Re: define form in yaml file

2013-01-25 Thread Adrian Andreias 
Hi Leonardo,

I was talking about something I want to implement (or looking for a 3rd 
party implementation), not a standard Django feature.

Users would define forms in format they input, which in turn will be used 
to generate forms displayed in browser for other users.
If I allow users to input Python code they might input anything they like, 
for instance they might add in their Python code subprocess.Popen("rm -rf 
/*") :D.

This is an obvious security no-no, regardless of language or framework.

joi, 24 ianuarie 2013, 22:19:28 UTC+2, leonardo a scris:
>
> Hi,
>
> I'm new to Django and here.
>
> yaml file is commonly used in Rails framework.
> Django uses simple python file (settings.py).
>
> What security risk? Have you got any example ?
>
>
> 2013/1/24 Adrian Andreias >
>
>> Hello,
>>
>> I need a way to define a django form through a yaml file (or another text 
>> format).
>> Is there some code that already does this?
>> I'm trying to not reinvent the wheel.
>>
>> I can't use simple python classes, since this would user input and would 
>> be a security risk and I need a simpler and limited format.
>>
>> Thanks
>>
>> --
>> You received this message because you are subscribed to the Google Groups 
>> "Django users" group.
>> To view this discussion on the web visit 
>> https://groups.google.com/d/msg/django-users/-/bSxNCc8waMUJ.
>> To post to this group, send email to django...@googlegroups.com
>> .
>> To unsubscribe from this group, send email to 
>> django-users...@googlegroups.com .
>> For more options, visit this group at 
>> http://groups.google.com/group/django-users?hl=en.
>>
>>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.

Re: define form in yaml file

2013-01-25 Thread Adrian Andreias 
Hi,

Yes, this sounds interesting.
Push to github if your project allows this. :)

Thank you


vineri, 25 ianuarie 2013, 00:57:58 UTC+2, Chris Hinds a scris:
>
> Hey,
>
> I've got a project where models, forms and templates are all generated 
> from a single yaml file. It works well here as the forms are long, with a 
> fair amount of layout and plenty of formsets. 
>
> I'm doing a refactor at the moment which should yield some reusable bits. 
> I'd be very happy to share.
>
> In general terms for model/form construction, I transform the original 
> spec it to something that jsonpickle can deliver into type().
>
> Can talk more if this sounds at all interesting.
>
> Cheers
>
> Chris.
>
> On Thursday, January 24, 2013 8:02:53 PM UTC, Adrian Andreias wrote:
>>
>> Hello,
>>
>> I need a way to define a django form through a yaml file (or another text 
>> format).
>> Is there some code that already does this?
>> I'm trying to not reinvent the wheel.
>>
>> I can't use simple python classes, since this would user input and would 
>> be a security risk and I need a simpler and limited format.
>>
>> Thanks
>>
>>

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.

Re: define form in yaml file

2013-01-25 Thread Adrian Andreias 



vineri, 25 ianuarie 2013, 00:57:58 UTC+2, Chris Hinds a scris:
>
> Hey,
>
> I've got a project where models, forms and templates are all generated 
> from a single yaml file. It works well here as the forms are long, with a 
> fair amount of layout and plenty of formsets. 
>
> I'm doing a refactor at the moment which should yield some reusable bits. 
> I'd be very happy to share.
>
> In general terms for model/form construction, I transform the original 
> spec it to something that jsonpickle can deliver into type().
>
> Can talk more if this sounds at all interesting.
>
> Cheers
>
> Chris.
>
> On Thursday, January 24, 2013 8:02:53 PM UTC, Adrian Andreias wrote:
>>
>> Hello,
>>
>> I need a way to define a django form through a yaml file (or another text 
>> format).
>> Is there some code that already does this?
>> I'm trying to not reinvent the wheel.
>>
>> I can't use simple python classes, since this would user input and would 
>> be a security risk and I need a simpler and limited format.
>>
>> Thanks
>>
>>

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.

Re: define form in yaml file

2013-01-25 Thread Tom Christie 
Also, you might want to take a look at the Django Forms in an API 
world
 talk.
A large portion of that is about serializing form definitions into JSON, 
for use by both HTML and non-HTML clients. (eg mobile)
The project it talks about is 
here: https://github.com/WiserTogether/django-remote-forms
I don't think it does anything wrt. to the direction you need, of taking a 
serialized description and restoring a Form class from it, but it might 
give you some useful pointers all the same.

Cheers,

  Tom

On Thursday, 24 January 2013 20:02:53 UTC, Adrian Andreias wrote:
>
> Hello,
>
> I need a way to define a django form through a yaml file (or another text 
> format).
> Is there some code that already does this?
> I'm trying to not reinvent the wheel.
>
> I can't use simple python classes, since this would user input and would 
> be a security risk and I need a simpler and limited format.
>
> Thanks
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.

Re: define form in yaml file

2013-01-24 Thread Chris Hinds 
 

Hey,

I've got a project where models, forms and templates are all generated from 
a single yaml file. It works well here as the forms are long, with a fair 
amount of layout and plenty of formsets. 

I'm doing a refactor at the moment which should yield some reusable bits. 
I'd be very happy to share.

In general terms for model/form construction, I transform the original spec 
it to something that jsonpickle can deliver into type().

Can talk more if this sounds at all interesting.

Cheers

Chris.

On Thursday, January 24, 2013 8:02:53 PM UTC, Adrian Andreias wrote:
>
> Hello,
>
> I need a way to define a django form through a yaml file (or another text 
> format).
> Is there some code that already does this?
> I'm trying to not reinvent the wheel.
>
> I can't use simple python classes, since this would user input and would 
> be a security risk and I need a simpler and limited format.
>
> Thanks
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.

Re: define form in yaml file

2013-01-24 Thread Leonardo S 
Hi,

I'm new to Django and here.

yaml file is commonly used in Rails framework.
Django uses simple python file (settings.py).

What security risk? Have you got any example ?


2013/1/24 Adrian Andreias 

> Hello,
>
> I need a way to define a django form through a yaml file (or another text
> format).
> Is there some code that already does this?
> I'm trying to not reinvent the wheel.
>
> I can't use simple python classes, since this would user input and would
> be a security risk and I need a simpler and limited format.
>
> Thanks
>
> --
> You received this message because you are subscribed to the Google Groups
> "Django users" group.
> To view this discussion on the web visit
> https://groups.google.com/d/msg/django-users/-/bSxNCc8waMUJ.
> To post to this group, send email to django-users@googlegroups.com.
> To unsubscribe from this group, send email to
> django-users+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/django-users?hl=en.
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

define form in yaml file

2013-01-24 Thread Adrian Andreias 
Hello,

I need a way to define a django form through a yaml file (or another text 
format).
Is there some code that already does this?
I'm trying to not reinvent the wheel.

I can't use simple python classes, since this would user input and would be a 
security risk and I need a simpler and limited format.

Thanks

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/django-users/-/bSxNCc8waMUJ.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.