Re: CSRFmiddlewaretoken issue ?

[Travis J]

{% csrf_token %} introduces a hidden field into your form that will be 
posted.  Second, request.raw_post_data is going to be form-encoded, so it 
will look like "csrf_token=adsjadsf=" 
(generally you would only use raw_post_data for binary files and the like).

To get it working quickly, use request.POST['body'] instead (you'll need to 
think about sanitizing; what happens on display if a user has included 
Javascript in the message). 

tj

On Monday, January 14, 2013 11:08:22 AM UTC-7, Rahul Gaur wrote:
>
> Hi, 
>   I am working on a Project which implements micro blogging(river flow) 
> like twitter.
>
> I made a django app for this and here is the snippet of the models.py 
>
> I registered the app with 'admin'
>
>  class uPost(models.Model):
> body = models.TextField(max_length=150)
> author = models.ForeignKey(auth.User)
> pub_date = models.DateTimeField('Date')
> 
> def __unicode__(self):
> return (self.body)
>
> def get_author_url(self):
> return "/u/%s/p/0" % (self.author)
> 
> class Meta:
>
> ordering = ['-pub_date']
>
>
> here is snippet from  post.html page 
>
> 
> {% csrf_token %}
> 
> 
> Report a Story:  rows="2" cols="40" name="body">
> 
> 
> 
> 
>  
> # I use this to post the tweet  and below is the 
>
> #views.py function 
>
> def tweet(request):
> assert(request.method=='POST')
> body = smart_unicode(request.raw_post_data)
> topic = uPost(body=body, author=request.user)
> topic.pub_date = datetime.datetime.today()
> topic.save()
> return HttpResponseRedirect("/riverflow") # calls the function views 
> function that list all post in the timeline
>
>
> When I use the post.html 
>
>
> OutPut I get when I post any tweet with the above FORM and Views func def 
> tweet
>
>  
>
> csrfmiddlewaretoken=eTqlKTZe9AyMiudycqENAJxoLn9WXjA9=hmm+just+check+ing+%21
>
> @aregee Jan. 14, 2013, 11:33 a.m.
>
>
> It has to do something with the CSRF middleware token right ?
>
> I tried to use @csrf_exempt decorator in my views function,that does 
> remove  csrfmiddlewaretoken =*& post the following on the timeline  
> "body=MESSAGEPOSTED "
>  
> What am I doing wrong here .?
>
>
>
>
> ---
> *Rahul Gaur*
> *irc : iamaregee2*
> *web: *http://www.rahulgaur.info*
> *
> *blogs : *aregee.wordpress.com , 
> http://sanencynicalwriter.wordpress.com/
> *fb:* http://facebook.com/iamaregee 
> *github: *https://github.com/aregee
>
>  

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/django-users/-/4fWZdPC1GUUJ.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: Source code from book djangobook.com ?

[Russell Keith-Magee]

Hi,

Do you mean the source code for the book (i.e., the code that is used to
produce the book), or the Python/Django code that the book provides as
examples?

If you're looking for the former, it's linked from the djangobook.comhomepage.

https://github.com/jacobian/djangobook.com

If you're looking for all the code snippets, I'm not aware of anywhere of
anywhere that these snippets are available for download (other than to use
the book as a resource and copy/paste the snippets from the appropriate
chapters).

This is because the snippets are all relatively small, so they're easy to
retype. Also, most of the code comes in the form of snippets, rather than
standalone projects, so it would be difficult to index and store them in a
meaningful way.

Yours,
Russ Magee %-)

On Wed, Jan 16, 2013 at 1:44 PM, Subodh Nijsure wrote:

> Sorry if this is a very obvious question does any body know if source code
> from the online book http://www.djangobook.com/ is available some where
> in git repo? I have searched on github and most hits are for actual book
> chapters.
>
> -Subodh
>
> --
> You received this message because you are subscribed to the Google Groups
> "Django users" group.
> To post to this group, send email to django-users@googlegroups.com.
> To unsubscribe from this group, send email to
> django-users+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/django-users?hl=en.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: Source code from book djangobook.com ?

[Iñigo Medina]

On Tue, Jan 15, 2013 at 09:44:56PM -0800, Subodh Nijsure wrote:
> Sorry if this is a very obvious question does any body know if source code
> from the online book http://www.djangobook.com/ is available some where in
> git repo? I have searched on github and most hits are for actual book
> chapters.

Official repo is at: https://github.com/jacobian/djangobook.com

Recent thread on this mailing list about its status:
https://groups.google.com/forum/?fromgroups=#!searchin/django-users/book/django-users/f1H68hiMIKU/overview

Iñigo

> 
> -Subodh
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Django users" group.
> To post to this group, send email to django-users@googlegroups.com.
> To unsubscribe from this group, send email to 
> django-users+unsubscr...@googlegroups.com.
> For more options, visit this group at 
> http://groups.google.com/group/django-users?hl=en.
> 

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Source code from book djangobook.com ?

[Subodh Nijsure]

Sorry if this is a very obvious question does any body know if source code
from the online book http://www.djangobook.com/ is available some where in
git repo? I have searched on github and most hits are for actual book
chapters.

-Subodh

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: Django CRM Tool

[Frankline]

I've just seen the koalixcrm. Nice interface.

On Wed, Jan 16, 2013 at 12:05 AM, scaphilo  wrote:

> Hi
> Well this thread is a bit outdated but as you have not had any answers yet.
>
> Insted of starting from scratch you could perhaps start with
> www.koalix.org
> https://github.com/scaphilo/koalixcrm
> Its open source and under BSD licsense. So you can use it, modify it and
> sell it.
>
>
>
>
> Am Samstag, 2. Juni 2012 19:00:49 UTC+2 schrieb Zeeshan Syed:
>
>> Hey everyone,
>>
>> I've been asked to create a CRM tool using Django. Just wondering what
>> route I should take. Would it be wise to start from scratch? Should I
>> play around with Django admin and mess around with that? I've looked
>> at the django-crm project, has anyone had any experience with that?
>>
>> Any help is much appreciated.
>>
>> Thanks,
>> Zee
>
>  --
> You received this message because you are subscribed to the Google Groups
> "Django users" group.
> To view this discussion on the web visit
> https://groups.google.com/d/msg/django-users/-/V9NsFL6ObhwJ.
>
> To post to this group, send email to django-users@googlegroups.com.
> To unsubscribe from this group, send email to
> django-users+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/django-users?hl=en.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: Django 1.5 sendemail when doing password reset

[Detectedstealth]

Found the issue, there was no from_email but still have no idea why I got 
that error for there not being an email.

PasswordResetForm

   save

  send_mail(subject, message, from_email, [to_email])

On Tuesday, January 15, 2013 7:28:03 PM UTC-8, Detectedstealth wrote:
>
> Hi,
>
> For some reason when trying to use password reset I am getting the 
> following message:
>
> SMTPDataError: (550, 'Administrative prohibition')
>
> However when I send emails from other areas in the application I don't 
> have this issue. What can be causing this?
>
> --
> Regards,
> Bruce
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/django-users/-/jkndjlUZ0ywJ.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: InMemoryUploadedFile no `encoding` Attribute

[Braden Walters]

Thanks to both of you. That actually makes a lot more sense now.

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/django-users/-/ehJ4g2H8N3wJ.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Django 1.5 sendemail when doing password reset

[Detectedstealth]

Hi,

For some reason when trying to use password reset I am getting the 
following message:

SMTPDataError: (550, 'Administrative prohibition')

However when I send emails from other areas in the application I don't have 
this issue. What can be causing this?

--
Regards,
Bruce

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/django-users/-/CvbmObfEamkJ.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: print shop framework

[Lachlan Musicman]

On Wed, Jan 16, 2013 at 1:51 PM, SkuFlow.com  wrote:

> well i'm look for something like 4over4.com where you can design your own
> stuff to print then submit it for printing... ie a print shop, not just an
> ecommerce storefront.
>
>
Ok, I didn't quite pick up on that subtlety - but the concept is still the
same. It would suggest that Django (or a framework) is more suitable than
the wordpress option.

Having said that, it would essentially be ecommerce - but each item
purchased would also have a couple of additional fields - the relevant
design files and maybe some numbers, depending on whether the entire order
should have one design or not. IE the diff between 100 mugs having 1
design, or 100 mugs, 20 with design A, 50 with design B, 30 with design C.

