Re: How to validate xl data

2022-02-14 Thread Sebastian Jung 
Hello,

Validation is very easy in django. Here a tutorial

http://www.learningaboutelectronics.com/Articles/How-to-create-a-custom-field-validator-in-Django.php

Sujata Aghor  schrieb am Di., 15. Feb. 2022, 06:24:

> Hi Prashant,
> If you are talking about server side validations, then you can do that for
> each row/ cell values before inserting data into db.
>
> Regards!
>
> On Mon, Feb 14, 2022 at 12:05 PM Prashanth Patelc <
> prashanthpat...@gmail.com> wrote:
>
>> i am working on xl sheets , when im uploading the xl sheet it is storing
>> into the models but i need before storing into the models validate the data
>>
>> eg:
>> username : ,must be str not int
>> reference id : ,must be int not str
>> email : ,contains @gmail.com , not strt not int
>>
>> i need to validate like above
>>
>>
>> *this is code my code *
>> *working but i need validations*
>>
>>
>> class UploadPersonView(APIView): permission_classes = [IsAuthenticated,
>> IsAdminPermission | IsSuperAdminPermission]
>> serializer_class = PersonUploadSerializer
>> def post(self, request, *args, **kwargs):
>> serializer = self.serializer_class(data=request.data)
>> serializer.is_valid(raise_exception=True)
>> dataset = Dataset()
>> file = serializer.validated_data['file']
>> imported_data = dataset.load(file.read(), format='xlsx')
>> '''uploading xl file with particular data what user mentioned in xl we
>> are looping the xl data
>> and appending into the database with same fields''' # validate data here
>> before upload
>> for data in imported_data:
>> person_data = UserProfile(username=d,
>> fullname=data[1],
>> mobile=d2,
>> email=data[3],
>> password=make_password(data[4]),
>> date_joined=data[5],
>> is_verified=data[6],
>> is_active=data[7],
>> is_admin=data[8],
>> is_manager=data[9],
>> is_tl=data[10],
>> is_agent=data[11],
>> orginization=data[12],
>> dob=data[13],
>> gender=data[14],
>> team_name_id=data[15],
>> role=data[16]
>> )
>> person_data.save()
>> return Response({'sucessfully uploaded your file'}, status=status.
>> HTTP_200_OK)
>> except:
>> return Response({'message': 'aaa'}, status=status.HTTP_404_NOT_FOUND)
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Django users" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to django-users+unsubscr...@googlegroups.com.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/django-users/CAMCU6CrvCJzSCNjGTQ%2BgWjZ9ZURC%3Dk3H304WZ6vdQ5w812sisA%40mail.gmail.com
>> 
>> .
>>
>
>
> --
>
> Thanks & Regards!
> Sujata S. Aghor
>
> --
> You received this message because you are subscribed to the Google Groups
> "Django users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to django-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/django-users/CAJCP8KC%3DkNehcD9ixe6VjxFVSvxe9rrFTMm3A941%2Btv9Ppe%3Dgg%40mail.gmail.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-users/CAKGT9mw3jvVivmd4GFEg7BU9_Grxg24ACdQYEUbdQwUSPHzCRg%40mail.gmail.com.

Re: collectstatic files chown'ed by root

2022-02-14 Thread Antonis Christofides 
Everything works fine except for the collectstatic command (in entrypoint.sh), 
which creates the "staticfiles" directory but it's owned by root.
This is not possible. If "manage.py" is running as a non-root user, it wouldn't 
be possible for it to create a directory owned by root. Something else is going 
on. Could you share your entrypoint.sh script?


Antonis Christofides
+30-6979924665 (mobile)


On 14/02/2022 13.14, 'Tim' via Django users wrote:

Hi all,
I'm deploying Django 4 via docker-compose. For security reasons, the 
Dockerfile creates a non-root user before running the entrypoint.sh script 
(which does migrations, collectstatic and starts the server with gunicorn). 
All app files are "chown"ed by this non-root user.


Everything works fine except for the collectstatic command (in entrypoint.sh), 
which creates the "staticfiles" directory but it's owned by root. This leads 
to permission denied errors when the collectstatic command tries to delete a 
static file.


My question: Why does collectstatic assign the folder to "root" despite the 
non-root user calling the collectstatic command? How to prevent this?


I tried doing the collectstatic command before switching to the non-root user 
(in the Dockerfile) which works. But it stops working when I put the Django 
SECRET_KEY in a .env file (as we should in production) since this env var is 
not available during docker build time.


Now I could find a hackier way by making the secret key available during build 
time or switching back to a root user in entrypoint.sh, but all of this is a 
bad workaround in my opinion.


I'm sure everyone deploying Django with docker and being mindful of security 
has come across this - Any hints about why collectstatic is owned by root? Is 
this a bug?


Should I add additional details?

Thanks for any tips!
Tim
--
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an 
email to django-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-users/c3381f62-4bf1-4142-b27f-189ef45a75fan%40googlegroups.com 
.


