if any execute bits are > set". If you use lower-case x, then you'll send up setting the execute bit > for normal files, too, which is another potential security risk. If you > want to fix this up, do: > > find . -type f -print0 | xargs -0 chmod a-x > chmod a+x manage.py # Restore x for the Django management command > > Protip: always use the -print0 | xargs -0 form of the "find/xargs" > pattern, as this will prevent spaces in your paths from causing havoc. > > I wish I knew of a better way to set the x bits all the way up the tree, > without giving someone a program to run, the best I can come up with is: > > cd static > chmod a+x . .. ../.. ../../.. ../../../.. ../../../../.. ../../../../../.. > ../../../../../../.. > > and hope that's enough :) > > > -- > You received this message because you are subscribed to the Google Groups > "Django users" group. > To view this discussion on the web visit > https://groups.google.com/d/msg/django-users/-/_8jpEFytyesJ. > > To post to this group, send email to django-users@googlegroups.com. > To unsubscribe from this group, send email to > django-users+unsubscr...@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/django-users?hl=en. > -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
Re: Django apache mod_wsgi permission denied
On Saturday, December 1, 2012 3:47:39 AM UTC-8, Loai Ghoraba wrote: > > no I mean the root of my project guys :) thanks a lot :D which lives in > path/to/my/project :) > Oh thank god for that! I'd actually done something similiar once... I'd removed a bunch of permissions using chmod -R / rather than chmod -R . ... This was on an oldold NCR Tower 32 running SVR3. I ended up writing a program to go through the archives on tape (yes, tape) and copy only the permission bits from all the tape files. Anyway, a better form of that command is chmod -R a+rX The capital X means "only set the execute bit if any execute bits are set". If you use lower-case x, then you'll send up setting the execute bit for normal files, too, which is another potential security risk. If you want to fix this up, do: find . -type f -print0 | xargs -0 chmod a-x chmod a+x manage.py # Restore x for the Django management command Protip: always use the -print0 | xargs -0 form of the "find/xargs" pattern, as this will prevent spaces in your paths from causing havoc. I wish I knew of a better way to set the x bits all the way up the tree, without giving someone a program to run, the best I can come up with is: cd static chmod a+x . .. ../.. ../../.. ../../../.. ../../../../.. ../../../../../.. ../../../../../../.. and hope that's enough :) -- You received this message because you are subscribed to the Google Groups "Django users" group. To view this discussion on the web visit https://groups.google.com/d/msg/django-users/-/_8jpEFytyesJ. To post to this group, send email to django-users@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
Re: Django login twice required when using xsendfile with apache
and another issue: using apache, even when the user is logged in and
is_staff, he is redirected to the login page, and he needs to login to
download the file, and this continues on.
On Sat, Dec 1, 2012 at 7:30 PM, Loai Ghoraba wrote:
> Hi
>
> I am using apache2 server with xsend file to protect against static files,
> the python view is:
>
> @staff_member_required
> def media_xsendfile(request, path, document_root):
> print "is staff",request.user.is_staff
> response = HttpResponse()
> response['Content-Disposition'] = 'attachment'
> response['X-Sendfile'] = (os.path.join(document_root,
> path)).encode('utf-8')
> return response
>
> and in apache httpd.conf
>
> XSendFile on
> XSendFilePath /path/to/files/
>
> If the user is not a staff member, he is redirected correctly to the login
> page and once he login, the file is download, this is only in the local
> development server, however when I use apache server, after the first login
> nothing happens (the login page is still there) and he has to login
> again.for the file to be downloaded.
>
> Any clue ?
>
> Thanks
>
> --
> You received this message because you are subscribed to the Google Groups
> "Django users" group.
> To view this discussion on the web visit
> https://groups.google.com/d/msg/django-users/-/_5o_fX1N6n0J.
> To post to this group, send email to django-users@googlegroups.com.
> To unsubscribe from this group, send email to
> django-users+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/django-users?hl=en.
>
--
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/django-users?hl=en.