How to do it depends on exact needs, but I would extend something already
developed.


On Tue, Jan 15, 2013 at 9:48 PM, Lachlan Musicman  wrote:
>
>> It's just an online shop right?
>>
>> There are plenty of FLOSS frameworks and apps already written for online
>> shops. http://www.satchmoproject.com/ or
>> https://www.django-shop.org/ecosystem/ for instance.
>>
>> The hard work isn't in the construction of the site logic, it's the data
>> entry (all the items, all the combinations and discounnts etc) and design.
>>
>> By the same token, the Wordpress plugin http://getshopped.org/ is quite
>> good and I'm sure all frameworks have something available.
>>
>> Cheers
>> L.
>>
>>
>>
>>
>> On Wed, Jan 16, 2013 at 1:24 PM, Bobby Roberts wrote:
>>
>>> hi all... a possible client of mine is looking for an online custom
>>> print shop like 4over4.com.  Are there any open source frameworks like
>>> this out there?  I'd prefer a django app but will consider other languages.
>>>
>>
>>
>>
>>
>> --
>> ...we look at the present day through a rear-view mirror. This is
>> something Marshall McLuhan said back in the Sixties, when the world was in
>> the grip of authentic-seeming future narratives. He said, “We look at the
>> present through a rear-view mirror. We march backwards into the future.”
>>
>> http://www.warrenellis.com/?p=14314
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Django users" group.
>> To post to this group, send email to django-users@googlegroups.com.
>> To unsubscribe from this group, send email to
>> django-users+unsubscr...@googlegroups.com.
>> For more options, visit this group at
>> http://groups.google.com/group/django-users?hl=en.
>>
>
>  --
> You received this message because you are subscribed to the Google Groups
> "Django users" group.
> To post to this group, send email to django-users@googlegroups.com.
> To unsubscribe from this group, send email to
> django-users+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/django-users?hl=en.
>



-- 
...we look at the present day through a rear-view mirror. This is something
Marshall McLuhan said back in the Sixties, when the world was in the grip
of authentic-seeming future narratives. He said, “We look at the present
through a rear-view mirror. We march backwards into the future.”

http://www.warrenellis.com/?p=14314

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: print shop framework

[SkuFlow.com]

well i'm look for something like 4over4.com where you can design your own
stuff to print then submit it for printing... ie a print shop, not just an
ecommerce storefront.



On Tue, Jan 15, 2013 at 9:48 PM, Lachlan Musicman  wrote:

> It's just an online shop right?
>
> There are plenty of FLOSS frameworks and apps already written for online
> shops. http://www.satchmoproject.com/ or
> https://www.django-shop.org/ecosystem/ for instance.
>
> The hard work isn't in the construction of the site logic, it's the data
> entry (all the items, all the combinations and discounnts etc) and design.
>
> By the same token, the Wordpress plugin http://getshopped.org/ is quite
> good and I'm sure all frameworks have something available.
>
> Cheers
> L.
>
>
>
>
> On Wed, Jan 16, 2013 at 1:24 PM, Bobby Roberts wrote:
>
>> hi all... a possible client of mine is looking for an online custom print
>> shop like 4over4.com.  Are there any open source frameworks like this
>> out there?  I'd prefer a django app but will consider other languages.
>>
>
>
>
>
> --
> ...we look at the present day through a rear-view mirror. This is
> something Marshall McLuhan said back in the Sixties, when the world was in
> the grip of authentic-seeming future narratives. He said, “We look at the
> present through a rear-view mirror. We march backwards into the future.”
>
> http://www.warrenellis.com/?p=14314
>
> --
> You received this message because you are subscribed to the Google Groups
> "Django users" group.
> To post to this group, send email to django-users@googlegroups.com.
> To unsubscribe from this group, send email to
> django-users+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/django-users?hl=en.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: print shop framework

[Lachlan Musicman]

It's just an online shop right?

There are plenty of FLOSS frameworks and apps already written for online
shops. http://www.satchmoproject.com/ or
https://www.django-shop.org/ecosystem/ for instance.

The hard work isn't in the construction of the site logic, it's the data
entry (all the items, all the combinations and discounnts etc) and design.

By the same token, the Wordpress plugin http://getshopped.org/ is quite
good and I'm sure all frameworks have something available.

Cheers
L.




On Wed, Jan 16, 2013 at 1:24 PM, Bobby Roberts  wrote:

> hi all... a possible client of mine is looking for an online custom print
> shop like 4over4.com.  Are there any open source frameworks like this out
> there?  I'd prefer a django app but will consider other languages.
>




-- 
...we look at the present day through a rear-view mirror. This is something
Marshall McLuhan said back in the Sixties, when the world was in the grip
of authentic-seeming future narratives. He said, “We look at the present
through a rear-view mirror. We march backwards into the future.”

http://www.warrenellis.com/?p=14314

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

print shop framework

[Bobby Roberts]

hi all... a possible client of mine is looking for an online custom print 
shop like 4over4.com.  Are there any open source frameworks like this out 
there?  I'd prefer a django app but will consider other languages.

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/django-users/-/6wFOXdSLANYJ.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: Insane sql logging

[Trevor Joynson]

We just parse MySQL binary logs as they only contain modification queries.
You can dump the real SQL query out petty easily. I can send you the base
of our dump script if you want.
On Jan 15, 2013 10:26 AM, "Matteo Suppo"  wrote:

> Good question. We decided not to do it at database level because we didn't
> want to write every select on the file, but only the update/insert/delete.
>
> Probably it was better that way, though, and clean the file later.
>
> Matteo Suppo - Social Media Badass
>
> "C'è sempre un altro modo"
> "Ho l'80% di probabilità di fare qualsiasi cosa"
>
>
> 2013/1/15 Addy Yeow 
>
>> Why not do this at database level?
>> e.g. using http://dev.mysql.com/doc/refman/5.1/en/query-log.html
>>
>> On Tue, Jan 15, 2013 at 9:35 PM, Matteo Suppo 
>> wrote:
>> > Sometimes people ask for strange features, like "I want to log every
>> > database query except select".
>> >
>> > There will be drawbacks, of course: it will be slower, for example, but
>> they
>> > won't care.
>> >
>> > It happened to us, and we had to ship this insanity:
>> >
>> > import logging
>> > from logging.handlers import RotatingFileHandler
>> > from django.db.backends import BaseDatabaseWrapper
>> > from django.db.models.signals import pre_save, post_save, pre_delete,
>> > post_delete
>> > from django.dispatch import receiver
>> >
>> > from datetime import datetime
>> >
>> > from django.conf import settings
>> >
>> > def patch_cursor(self):
>> > """ Monkey Patch BaseDatabaseWrapper to always use the debug cursor
>> """
>> > self.validate_thread_sharing()
>> >
>> > return self.make_debug_cursor(self._cursor())
>> > BaseDatabaseWrapper.cursor = patch_cursor
>> >
>> > @receiver(pre_delete)
>> > @receiver(pre_save)
>> > def member_pre_save(sender, **kwargs):
>> > l = logging.getLogger('django.db.backends')
>> > l.setLevel(logging.DEBUG)
>> > if len(l.handlers) <= 0:
>> > handler = RotatingFileHandler(settings.BACKUP_FILENAME,
>> >   maxBytes=settings.BACKUP_MAXBYTES)
>> > l.addHandler(handler)
>> > l.debug(datetime.now())
>> >
>> > @receiver(post_delete)
>> > @receiver(post_save)
>> > def member_post_save(sender, **kwargs):
>> > l = logging.getLogger('django.db.backends')
>> > l.removeHandler(l.handlers[0])
>> >
>> > Of course now they told us they want to log the IP of the machine who
>> > triggered the query, so we'll have to use a different approach. Sigh.
>> >
>> > --
>> > You received this message because you are subscribed to the Google
>> Groups
>> > "Django users" group.
>> > To view this discussion on the web visit
>> > https://groups.google.com/d/msg/django-users/-/voMGlGJ3UqgJ.
>> > To post to this group, send email to django-users@googlegroups.com.
>> > To unsubscribe from this group, send email to
>> > django-users+unsubscr...@googlegroups.com.
>> > For more options, visit this group at
>> > http://groups.google.com/group/django-users?hl=en.
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Django users" group.
>> To post to this group, send email to django-users@googlegroups.com.
>> To unsubscribe from this group, send email to
>> django-users+unsubscr...@googlegroups.com.
>> For more options, visit this group at
>> http://groups.google.com/group/django-users?hl=en.
>>
>>
>  --
> You received this message because you are subscribed to the Google Groups
> "Django users" group.
> To post to this group, send email to django-users@googlegroups.com.
> To unsubscribe from this group, send email to
> django-users+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/django-users?hl=en.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: CRM like / email thread functionality for Users

[Russell Keith-Magee]

On Tue, Jan 15, 2013 at 11:11 PM, Alexander Todorov  wrote:

> Hi folks,
> I'm looking for an application/module to achieve the following
> functionality:
>
> 1) Be able to send email (via send_email) to a specific User of my site
> 2) Record what was sent and when
> 3) Be able to capture incoming replies and record them
> 4) Route the incoming reply to an admin.
>
> Ideally 2/3 can be tracked via some custom email header and sent to/from a
> general address and all the communication can be via standard email tools.
>
> This functionality is present in many issue tracking and CRM systems. I
> need something light weight to integrate with the current Django install. I
> don't want to setup a full-blown CRM solution for this. Can you point me to
> any packages/projects?
>
>
You might have some luck with Lamson:

http://lamsonproject.org

It's a mail server written in Python, but it's got an API that makes it
easy to set up triggers/filters when mail arrives.