--
You received this message because you are subscribed to the Google Groups "Django 
users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-users/f6b72435-84e4-ffc7-a1c4-ac9f4b7ced96%40antonischristofides.com.

Re: How to validate xl data

2022-02-14 Thread Sujata Aghor 
Hi Prashant,
If you are talking about server side validations, then you can do that for
each row/ cell values before inserting data into db.

Regards!

On Mon, Feb 14, 2022 at 12:05 PM Prashanth Patelc 
wrote:

> i am working on xl sheets , when im uploading the xl sheet it is storing
> into the models but i need before storing into the models validate the data
>
> eg:
> username : ,must be str not int
> reference id : ,must be int not str
> email : ,contains @gmail.com , not strt not int
>
> i need to validate like above
>
>
> *this is code my code *
> *working but i need validations*
>
>
> class UploadPersonView(APIView): permission_classes = [IsAuthenticated,
> IsAdminPermission | IsSuperAdminPermission]
> serializer_class = PersonUploadSerializer
> def post(self, request, *args, **kwargs):
> serializer = self.serializer_class(data=request.data)
> serializer.is_valid(raise_exception=True)
> dataset = Dataset()
> file = serializer.validated_data['file']
> imported_data = dataset.load(file.read(), format='xlsx')
> '''uploading xl file with particular data what user mentioned in xl we are
> looping the xl data
> and appending into the database with same fields''' # validate data here
> before upload
> for data in imported_data:
> person_data = UserProfile(username=d,
> fullname=data[1],
> mobile=d2,
> email=data[3],
> password=make_password(data[4]),
> date_joined=data[5],
> is_verified=data[6],
> is_active=data[7],
> is_admin=data[8],
> is_manager=data[9],
> is_tl=data[10],
> is_agent=data[11],
> orginization=data[12],
> dob=data[13],
> gender=data[14],
> team_name_id=data[15],
> role=data[16]
> )
> person_data.save()
> return Response({'sucessfully uploaded your file'}, status=status.
> HTTP_200_OK)
> except:
> return Response({'message': 'aaa'}, status=status.HTTP_404_NOT_FOUND)
>
> --
> You received this message because you are subscribed to the Google Groups
> "Django users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to django-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/django-users/CAMCU6CrvCJzSCNjGTQ%2BgWjZ9ZURC%3Dk3H304WZ6vdQ5w812sisA%40mail.gmail.com
> 
> .
>


-- 

Thanks & Regards!
Sujata S. Aghor

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-users/CAJCP8KC%3DkNehcD9ixe6VjxFVSvxe9rrFTMm3A941%2Btv9Ppe%3Dgg%40mail.gmail.com.

Re: collectstatic files chown'ed by root

2022-02-14 Thread Mike Dewhirst 

On 14/02/2022 10:14 pm, 'Tim' via Django users wrote:

Hi all,
I'm deploying Django 4 via docker-compose. For security reasons, the 
Dockerfile creates a non-root user before running the entrypoint.sh 
script (which does migrations, collectstatic and starts the server 
with gunicorn). All app files are "chown"ed by this non-root user.


I seem to remember from a long ago release note or other documentation 
that making dirs was changed to replicate what Linux does. Which is that 
parent dirs take the system defaults while the created dir takes 
ownership/mode from the user


You might need to create directories one at a time with the appropriate 
mode to suit your purposes.




Everything works fine except for the collectstatic command (in 
entrypoint.sh), which creates the "staticfiles" directory but it's 
owned by root. This leads to permission denied errors when the 
collectstatic command tries to delete a static file.


My question: Why does collectstatic assign the folder to "root" 
despite the non-root user calling the collectstatic command? How to 
prevent this?


I tried doing the collectstatic command before switching to the 
non-root user (in the Dockerfile) which works. But it stops working 
when I put the Django SECRET_KEY in a .env file (as we should in 
production) since this env var is not available during docker build time.


Now I could find a hackier way by making the secret key available 
during build time or switching back to a root user in entrypoint.sh, 
but all of this is a bad workaround in my opinion.


I'm sure everyone deploying Django with docker and being mindful of 
security has come across this - Any hints about why collectstatic is 
owned by root? Is this a bug?


Should I add additional details?

Thanks for any tips!
Tim
--
You received this message because you are subscribed to the Google 
Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send 
an email to django-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-users/c3381f62-4bf1-4142-b27f-189ef45a75fan%40googlegroups.com 
.



--
Signed email is an absolute defence against phishing. This email has
been signed with my private key. If you import my public key you can
automatically decrypt my signature and be sure it came from me. Just
ask and I'll send it to you. Your email software can handle signing.

--
You received this message because you are subscribed to the Google Groups "Django 
users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-users/0928fdf0-3fb8-12d8-b2f6-8ad6a3e99be7%40dewhirst.com.au.