Re: DJANGO_SETTINGS_MODULE in a setup with only individual Django components
ARRGH, sorry for the spam. The problem was that I have imported other django modules before calling execute_from_commandline... Cheers, Stefan On Saturday, December 1, 2012 5:57:31 PM UTC+1, Stefan Schwarzburg wrote: > > Hi, > > I'm looking for help with the following problem: > > I have a project, in which I only use the django ORM and no other parts of > django. > In previous versions of that project (django < 1.4) I used code similar to > manage.py but I called 'settings.configure' before calling > 'execute_manager'. This worked fine. > > However, in django 1.4, it does no longer work. Checking the current code > of a manage.py file, I tried calling 'execute_from_command_line', BUT > although the documentation ( > https://docs.djangoproject.com/en/1.4/topics/settings/#using-settings-without-setting-django-settings-module) > > says that this should work, I always get the error: > > ImportError: Settings cannot be imported, because environment variable > DJANGO_SETTINGS_MODULE is undefined. > > Anyone who can help with this? > > Cheers, > Stefan > -- You received this message because you are subscribed to the Google Groups "Django users" group. To view this discussion on the web visit https://groups.google.com/d/msg/django-users/-/drKcrTr0v2gJ. To post to this group, send email to django-users@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
Django login twice required when using xsendfile with apache
Hi
I am using apache2 server with xsend file to protect against static files,
the python view is:
@staff_member_required
def media_xsendfile(request, path, document_root):
print "is staff",request.user.is_staff
response = HttpResponse()
response['Content-Disposition'] = 'attachment'
response['X-Sendfile'] = (os.path.join(document_root,
path)).encode('utf-8')
return response
and in apache httpd.conf
XSendFile on
XSendFilePath /path/to/files/
If the user is not a staff member, he is redirected correctly to the login
page and once he login, the file is download, this is only in the local
development server, however when I use apache server, after the first login
nothing happens (the login page is still there) and he has to login
again.for the file to be downloaded.
Any clue ?
Thanks
--
You received this message because you are subscribed to the Google Groups
"Django users" group.
To view this discussion on the web visit
https://groups.google.com/d/msg/django-users/-/_5o_fX1N6n0J.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/django-users?hl=en.
DJANGO_SETTINGS_MODULE in a setup with only individual Django components
Hi, I'm looking for help with the following problem: I have a project, in which I only use the django ORM and no other parts of django. In previous versions of that project (django < 1.4) I used code similar to manage.py but I called 'settings.configure' before calling 'execute_manager'. This worked fine. However, in django 1.4, it does no longer work. Checking the current code of a manage.py file, I tried calling 'execute_from_command_line', BUT although the documentation (https://docs.djangoproject.com/en/1.4/topics/settings/#using-settings-without-setting-django-settings-module) says that this should work, I always get the error: ImportError: Settings cannot be imported, because environment variable DJANGO_SETTINGS_MODULE is undefined. Anyone who can help with this? Cheers, Stefan -- You received this message because you are subscribed to the Google Groups "Django users" group. To view this discussion on the web visit https://groups.google.com/d/msg/django-users/-/5T3iqKMZS6oJ. To post to this group, send email to django-users@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
Admin UI Improvements for Ordered List Using Through Inline?
Greetings,
I'm hopeful someone can point me in the right direction to improve the
admin UI for my app. I need to allow for the creation and display of an
ordered list of books. I had no problem setting this up and editing the
lists in the admin UI, but the UX for an admin leaves much to be desired.
The two biggest issues are that books can be saved to the same position as
books already on a list, and the admin always has to specify a position on
the list for each book (rather than simply adding the most recent book to
the end). Ideally books could even be dragged around and visually
reordered. This is a pretty classic ordered-list scenario, so I'm hoping
someone has already done some work to improve the admin UI for this case.
Is anyone aware of anything that might help?
The code I'm using in my app is below- it is dead simple and pretty much
straight from the documentation. I have created two models for this
purpose- Book and List, which are associated by a ListMember class using a
through relationship.
class Book(models.Model):
title = models.CharField(max_length=200)
class List(models.Model):
books = models.ManyToManyField(Book, through="ListMember")
class ListMember(models.Model):
list = models.ForeignKey(List)
book = models.ForeignKey(Book)
position = models.IntegerField()
Then in my admin code I've created BookAdmin, ListAdmin, and
ListMemberInline. I've also included simplified code for these classes
below.
class ListMemberInline(admin.TabularInline):
model = List.books.through
class ListAdmin(admin.ModelAdmin):
inlines = ['ListMemberInline',]
excludes = ('books',)
class BookAdmin(admin.ModelAdmin):
inlines = ['ListMemberInline',]
If anyone is aware of improvements to the admin UI for this case that I
could reuse I would really appreciate a pointer in the right direction.
Alternatively, guidance on how to improve this myself would also be very
helpful.
Thanks!
Andrew
--
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/django-users?hl=en.