Yours,
Russ Magee %-)

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Intermingling applications

[Travis J]

Hi,

I have an annoying problem I've inherited that I'm trying to clean up. I'm 
looking for advice on the best way to clean it up.

We have a Django web app.  It is essentially a view in a running log (call 
it *reader*) from a database.  The db log is populated by an event queue 
(call it *writer*) on a different machine.  All of the code involved is 
Python. *Writer* also processes other queue items that don't involve *reader
* and it processing enough event items that indirecting through a service 
is probably not a good idea.

*Reader* defines all of the tables using Django models. *Writer* includes 
all of the code from *reader* in order to access those model classes to 
insert items into the database.

The problem is that the dependencies between *reader* and *writer* are 
somewhat opaque, and it gets even worse because there are clients of *writer
* as well. This is of particular concern as we try to minimize what gets 
installed on *writer*. For instance, we don't really want a third-party 
login blocker to be installed, since it would never be used.

I've been trying to come up with alternatives, but I don't really like 
anything I've come up with.  Is there a better option that keeps code DRY 
that I'm missing?

Thanks.

tj

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/django-users/-/Njs9kLgbnHwJ.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: Insane sql logging

[Sam Solomon]

The word "Insane" caught my eye and lo and behold it was relevant to what 
we've done. We actually do this for security reasons and it does help with 
debugging sometimes (we actually log all queries, not just 
INSERT/UPDATE/DELETE).

We also store fk to user (with a pre_delete hook to unattach users and save 
the old user's name/email address to a text field should someone delete the 
user), request path, method, referrer, ip and timestamp. 

>From a high level we basically extended the database wrapper to store the 
queries as it would if you have DEBUG=True set and then use middleware to 
store it to the database.

For performance reasons all of the queries are dumped and sent to a backup 
server every hour and after successful transfer, the dumped records are 
deleted from the production server. If performance becomes an issue (which 
it may soon) we will likely look into caching the queries on the production 
server and then creating a cron job to move the entries from cache onto the 
backup server periodically so users don't have to wait for a database write.

If you need help you can email me off list or there is a lot of interest, I 
may be able to open source some or all of it when I have time.

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/django-users/-/GxdmyaoQkQ0J.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: Django CRM Tool

[scaphilo]

Hi
Well this thread is a bit outdated but as you have not had any answers yet.

Insted of starting from scratch you could perhaps start with
www.koalix.org
https://github.com/scaphilo/koalixcrm
Its open source and under BSD licsense. So you can use it, modify it and 
sell it.




Am Samstag, 2. Juni 2012 19:00:49 UTC+2 schrieb Zeeshan Syed:
>
> Hey everyone, 
>
> I've been asked to create a CRM tool using Django. Just wondering what 
> route I should take. Would it be wise to start from scratch? Should I 
> play around with Django admin and mess around with that? I've looked 
> at the django-crm project, has anyone had any experience with that? 
>
> Any help is much appreciated. 
>
> Thanks, 
> Zee

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/django-users/-/V9NsFL6ObhwJ.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: Any good Open Source Django-Based CRM's ?

[scaphilo]

Hi

Perhaps koalixcrm is something for you, its open source and below BSD 
license
www.koalix.org
https://github.com/scaphilo/koalixcrm
It  offers less functionality then vTiger or SugerCRM but perhaps you want 
to start with something small.

You can find a demo of the koalixcrm here: 
demo. 
You can find a german demo of the koalixcrm here: 
demo
.
To be able to log in use the following 

*user: guest**
password: guestpassword*


Am Samstag, 1. September 2012 13:40:03 UTC+2 schrieb pajju:
>
> HI
>
> I'm looking for Django Powered Open Sourced CRM's which is ready for 
> Production use.
> I did not find much help google'ing for the same. :)
>
> And In other Technologies, Open Sourced based CRM's which one is better - 
> vTiger or SugarCRM or anything better which is fully Open Sourced ? 
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/django-users/-/x02RabE2muMJ.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

How to set a specific database to use in one ModelForm in Django?

[Fellipe Henrique]

I'm realy need to set a database to model form use to validate and save all 
data.. how can I pass this type of parameter? like .using(dbname) in view?

Without use db route, because I need all auth database and select to get in 
a specific database all other is set in my UserProfile database name, and I 
I try to use router but doesn't work.

I have this view:

def editaCliente(request, pessoa_id=None):
if request.user.is_authenticated():
profile = request.user.get_profile()
if pessoa_id:
cliente = 
Cliente.objects.using(profile.dbname).get(idpessoa=pessoa_id)
else:
cliente = None

if request.method == 'POST':
formPessoa = ClienteForm(request.POST, instance=cliente, 
vUserProfile=profile)
if formPessoa.is_valid():
cliente = formPessoa.save(commit=False)
cliente.idrepresentante = profile.id_comerx3c # passando o id 
do representante
cliente.internet = 'S'
cliente = formPessoa.save()

if cliente:
return redirect('listaCliente')
else:
formPessoa = ClienteForm(instance=cliente, vUserProfile=profile)

return render_to_response(
'cliente_novo.html',
locals(),
context_instance=RequestContext(request),
)

but when call formPessoa.is_valid() show me these error:

('Error while preparing SQL statement:\n- SQLCODE: -204\n- Dynamic SQL Error\n- 
SQL error code = -204\n- Table unknown\n- PESSOA\n- At line 1, column 41', 
u'-204 -- SELECT FIRST 1 (1) AS "A" FROM "PESSOA" WHERE "PESSOA"."IDPESSOA" = 
-1')

Thats because the form doesn't get the correct database, it`s take a 
default database, what I'm use only for auth profiles.

Here is my modelform code:

class ClienteForm(ModelForm):
class Meta:
model = Cliente

def __init__(self, *args, **kwargs):
vUserProfile = kwargs.pop('vUserProfile', None)
super(ClienteForm, self).__init__(*args, **kwargs)
self.fields["idcidade"].queryset = 
Cidade.objects.using(vUserProfile.dbname).all()

self.fields["idpessoa"].widget.attrs['class'] = "input-mini"

Thanks

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/django-users/-/ESrhZn8sqIwJ.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: Anyway to use innovaeditor in admin?