OpenPGP_signature
Description: OpenPGP digital signature

Migrating from django-redis to Django 4 new redis back-end

2022-02-14 Thread Benedikt Vogler 
Hi!
I wanted to migrate from django-redis to the new built-in Redis caching 
back-end.

Previously I could access the existing connection with 
*django_redis.get_redis_connection* to get a redis-py client.
For example, explained here 
.

Is there something similar to obtain a redis-py object from the caching 
setting in Django?
*from django.core.cache import caches*
*caches["default"] *returns a RedisCache object.

Or is the solution to stick to django-redis?

Kind regards,
Benedikt Vogler

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-users/7e056cdd-48f9-44d2-9daf-562de1e215c5n%40googlegroups.com.

collectstatic files chown'ed by root

2022-02-14 Thread 'Tim' via Django users 
Hi all,
I'm deploying Django 4 via docker-compose. For security reasons, the 
Dockerfile creates a non-root user before running the entrypoint.sh script 
(which does migrations, collectstatic and starts the server with gunicorn). 
All app files are "chown"ed by this non-root user.

Everything works fine except for the collectstatic command (in 
entrypoint.sh), which creates the "staticfiles" directory but it's owned by 
root. This leads to permission denied errors when the collectstatic command 
tries to delete a static file.

My question: Why does collectstatic assign the folder to "root" despite the 
non-root user calling the collectstatic command? How to prevent this?

I tried doing the collectstatic command before switching to the non-root 
user (in the Dockerfile) which works. But it stops working when I put the 
Django SECRET_KEY in a .env file (as we should in production) since this 
env var is not available during docker build time.

Now I could find a hackier way by making the secret key available during 
build time or switching back to a root user in entrypoint.sh, but all of 
this is a bad workaround in my opinion.

I'm sure everyone deploying Django with docker and being mindful of 
security has come across this - Any hints about why collectstatic is owned 
by root? Is this a bug?

Should I add additional details?

Thanks for any tips!
Tim

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-users/c3381f62-4bf1-4142-b27f-189ef45a75fan%40googlegroups.com.

Re: Ajax call not working with X-editable

2022-02-14 Thread Sujata Aghor 
>
> You must send in all post and ajax post everytime CSRF Token. Please try
> it.
>
Yes ..Yes .. I am sending a csrf token.


> When you send it which response you get from django?

ajax call is not getting called only.
The same ajax call is working for other use cases, but not getting called
when using it this way for loading 'source' - x editable.


On Mon, Feb 14, 2022 at 1:31 PM Sebastian Jung 
wrote:

> Hello,
>
> You must send in all post and ajax post everytime CSRF Token. Please try
> it.
>
> When you send it which response you get from django?
>
> Regards
>
> Sujata Aghor  schrieb am Mo., 14. Feb. 2022,
> 07:03:
>
>> Hello Django lovers,
>>
>> I am trying to use inline edit using X-editable
>> 
>>
>> Here I am trying to fill 'source' value with an ajax call, which will
>> fill a dropdown on every click.
>> But it's not working. If anyone tried this earlier please let me know.
>> If I fill the source with static values it works.
>>
>> Also I am aware of the concept  that  Ajax stands for *asynchronous*.
>> That means sending the request (or rather receiving the response) is taken
>> out of the normal execution flow. So I even tried to code it slightly
>> differently (option2 below) which I am sharing with you. That also is not
>> working for me.
>>
>>
>>
>> For ref sharing my code :
>>
>> *HTML has something like this:*
>>
>>  
>>  > data-pk="1" data-value="" data-title="Select user" class="editable
>> editable-click" data-abc="true">{{obj.user.first_name}}
>> {{obj.user.last_name}} 
>> 
>> 
>>   
>>
>> *Java script part :*
>>
>> *Option1:*
>>
>> > rel="stylesheet" />
>> 
>>
>>

Re: Ajax call not working with X-editable

2022-02-14 Thread Sebastian Jung 
Hello,

You must send in all post and ajax post everytime CSRF Token. Please try it.

When you send it which response you get from django?

Regards

Sujata Aghor  schrieb am Mo., 14. Feb. 2022, 07:03:

> Hello Django lovers,
>
> I am trying to use inline edit using X-editable
> 
>
> Here I am trying to fill 'source' value with an ajax call, which will fill
> a dropdown on every click.
> But it's not working. If anyone tried this earlier please let me know.
> If I fill the source with static values it works.
>
> Also I am aware of the concept  that  Ajax stands for *asynchronous*.
> That means sending the request (or rather receiving the response) is taken
> out of the normal execution flow. So I even tried to code it slightly
> differently (option2 below) which I am sharing with you. That also is not
> working for me.
>
>
>
> For ref sharing my code :
>
> *HTML has something like this:*
>
>  
>   data-pk="1" data-value="" data-title="Select user" class="editable
> editable-click" data-abc="true">{{obj.user.first_name}}
> {{obj.user.last_name}} 
> 
> 
>   
>
> *Java script part :*
>
> *Option1:*
>
>  rel="stylesheet" />
> 
>
>