Re: Django apache mod_wsgi permission denied
no I mean the root of my project guys :) thanks a lot :D which lives in path/to/my/project :) On Sat, Dec 1, 2012 at 11:42 AM, Timothy Makobu wrote: > Root directory??? As in / ? Nooo nonono > > > On Sat, Dec 1, 2012 at 12:14 PM, Chris Cogdon wrote: > >> >> >> On Friday, November 30, 2012 8:53:42 PM UTC-8, Mike Dewhirst wrote: >>> >>> On 1/12/2012 3:48pm, Loai Ghoraba wrote: >>> > I have ran chmod o+rx on the root directory, isn't this enough (isn't >>> > chmod applied to all folders down recursively ?) ? >>> >>> No. You need chmod -R o+rx >>> >> >> Oh hell no, don't do that... that will impact the ENTIRE FILESYSTEM >> >> >>> -- >> You received this message because you are subscribed to the Google Groups >> "Django users" group. >> To view this discussion on the web visit >> https://groups.google.com/d/msg/django-users/-/cB-WWrnMMP8J. >> >> To post to this group, send email to django-users@googlegroups.com. >> To unsubscribe from this group, send email to >> django-users+unsubscr...@googlegroups.com. >> For more options, visit this group at >> http://groups.google.com/group/django-users?hl=en. >> > > -- > You received this message because you are subscribed to the Google Groups > "Django users" group. > To post to this group, send email to django-users@googlegroups.com. > To unsubscribe from this group, send email to > django-users+unsubscr...@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/django-users?hl=en. > -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
App-Hooks Problems
Hi I am new to Django and Django-cms, I was going through documentation on Django-cms and I came across a description of adding an app to your page, http://docs.django-cms.org/en/2.1.3/extending_cms/extending_examples.html#my-first-app-apphook I don't even show redirect application or soft root settings in my set up which appears to be working fine, I looked through the plugins and found django-cms-redirect I added that but it wasn't the right one. Can anyone tell me how to get these items also in my app? What plugins are they? thanks in advance for your help --jerry -- You received this message because you are subscribed to the Google Groups "Django users" group. To view this discussion on the web visit https://groups.google.com/d/msg/django-users/-/z4qPnOKkIGgJ. To post to this group, send email to django-users@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
Re: Django apache mod_wsgi permission denied
Root directory??? As in / ? Nooo nonono On Sat, Dec 1, 2012 at 12:14 PM, Chris Cogdon wrote: > > > On Friday, November 30, 2012 8:53:42 PM UTC-8, Mike Dewhirst wrote: >> >> On 1/12/2012 3:48pm, Loai Ghoraba wrote: >> > I have ran chmod o+rx on the root directory, isn't this enough (isn't >> > chmod applied to all folders down recursively ?) ? >> >> No. You need chmod -R o+rx >> > > Oh hell no, don't do that... that will impact the ENTIRE FILESYSTEM > > >> -- > You received this message because you are subscribed to the Google Groups > "Django users" group. > To view this discussion on the web visit > https://groups.google.com/d/msg/django-users/-/cB-WWrnMMP8J. > > To post to this group, send email to django-users@googlegroups.com. > To unsubscribe from this group, send email to > django-users+unsubscr...@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/django-users?hl=en. > -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
Re: calling the view function in the other view function
On Friday, November 30, 2012 9:22:08 PM UTC-8, Satinderpal Singh wrote: > > On Sat, Dec 1, 2012 at 4:45 AM, Chris Cogdon > > wrote: > > It's generally very messy for one "view" function to call another. > Then what is the fun of making the function, if it is not reusable. > > > > Better solution is to factorise out the common parts into a third > function, > > then make sure each of your two "view" functions have the required > > render_to_response. > > What will i do if i have a large number of views having the common part. > Take the common part out of each view and put it in a non-view (ie, not connected from a URLConf) function, then each of your view functions calls it. Eg: def view1 ( request ): val1, val2, val3 = do_common_stuff ( request ) # non-common stuff here return render ( request, "templatename", vars ) def view2 ( request ): val1, val2, val3 = do_common_stuff ( request ) # non common stuff here return render ( request, "templatename2", vars ) def do_common_stuff ( request ): # all your common code here return computed_val1, val2, val3 In other words, unless you really know what you're doing, once you return the HttpResponse object, that should be the last thing you do. Note, though. that if your "common code" wants to WRITE INTO the HttpResponse object, thats fine too... just create one and then pass it as a parameter to your common function. -- You received this message because you are subscribed to the Google Groups "Django users" group. To view this discussion on the web visit https://groups.google.com/d/msg/django-users/-/Zk05t9aEH-UJ. To post to this group, send email to django-users@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
Re: Django apache mod_wsgi permission denied
On Friday, November 30, 2012 8:53:42 PM UTC-8, Mike Dewhirst wrote: > > On 1/12/2012 3:48pm, Loai Ghoraba wrote: > > I have ran chmod o+rx on the root directory, isn't this enough (isn't > > chmod applied to all folders down recursively ?) ? > > No. You need chmod -R o+rx > Oh hell no, don't do that... that will impact the ENTIRE FILESYSTEM > -- You received this message because you are subscribed to the Google Groups "Django users" group. To view this discussion on the web visit https://groups.google.com/d/msg/django-users/-/cB-WWrnMMP8J. To post to this group, send email to django-users@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