[Nikolas Stevenson-Molnar]

You may be able adapt the methods used for integrating coeditor in the admin to 
integrate innovaeditor. The basic workflow is to query all textarea elements 
when the page loads and replace them with the rich text editor of your choice. 
You do this be adding a script to the media definitions for your ModelAdmin: 
https://docs.djangoproject.com/en/1.1/ref/contrib/admin/#modeladmin-media-definitions

_Nik

On Jan 15, 2013, at 3:35 AM, frocco  wrote:

> Thanks,
> 
> I ended up using ckeditor. 
> I would have perferred using the one I just purchased.
> The vendor has no experience with django.
> 
> Mostly .net and PHP
>  
> 
> On Monday, January 14, 2013 9:39:36 AM UTC-5, frocco wrote:
>  src='scripts/innovaeditor.js'>
> Initialize the Editor below any  you’d like to replace.
> 
> 
> 
> var oEdit1 = new InnovaEditor("oEdit1");
> oEdit1.width = 750;
> oEdit1.height = 530;
> oEdit1.groups = [
> ["group1", "", ["Bold", "Italic", "Underline", "FontDialog", 
> "ForeColor", "TextDialog", "RemoveFormat"]],
> ["group2", "", ["Bullets", "Numbering", "JustifyLeft", 
> "JustifyCenter", "JustifyRight"]],
> ["group3", "", ["LinkDialog", "ImageDialog", "YoutubeDialog", 
> "TableDialog", "Emoticons"]],
> ["group4", "", ["Undo", "Redo", "FullScreen", "SourceDialog"]]
> ];
> oEdit1.css = "styles/default.css";
> oEdit1.REPLACE("txtContent");
> 
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Django users" group.
> To view this discussion on the web visit 
> https://groups.google.com/d/msg/django-users/-/gwMzi6bGXqUJ.
> To post to this group, send email to django-users@googlegroups.com.
> To unsubscribe from this group, send email to 
> django-users+unsubscr...@googlegroups.com.
> For more options, visit this group at 
> http://groups.google.com/group/django-users?hl=en.

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: CRM like / email thread functionality for Users

[m1chael]

I've done something similar with using Postfix and having postfix
deliver to a local python script

On Tue, Jan 15, 2013 at 10:11 AM, Alexander Todorov
 wrote:
> Hi folks,
> I'm looking for an application/module to achieve the following
> functionality:
>
> 1) Be able to send email (via send_email) to a specific User of my site
> 2) Record what was sent and when
> 3) Be able to capture incoming replies and record them
> 4) Route the incoming reply to an admin.
>
> Ideally 2/3 can be tracked via some custom email header and sent to/from a
> general address and all the communication can be via standard email tools.
>
> This functionality is present in many issue tracking and CRM systems. I need
> something light weight to integrate with the current Django install. I don't
> want to setup a full-blown CRM solution for this. Can you point me to any
> packages/projects?
>
>
> Thanks,
> Alex
>
> --
> You received this message because you are subscribed to the Google Groups
> "Django users" group.
> To view this discussion on the web visit
> https://groups.google.com/d/msg/django-users/-/ARJ2VWvN2LgJ.
> To post to this group, send email to django-users@googlegroups.com.
> To unsubscribe from this group, send email to
> django-users+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/django-users?hl=en.

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: Model object save gives Warning: Data truncated for column

[Chen Xu]

Yes, this sound reasonable, and I verified it. You are absolutely correct.

Thanks for your help
Best regards


On Tue, Jan 15, 2013 at 10:25 AM, Bill Freeman  wrote:

> Not being a MySQL expert, I'll still have a guess.  The TimeField just
> represents the time of day, with no notion of what day, see
> http://docs.python.org/2.7/library/datetime.html#time-objects .  The term
> "timestamp", on the other hand, means to me a point in time in the more
> grand sense, such as the integer number of seconds since the "epoch", and
> thus embodies date and time.  So if the "timestamp" in your database is
> something from which you can figure out when something happened, including
> on which day it happened, then DateTimeField is the correct one to use.
>
> By the way, Django provides a feature to "introspect" an existing database
> and to compose models for it.  I'll bet that it suggests the DataTimeField.
>
> Bill
>
>
> On Tue, Jan 15, 2013 at 10:06 AM, Chen Xu  wrote:
>
>> I am using my existing mysql db. I found out that if I have an enum and
>> try to insert a value not present in the enum this error will occur.
>>
>> However, my problem occurs on a TimeField. I created this field using
>> phpMyAdmin, it is a timestamp, and default is current time. Therefore, I
>> did the following in my Django model:
>>
>> message_create_time = models.TimeField(auto_now_add=True)
>>
>> When I create an object, and save, it gives me:
>>
>> Traceback (most recent call last):
>>   File "", line 1, in 
>>   File "/Library/Python/2.7/site-packages/django/db/models/base.py", line
>> 463, in save
>> self.save_base(using=using, force_insert=force_insert,
>> force_update=force_update)
>>   File "/Library/Python/2.7/site-packages/django/db/models/base.py", line
>> 551, in save_base
>> result = manager._insert([self], fields=fields, return_id=update_pk,
>> using=using, raw=raw)
>>   File "/Library/Python/2.7/site-packages/django/db/models/manager.py",
>> line 203, in _insert
>> return insert_query(self.model, objs, fields, **kwargs)
>>   File "/Library/Python/2.7/site-packages/django/db/models/query.py",
>> line 1593, in insert_query
>> return query.get_compiler(using=using).execute_sql(return_id)
>>   File
>> "/Library/Python/2.7/site-packages/django/db/models/sql/compiler.py", line
>> 912, in execute_sql
>> cursor.execute(sql, params)
>>   File "/Library/Python/2.7/site-packages/django/db/backends/util.py",
>> line 40, in execute
>> return self.cursor.execute(sql, params)
>>   File
>> "/Library/Python/2.7/site-packages/django/db/backends/mysql/base.py", line
>> 114, in execute
>> return self.cursor.execute(query, args)
>>   File
>> "/Library/Python/2.7/site-packages/MySQL_python-1.2.4-py2.7-macosx-10.8-intel.egg/MySQLdb/cursors.py",
>> line 203, in execute
>> if not self._defer_warnings: self._warning_check()
>>   File
>> "/Library/Python/2.7/site-packages/MySQL_python-1.2.4-py2.7-macosx-10.8-intel.egg/MySQLdb/cursors.py",
>> line 117, in _warning_check
>> warn(w[-1], self.Warning, 3)
>> Warning: Data truncated for column 'message_create_time' at row 1
>>
>>
>> However if I change it to :
>> message_create_time = models.DateTimeField()
>>
>>
>> It works perfectly.
>>
>> Any ideas?
>>
>> Thanks in advance
>>
>>
>>
>>
>> On Tue, Jan 15, 2013 at 7:32 AM, Bill Freeman  wrote:
>>
>>> Does the field in question have "max_length" specified (assuming that it
>>> is a character field or a sub class)?  Does introspecting the database with
>>> the database's tools indicate that the corresponding field has that size?
>>> Was the database created using Django's syncdb, or are you attempting to
>>> use an existing database.  Which database engine are you using (e,g.;
>>> PostgreSQL, MySQL, etc. - different people will have insights into
>>> different back ends)?  Is a stack trace printed - if so, provide it for
>>> us?  At least, what is the exact text of the error message?
>>>
>>> Bill
>>>
>>> On Tue, Jan 15, 2013 at 1:19 AM, Chen Xu  wrote:
>>>
 Hi Everyone,
 I am new to Django, I am currently converting my site from php to
 Django. I have already have my database (all the tables) setup when I wrote
 in php; now when I convert to Django, I am basically matching each column
 with the existing column. After I finished doing this, I try to create an
 object, and doing a .save()  gives me Warning: Data truncated for
 column ''. However, I checked, the length of my string did not
 excess the limit.

 Could anyone help?


 Thanks




 --
 ⚡ Chen Xu ⚡

 --
 You received this message because you are subscribed to the Google
 Groups "Django users" group.
 To post to this group, send email to django-users@googlegroups.com.
 To unsubscribe from this group, send email to
 django-users+unsubscr...@googlegroups.com.
 For more options, visit 

Re: Insane sql logging

[Matteo Suppo]

Good question. We decided not to do it at database level because we didn't
want to write every select on the file, but only the update/insert/delete.

Probably it was better that way, though, and clean the file later.

Matteo Suppo - Social Media Badass

"C'è sempre un altro modo"
"Ho l'80% di probabilità di fare qualsiasi cosa"


2013/1/15 Addy Yeow 

> Why not do this at database level?
> e.g. using http://dev.mysql.com/doc/refman/5.1/en/query-log.html
>
> On Tue, Jan 15, 2013 at 9:35 PM, Matteo Suppo 
> wrote:
> > Sometimes people ask for strange features, like "I want to log every
> > database query except select".
> >
> > There will be drawbacks, of course: it will be slower, for example, but
> they
> > won't care.
> >
> > It happened to us, and we had to ship this insanity:
> >
> > import logging
> > from logging.handlers import RotatingFileHandler
> > from django.db.backends import BaseDatabaseWrapper
> > from django.db.models.signals import pre_save, post_save, pre_delete,
> > post_delete
> > from django.dispatch import receiver
> >
> > from datetime import datetime
> >
> > from django.conf import settings
> >
> > def patch_cursor(self):
> > """ Monkey Patch BaseDatabaseWrapper to always use the debug cursor
> """
> > self.validate_thread_sharing()
> >
> > return self.make_debug_cursor(self._cursor())
> > BaseDatabaseWrapper.cursor = patch_cursor
> >
> > @receiver(pre_delete)
> > @receiver(pre_save)
> > def member_pre_save(sender, **kwargs):
> > l = logging.getLogger('django.db.backends')
> > l.setLevel(logging.DEBUG)
> > if len(l.handlers) <= 0:
> > handler = RotatingFileHandler(settings.BACKUP_FILENAME,
> >   maxBytes=settings.BACKUP_MAXBYTES)
> > l.addHandler(handler)
> > l.debug(datetime.now())
> >
> > @receiver(post_delete)
> > @receiver(post_save)
> > def member_post_save(sender, **kwargs):
> > l = logging.getLogger('django.db.backends')
> > l.removeHandler(l.handlers[0])
> >
> > Of course now they told us they want to log the IP of the machine who
> > triggered the query, so we'll have to use a different approach. Sigh.
> >
> > --
> > You received this message because you are subscribed to the Google Groups
> > "Django users" group.
> > To view this discussion on the web visit
> > https://groups.google.com/d/msg/django-users/-/voMGlGJ3UqgJ.
> > To post to this group, send email to django-users@googlegroups.com.
> > To unsubscribe from this group, send email to
> > django-users+unsubscr...@googlegroups.com.
> > For more options, visit this group at
> > http://groups.google.com/group/django-users?hl=en.
>
> --
> You received this message because you are subscribed to the Google Groups
> "Django users" group.
> To post to this group, send email to django-users@googlegroups.com.
> To unsubscribe from this group, send email to
> django-users+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/django-users?hl=en.
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: Model object save gives Warning: Data truncated for column

[Bill Freeman]

Not being a MySQL expert, I'll still have a guess.  The TimeField just
represents the time of day, with no notion of what day, see
http://docs.python.org/2.7/library/datetime.html#time-objects .  The term
"timestamp", on the other hand, means to me a point in time in the more
grand sense, such as the integer number of seconds since the "epoch", and
thus embodies date and time.  So if the "timestamp" in your database is
something from which you can figure out when something happened, including
on which day it happened, then DateTimeField is the correct one to use.

By the way, Django provides a feature to "introspect" an existing database
and to compose models for it.  I'll bet that it suggests the DataTimeField.

Bill

On Tue, Jan 15, 2013 at 10:06 AM, Chen Xu  wrote:

> I am using my existing mysql db. I found out that if I have an enum and
> try to insert a value not present in the enum this error will occur.
>
> However, my problem occurs on a TimeField. I created this field using
> phpMyAdmin, it is a timestamp, and default is current time. Therefore, I
> did the following in my Django model:
>
> message_create_time = models.TimeField(auto_now_add=True)
>
> When I create an object, and save, it gives me:
>
> Traceback (most recent call last):
>   File "", line 1, in 
>   File "/Library/Python/2.7/site-packages/django/db/models/base.py", line
> 463, in save
> self.save_base(using=using, force_insert=force_insert,
> force_update=force_update)
>   File "/Library/Python/2.7/site-packages/django/db/models/base.py", line
> 551, in save_base
> result = manager._insert([self], fields=fields, return_id=update_pk,
> using=using, raw=raw)
>   File "/Library/Python/2.7/site-packages/django/db/models/manager.py",
> line 203, in _insert
> return insert_query(self.model, objs, fields, **kwargs)
>   File "/Library/Python/2.7/site-packages/django/db/models/query.py", line
> 1593, in insert_query
> return query.get_compiler(using=using).execute_sql(return_id)
>   File
> "/Library/Python/2.7/site-packages/django/db/models/sql/compiler.py", line
> 912, in execute_sql
> cursor.execute(sql, params)
>   File "/Library/Python/2.7/site-packages/django/db/backends/util.py",
> line 40, in execute
> return self.cursor.execute(sql, params)
>   File
> "/Library/Python/2.7/site-packages/django/db/backends/mysql/base.py", line
> 114, in execute
> return self.cursor.execute(query, args)
>   File
> "/Library/Python/2.7/site-packages/MySQL_python-1.2.4-py2.7-macosx-10.8-intel.egg/MySQLdb/cursors.py",
> line 203, in execute
> if not self._defer_warnings: self._warning_check()
>   File
> "/Library/Python/2.7/site-packages/MySQL_python-1.2.4-py2.7-macosx-10.8-intel.egg/MySQLdb/cursors.py",
> line 117, in _warning_check
> warn(w[-1], self.Warning, 3)
> Warning: Data truncated for column 'message_create_time' at row 1
>
>
> However if I change it to :
> message_create_time = models.DateTimeField()
>
>
> It works perfectly.
>
> Any ideas?
>
> Thanks in advance
>
>
>
>
> On Tue, Jan 15, 2013 at 7:32 AM, Bill Freeman  wrote:
>
>> Does the field in question have "max_length" specified (assuming that it
>> is a character field or a sub class)?  Does introspecting the database with
>> the database's tools indicate that the corresponding field has that size?
>> Was the database created using Django's syncdb, or are you attempting to
>> use an existing database.  Which database engine are you using (e,g.;
>> PostgreSQL, MySQL, etc. - different people will have insights into
>> different back ends)?  Is a stack trace printed - if so, provide it for
>> us?  At least, what is the exact text of the error message?
>>
>> Bill
>>
>> On Tue, Jan 15, 2013 at 1:19 AM, Chen Xu  wrote:
>>
>>> Hi Everyone,
>>> I am new to Django, I am currently converting my site from php to
>>> Django. I have already have my database (all the tables) setup when I wrote
>>> in php; now when I convert to Django, I am basically matching each column
>>> with the existing column. After I finished doing this, I try to create an
>>> object, and doing a .save()  gives me Warning: Data truncated for
>>> column ''. However, I checked, the length of my string did not
>>> excess the limit.
>>>
>>> Could anyone help?
>>>
>>>
>>> Thanks
>>>
>>>
>>>
>>>
>>> --
>>> ⚡ Chen Xu ⚡
>>>
>>> --
>>> You received this message because you are subscribed to the Google
>>> Groups "Django users" group.
>>> To post to this group, send email to django-users@googlegroups.com.
>>> To unsubscribe from this group, send email to
>>> django-users+unsubscr...@googlegroups.com.
>>> For more options, visit this group at
>>> http://groups.google.com/group/django-users?hl=en.
>>>
>>
>>  --
>> You received this message because you are subscribed to the Google Groups
>> "Django users" group.
>> To post to this group, send email to django-users@googlegroups.com.
>> To unsubscribe from this group, send email to
>> 

CRM like / email thread functionality for Users

[Alexander Todorov]

Hi folks,
I'm looking for an application/module to achieve the following 
functionality:

1) Be able to send email (via send_email) to a specific User of my site
2) Record what was sent and when
3) Be able to capture incoming replies and record them
4) Route the incoming reply to an admin. 

Ideally 2/3 can be tracked via some custom email header and sent to/from a 
general address and all the communication can be via standard email tools. 

This functionality is present in many issue tracking and CRM systems. I 
need something light weight to integrate with the current Django install. I 
don't want to setup a full-blown CRM solution for this. Can you point me to 
any packages/projects? 


Thanks,
Alex

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/django-users/-/ARJ2VWvN2LgJ.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: Model object save gives Warning: Data truncated for column

[Chen Xu]

I am using my existing mysql db. I found out that if I have an enum and try
to insert a value not present in the enum this error will occur.

However, my problem occurs on a TimeField. I created this field using
phpMyAdmin, it is a timestamp, and default is current time. Therefore, I
did the following in my Django model:

message_create_time = models.TimeField(auto_now_add=True)

When I create an object, and save, it gives me:

Traceback (most recent call last):
  File "", line 1, in 
  File "/Library/Python/2.7/site-packages/django/db/models/base.py", line
463, in save
self.save_base(using=using, force_insert=force_insert,
force_update=force_update)
  File "/Library/Python/2.7/site-packages/django/db/models/base.py", line
551, in save_base
result = manager._insert([self], fields=fields, return_id=update_pk,
using=using, raw=raw)
  File "/Library/Python/2.7/site-packages/django/db/models/manager.py",
line 203, in _insert
return insert_query(self.model, objs, fields, **kwargs)
  File "/Library/Python/2.7/site-packages/django/db/models/query.py", line
1593, in insert_query
return query.get_compiler(using=using).execute_sql(return_id)
  File
"/Library/Python/2.7/site-packages/django/db/models/sql/compiler.py", line
912, in execute_sql
cursor.execute(sql, params)
  File "/Library/Python/2.7/site-packages/django/db/backends/util.py", line
40, in execute
return self.cursor.execute(sql, params)
  File
"/Library/Python/2.7/site-packages/django/db/backends/mysql/base.py", line
114, in execute
return self.cursor.execute(query, args)
  File
"/Library/Python/2.7/site-packages/MySQL_python-1.2.4-py2.7-macosx-10.8-intel.egg/MySQLdb/cursors.py",
line 203, in execute
if not self._defer_warnings: self._warning_check()
  File
"/Library/Python/2.7/site-packages/MySQL_python-1.2.4-py2.7-macosx-10.8-intel.egg/MySQLdb/cursors.py",
line 117, in _warning_check
warn(w[-1], self.Warning, 3)
Warning: Data truncated for column 'message_create_time' at row 1


However if I change it to :
message_create_time = models.DateTimeField()


It works perfectly.

Any ideas?

Thanks in advance




On Tue, Jan 15, 2013 at 7:32 AM, Bill Freeman  wrote:

> Does the field in question have "max_length" specified (assuming that it
> is a character field or a sub class)?  Does introspecting the database with
> the database's tools indicate that the corresponding field has that size?
> Was the database created using Django's syncdb, or are you attempting to
> use an existing database.  Which database engine are you using (e,g.;
> PostgreSQL, MySQL, etc. - different people will have insights into
> different back ends)?  Is a stack trace printed - if so, provide it for
> us?  At least, what is the exact text of the error message?
>
> Bill
>
> On Tue, Jan 15, 2013 at 1:19 AM, Chen Xu  wrote:
>
>> Hi Everyone,
>> I am new to Django, I am currently converting my site from php to Django.
>> I have already have my database (all the tables) setup when I wrote in php;
>> now when I convert to Django, I am basically matching each column with the
>> existing column. After I finished doing this, I try to create an object,
>> and doing a .save()  gives me Warning: Data truncated for column
>> ''. However, I checked, the length of my string did not excess
>> the limit.
>>
>> Could anyone help?
>>
>>
>> Thanks
>>
>>
>>
>>
>> --
>> ⚡ Chen Xu ⚡
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Django users" group.
>> To post to this group, send email to django-users@googlegroups.com.
>> To unsubscribe from this group, send email to
>> django-users+unsubscr...@googlegroups.com.
>> For more options, visit this group at
>> http://groups.google.com/group/django-users?hl=en.
>>
>
>  --
> You received this message because you are subscribed to the Google Groups
> "Django users" group.
> To post to this group, send email to django-users@googlegroups.com.
> To unsubscribe from this group, send email to
> django-users+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/django-users?hl=en.
>



-- 
⚡ Chen Xu ⚡

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: Correct way to specifiy database-level column defaults

[john . woltman]

I have read the Django docs on adding custom SQL commands to an app's sql 
subfolder, so that is what I'm going to do.  I'm not yet using South, but I 
will review it if I start.  I agree item #2 seems the hardest problem.

On testing, I have found that the Django test runner executes my custom SQL 
when it creates/syncs the test database, so I'm all good there.  It's too 
bad that the custom SQL is necessary.  On the other hand, it also lets me 
set up CHECK constraints.  I wish that this project: 
http://code.google.com/p/django-check-constraints/ had made it into 
Django.  Here's an example of my custom SQL:

>From file job_sites/sql/site.postgis.sql:
-- Defaults
ALTER TABLE sites ALTER COLUMN date_entered SET DEFAULT now();
-- Constraints
ALTER TABLE sites ADD CONSTRAINT sites_site_name_minlen CHECK 
(char_length(site_name) > 0);


On Friday, January 11, 2013 7:01:40 AM UTC-5, akaariai wrote:
>
> On 10 tammi, 16:04, john.wolt...@tpiengineering.com wrote: 
> > What is the best way to specify a database level default value with 
> > Django?  If I want a timestamp column to default to the SQL function 
> now(), 
> > is there an accepted way to make it happen?  Or to default a boolean 
> column 
> > to True?  I notice that when I call *manage.py sqlall* I don't see any * 
> > DEFAULT* values specified in the generated queries for Postgres. 
>
> Support for this would be an useful addition. Personally I have need 
> for at least now() and txid_current(), but preferably we want any 
> default clause (maybe even any per column SQL, so that you could do 
> CHECK too). 
>
> There are three problems for this feature: 
>   1. How to get the SQL into the CREATE TABLE clauses? 
>   2. How to return the values back after insert? 
>   3. If the way for no.1 is hand edited SQL, how to support this in 
> testing? 
>
> Above, no.2 seems the hardest problem. Some databases support 
> RETURNING, but not all. 
>
> Currently, you can do DB defaults by hand editing the sqlall output + 
> using post_save signal() and fetch the DB generated values into the 
> saved instance in the signal. But, you will need some way to solve no. 
> 3 in this case. South might be a good option here. Personally I use a 
> custom testing system where I load the database schema from production 
> (with some data, too), apply migrations (that is, load custom SQL) and 
> then run tests. 
>
>  - Anssi 
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/django-users/-/jytjZezBHsUJ.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: Insane sql logging

[Addy Yeow]

Why not do this at database level?
e.g. using http://dev.mysql.com/doc/refman/5.1/en/query-log.html

On Tue, Jan 15, 2013 at 9:35 PM, Matteo Suppo  wrote:
> Sometimes people ask for strange features, like "I want to log every
> database query except select".
>
> There will be drawbacks, of course: it will be slower, for example, but they
> won't care.
>
> It happened to us, and we had to ship this insanity:
>
> import logging
> from logging.handlers import RotatingFileHandler
> from django.db.backends import BaseDatabaseWrapper
> from django.db.models.signals import pre_save, post_save, pre_delete,
> post_delete
> from django.dispatch import receiver
>
> from datetime import datetime
>
> from django.conf import settings
>
> def patch_cursor(self):
> """ Monkey Patch BaseDatabaseWrapper to always use the debug cursor """
> self.validate_thread_sharing()
>
> return self.make_debug_cursor(self._cursor())
> BaseDatabaseWrapper.cursor = patch_cursor
>
> @receiver(pre_delete)
> @receiver(pre_save)
> def member_pre_save(sender, **kwargs):
> l = logging.getLogger('django.db.backends')
> l.setLevel(logging.DEBUG)
> if len(l.handlers) <= 0:
> handler = RotatingFileHandler(settings.BACKUP_FILENAME,
>   maxBytes=settings.BACKUP_MAXBYTES)
> l.addHandler(handler)
> l.debug(datetime.now())
>
> @receiver(post_delete)
> @receiver(post_save)
> def member_post_save(sender, **kwargs):
> l = logging.getLogger('django.db.backends')
> l.removeHandler(l.handlers[0])
>
> Of course now they told us they want to log the IP of the machine who
> triggered the query, so we'll have to use a different approach. Sigh.
>
> --
> You received this message because you are subscribed to the Google Groups
> "Django users" group.
> To view this discussion on the web visit
> https://groups.google.com/d/msg/django-users/-/voMGlGJ3UqgJ.
> To post to this group, send email to django-users@googlegroups.com.
> To unsubscribe from this group, send email to
> django-users+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/django-users?hl=en.

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: "Principle of least privilege" in accessing a DB from an app

[Javier Guerra Giraldez]

On Tue, Jan 15, 2013 at 5:27 AM, Isaac Perez
 wrote:
> In a few words what I want to protect from is that an sql query could be
> passed in the main input text box and it could access other users passwords
> or information.

this simply doesn't happen with modern client libraries, as long as
you don't use user-provided text to build the SQL queries.  SQL
parameters are separated from the SQL command and can't change the
command structure.

> Also don't feel comfortable with the app having root access to all the DB if
> it doesn't need it for it's main function, just in case.

that's reasonable, root access isn't needed.  but you do need SELECT,
UPDATE, INSERT and DELETE

if by 'all the DB' you want to further split between what's accessible
to each user, you can use model managers to enforce some conditions to
all querysets, making it very hard for an innocent bug to affect more
than a single user.

don't forget that there's two very different things understood as
'safety': protection against bugs and against malicious attack.
strategies and mitigation are different for each one.  failing to see
the difference leads to overcomplicated schemes that raise the
probability of nasty bugs


--
Javier

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Insane sql logging

[Matteo Suppo]

Sometimes people ask for strange features, like "I want to log every 
database query except select".

There will be drawbacks, of course: it will be slower, for example, but 
they won't care.

It happened to us, and we had to ship this insanity:

import logging
from logging.handlers import RotatingFileHandler
from django.db.backends import BaseDatabaseWrapper
from django.db.models.signals import pre_save, post_save, pre_delete, 
post_delete
from django.dispatch import receiver

from datetime import datetime

from django.conf import settings

def patch_cursor(self):
""" Monkey Patch BaseDatabaseWrapper to always use the debug cursor """
self.validate_thread_sharing()

return self.make_debug_cursor(self._cursor())
BaseDatabaseWrapper.cursor = patch_cursor

@receiver(pre_delete)
@receiver(pre_save)
def member_pre_save(sender, **kwargs):
l = logging.getLogger('django.db.backends')
l.setLevel(logging.DEBUG)
if len(l.handlers) <= 0:
handler = RotatingFileHandler(settings.BACKUP_FILENAME,
  maxBytes=settings.BACKUP_MAXBYTES)
l.addHandler(handler)
l.debug(datetime.now())

@receiver(post_delete)
@receiver(post_save)
def member_post_save(sender, **kwargs):
l = logging.getLogger('django.db.backends')
l.removeHandler(l.handlers[0])

Of course now they told us they want to log the IP of the machine who 
triggered the query, so we'll have to use a different approach. Sigh.

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/django-users/-/voMGlGJ3UqgJ.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

youtube video embedding

[joy]

hello,
my problem is bout embedding youtube's video in my application. I found 
some workarounds, the first, works for a normal iframe, and uses the url.py 
to redirect the src tag to 
youtube:

http://stackoverflow.com/questions/11837169/django-converting-youtube-url-to-html-embed-code

And the second is a manner to use iframe throu an ajax call:



//Load player api asynchronously.
var tag = document.createElement('script');
tag.src = "//www.youtube.com/iframe_api";
var firstScriptTag = document.getElementsByTagName('script')[0];
firstScriptTag.parentNode.insertBefore(tag, firstScriptTag);
var done = false;
var player;
function onYouTubeIframeAPIReady() {
player = new YT.Player('player', {
  height: '150',
  width: '275',
  videoId: 'UzUO8TYsVRI',
  events: {
'onReady': onPlayerReady,
'onStateChange': onPlayerStateChange
  }
});
}
function onPlayerReady(evt) {
evt.target.playVideo();
}
function onPlayerStateChange(evt) {
if (evt.data == YT.PlayerState.PLAYING && !done) {
setTimeout(stopVideo, 6000);
done = true;
}
}
function stopVideo() {
player.stopVideo();
}


Well the second works without changing template tags and regular expression 
but it crushes without giving any clear error message.

Can anyone help about this?
Why does it crash?
Is there any easier workaround to face the problem?
Agnese

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/django-users/-/T_yGPd8pegMJ.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

cursor.execute with multiple parameters might be broken

[Andy Woods]

Hi there,
I'm having trouble with cusor.execute with multiple parameters.  This works 
fine:
cursor.execute("SELECT '%s' FROM '%s'" % (column,expt_id))

However, it is not advised, according to the documentation.  For one 
parameter, this works:
cursor.execute("""SELECT %s FROM '99'""", ["test"])

I just cannot get multiple parameters to work, e.g.:
cursor.execute("""SELECT %s FROM %s""", ["test","99"])

I've tried everything I can think of here!  Been at it for hours.  Would 
much appreciate your insight.  
Thanks, Andy.

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/django-users/-/GubEZvQ-0toJ.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: django: creating tag groups

[Amirouche Boubekki]

> Why are you creating two groups of tags ? Why not use a specific widgets
>> like a tree widget ?
>>
>
> Great idea! Think, I'll give this a try.
>

It's not the same UX though...


>
> Are you sure you use the good parameter to pass the queryset to the
>> underlying Field
>>
>
> It's just an example with the same queryset for both fields.
>

The example in the code is not working, «My» class is not referenced
anywhere. I'm not familiar with multi-widgets but if a tree widgets is not
what you want or don't get it work, I think it's the right approach.

Amirouche, thank you for your answer, I really appreciate your help.
>

;)

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: Model object save gives Warning: Data truncated for column

[Bill Freeman]

Does the field in question have "max_length" specified (assuming that it is
a character field or a sub class)?  Does introspecting the database with
the database's tools indicate that the corresponding field has that size?
Was the database created using Django's syncdb, or are you attempting to
use an existing database.  Which database engine are you using (e,g.;
PostgreSQL, MySQL, etc. - different people will have insights into
different back ends)?  Is a stack trace printed - if so, provide it for
us?  At least, what is the exact text of the error message?

Bill

On Tue, Jan 15, 2013 at 1:19 AM, Chen Xu  wrote:

> Hi Everyone,
> I am new to Django, I am currently converting my site from php to Django.
> I have already have my database (all the tables) setup when I wrote in php;
> now when I convert to Django, I am basically matching each column with the
> existing column. After I finished doing this, I try to create an object,
> and doing a .save()  gives me Warning: Data truncated for column
> ''. However, I checked, the length of my string did not excess
> the limit.
>
> Could anyone help?
>
>
> Thanks
>
>
>
>
> --
> ⚡ Chen Xu ⚡
>
> --
> You received this message because you are subscribed to the Google Groups
> "Django users" group.
> To post to this group, send email to django-users@googlegroups.com.
> To unsubscribe from this group, send email to
> django-users+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/django-users?hl=en.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: Anyway to use innovaeditor in admin?

[frocco]

Thanks,

I ended up using ckeditor. 
I would have perferred using the one I just purchased.
The vendor has no experience with django.

Mostly .net and PHP
 

On Monday, January 14, 2013 9:39:36 AM UTC-5, frocco wrote:
>
>  src='scripts/innovaeditor.js'>
>
> Initialize the Editor below any ** you’d like to replace.
>
> 
> 
> var oEdit1 = new InnovaEditor("oEdit1");
> oEdit1.width = 750;
> oEdit1.height = 530;
> oEdit1.groups = [
> ["group1", "", ["Bold", "Italic", "Underline", "FontDialog", 
> "ForeColor", "TextDialog", "RemoveFormat"]],
> ["group2", "", ["Bullets", "Numbering", "JustifyLeft", 
> "JustifyCenter", "JustifyRight"]],
> ["group3", "", ["LinkDialog", "ImageDialog", "YoutubeDialog", 
> "TableDialog", "Emoticons"]],
> ["group4", "", ["Undo", "Redo", "FullScreen", "SourceDialog"]]
> ];
> oEdit1.css = "styles/default.css";
> oEdit1.REPLACE("txtContent");
> 
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/django-users/-/gwMzi6bGXqUJ.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: Project Structure - Lots of scattered custom views

[Sanjay Bhangar]

On Mon, Jan 14, 2013 at 8:16 PM, chad petzoldt  wrote:
>> It had occurred to me that Django wasn't the right tool for this job -
>> not everything is a nail :)
>
>
> I am embedding these files within a template, so they are not direct static
> serves. But the content must be inserted within the template "as-is" from
> the filesystem.
>

here is a view i have from a project (simplified):

def viewPage(request, page):
filename = page + ".html"
html_file = join(HTML_PATH, filename)
try:
txt = open(html_file).read()
except:
return HttpResponse("page not found")
context = RequestContext(request, {'html': txt})
return render_to_response("page.html", context)

And the corresponding url.py:
(r'(?P.*)', 'foo.views.viewPage'),

And then page.html is something like:



  {{ html }}


My use case was different tho, but just to highlight that its fairly
straightforward to read the contents of some file on disk and stick it
into a django template ..
In your case, each "page" is going to need its own corresponding set
of css / js, so I imagine this would be a bit more work .. but I'm
still fairly certain you can come up with a scheme that allows you to
have your html and css / js on the file-system and then use python
code to put it together into a master template / integrate with other
app logic you have ..

It does seem like a bit of a hack, but hey, moulding InDesign exports
into actual webpages is always going to be, a bit ;-)

> I suck at Javascript.
>

ok, this shouldn't affect this problem / use-case.

> Perhaps still, Django is not proper for the job, but I do know that I need
> some server-side logic, and I want to do it in Python. Any recommendations
> on another framework?
> There are aspects of Django that are growing on me, this one paradigm is
> where I am struggling, and I would not like to abandon just yet.
>

What is the paradigm, exactly ... ? Do you have an idea of how you
would have implemented the same thing using php or anything else? It
may give a better idea of your use case / what you're thinking.

> To recap one of my original statements; I do believe what I am really
> looking for is a content management system, I just don't feel ready to
> commit (maybe I need to get over that). I want a content management system
> that focuses more on the "client experience" in the browser. It needs to be
> picky about layouts, and aware of embedded media. Any suggestions for
> starters?
>

Welll .. the most important question here is: does the client /
non-tech people need to be able to edit content themselves? Or will
you / someone "techie" always be handling the editing of the html? If
people do need to edit themselves, then you generally do need to
structure things a little - an all-singing-all-dancing WYSIWYG editor
for end-users, is I'm afraid, still a bit of a pipe dream (someone
please correct me if things have changed :)) .. going down the path of
trying to build a system that's going to accommodate for radically
different designs that you have no way of pre-empting, is generally a
recipe for disaster .. I think you've got the right idea of trying to
get the system to adapt to your work-flow rather than the other way
around .. and if it is only you editing the HTML files, build
something that helps you manage that, rather than a "content
management system", although, er, anything that you use to manage
content is a content management system :)

The other option, of course, is to tell the client that they need to
stick to a consistent format, and then just put stuff into different
fields in the database and render it in a template like normal :)

hope my response didn't add to the confusion, and hope you find a
solution that works for you.
happy hacking!
-Sanjay

> NOTE: My site layouts are not "liquid" at all. They are very absolute; from
> dimensions to positioning. Its not just about getting all the content on the
> page in a certain order.
>
>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Django users" group.
> To view this discussion on the web visit
> https://groups.google.com/d/msg/django-users/-/hLQsR_8-pOYJ.
>
> To post to this group, send email to django-users@googlegroups.com.
> To unsubscribe from this group, send email to
> django-users+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/django-users?hl=en.

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: "Principle of least privilege" in accessing a DB from an app

[Isaac Perez]

Hi John,

I think you are going one step further of what I intended to protect from.
That makes me think about what you are saying but I think it's going to be
too complicated, I'll have to see the risk of that happening.

In a few words what I want to protect from is that an sql query could be
passed in the main input text box and it could access other users passwords
or information.
Also don't feel comfortable with the app having root access to all the DB
if it doesn't need it for it's main function, just in case.
It may be unlikely that this happens and we are implementing other input
controls, etc...
But I thought it would have been easy enough to just have different
connections and use each one for a different function inside the app.
If routing does that, I think it's enough.

If the whole app gets compromised, we are in trouble :-)

Thanks for your reply
Isaac


2013/1/14 John 

>  Hi Isaac,
>
> I've thought about this but never implemented it...
>
> I don't think DB routers will really do what you want; you are making the
> assumption that your Django project is compromised and you need separation
> at the DB level, which means that every route is also compromised as all
> the access credentials need to be available to your Django project.
>
> As far as I can see, the only way to do this and to avoid the potential
> for code vulnerabilities, privilege escalation, etc, is to split the whole
> project into separate sub-projects (matching separate use cases), each with
> its own DB access credentials with matching (minimum) database privileges,
> but all sharing the same database. You then separate the sub-projects
> according to your risk appetite:
>
>- Separate URL spaces within the same FQDN that are handed off by
>different web handlers to different django sub-projects on the same server.
>- Separate FQDNs within the same web server, each with its own virtual
>host and web handler.
>- Separate FQDNs on separate VMs on the same physical host, with the
>DB on a different VM. Implement IP tables and/or virtual firewall to limit
>DB access to the web VMs.
>- Separate FQDNs on separate physical hosts in the same datacentre...
>- Separate hosts in different datacentres with DB replication (over
>VPN?), allowing only the replication of a 'write' database to write into a
>corresponding 'read' database. This is not quite 'sharing the same
>database' as above, but the replication cluster can be treated as a single
>database.
> - etc.
>
> Once you have separated the apps in this way, you can apply whatever
> additional layers (eg IP address filtering for VPN-only access, SSL client
> cert authentication) to mitigate against attacks to the more sensitive
> aspects. Note: if you don't protect the more sensitive parts by other
> means, then there is little point in separating the project in the first
> place, unless you think that 'security by obscurity' is a valid defence
> mechanism.
>
> I cannot think of another way to deal with the threat that I think you are
> trying to mitigate, but it would be interesting to see if anyone has any
> other ideas.
>
> John
>
>
> On 14/01/13 14:41, Isaac Perez wrote:
>
> Hi Tom,
>
>  my main goal is to avoid that the access to the users table by anything
> else other than the authentication module.
> I understand that writing the app correctly and filtering the input,
> etc... will do the same, but it's just another layer of security.
>
>  I'll take a look to the DB routers and how this can be implemented.
>
>  Thanks for your reply.
>
> Cheers,
> Isaac
>
> 2013/1/14 Tom Evans 
>
>> On Sun, Jan 13, 2013 at 5:05 PM, Isaac Perez
>>  wrote:
>> > Hi guys,
>> >
>> > I'm creating a new app and I'd like to know how would be the best way to
>> > implement the principle of least privilege.
>> > At the moment the DB has 5 users:
>> >
>> > 1 is the root user for the DB (which I don't want it to be used by the
>> > webapp)
>> > 1 has read access to the data fields
>> > 1 has write access to the data fields
>> > 1 has read access to the users table
>> > 1  has write access to the users table
>> >
>> > What I intend to achieve is that if in any occasion we've got a sql
>> > injection for whatever the reason, the access to the DB from the app
>> form
>> > will be as limited as possible.
>> >
>> > If using python directly I would create a DB connection for each
>> > functionality so they use the right DB user and have the right
>> permissions.
>> >
>> > In Django, though, as you have to configure the default DB access in the
>> > settings and it has to sync, etc... I'm not sure what will be the best
>> way
>> > to implement that splitting of privileges.
>> >
>> > I've configured the 5 connections in the settings but not sure how to
>> best
>> > use them for the different functions of authenticate, read and write
>> from
>> > the DB.
>> >
>> > Any 

Re: django: creating tag groups

[Sammael]

вторник, 15 января 2013 г., 5:56:51 UTC+4 пользователь Amirouche написал:

> Why are you creating two groups of tags ? Why not use a specific widgets 
> like a tree widget ?
>

Great idea! Think, I'll give this a try. 


I think that it would be useful. maybe try widgets 
attrs
>

This:
 class AlbumAdminForm(forms.ModelForm):
   class Meta:
  model = Album
  widgets = {
 'tags_2': FilteredSelectMultiple('tags', False, attrs={'name': 
'tags', 'id':'id_tags'}),
  }
   tags = 
forms.ModelMultipleChoiceField(queryset=Tag.objects.filter(public = True), 
required=False, widget=FilteredSelectMultiple('tags', False ))
   tags_2 = 
forms.ModelMultipleChoiceField(queryset=Tag.objects.filter(public = False), 
required=False, widget=FilteredSelectMultiple('tags', False ))

didn't help at all.

This:
class AlbumAdminForm(forms.ModelForm):
   class Meta:
  model = Album
   tags = 
forms.ModelMultipleChoiceField(queryset=Tag.objects.filter(public = True), 
required=False, widget=FilteredSelectMultiple('tags', False ))
   tags_2 = 
forms.ModelMultipleChoiceField(queryset=Tag.objects.filter(public = False), 
required=False, widget=FilteredSelectMultiple('tags', False, attrs={'name': 
'tags', 'id':'id_tags'}))
changes the 'id' attribute but not the 'name'.

Are you sure you use the good parameter to pass the queryset to the 
> underlying Field
>

It's just an example with the same queryset for both fields. 

An hack that could probably work is the create a copy the tags field into a 
> tags_2 field in class model definition but it's kind of ugly ;)
>

Indeed, it is. Additionally, I don't know beforehand how many tag groups 
there would be.


Amirouche, thank you for your answer, I really appreciate your help.

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/django-users/-/fGKhtJ_vcNgJ.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.