I running Django Projects with Docker Container.
Theres' three containers in Server.
Accounts Container
Blogs Container
Etc Container
Situation.
I want to approach to Accoutns Container in Blogs Container.
Why.
There's Article Table in Blogs Conatiner.
And Blogs Container doesn't have accounts app.
so I have to approach to accounts app in Accounts Container.
class Article(models.Model):
user = models.ForeignKey(settings.AUTH_USER_MODEL, on_delete=models.CASCADE)
...
I dont have any idea :(
Related
I do not really understand how the database works when using in production.
My stack:
Django
Heroku
AWS S3
PostgresSQL on Heroku
Users can generate some images on my app. The images are saved to AWS S3, and in some feature I want to retrieve the last generated image.
This below is my model where the images are saved in.
models.py:
class imgUploadModel(models.Model):
auto_increment_id = models.AutoField(primary_key=True, default=True)
image = models.ImageField(null=True, blank=True, upload_to="images/")
And here the view where the images is taken again and handled in some features.
view.py:
imgname = imgUploadModel.objects.all().last().image
As you can see I use .last() to get to the latest images which was generated.
Now to my questions:
In production, could it be that one user sees another users images? Or how does the Dynos (from heroku) separate the sessions?
Since the AWS S3 bucket is just a memory storage without dividing it by users, I assume that one user can see other users images. Especially then, when user A creates an Img, and user B clicks on 'latest image'.
If it is so, how can I create Dynos or Buckets or anything else to prevent this behaviour.
I just do not really understand it from a logical point of view.
Django project has two apps. Customers & Operations.
I want to separate access to the apps with separated front ends. The user authorization strategy I will follow to achieve this is where I am stuck. My research has is advising against two user models. And I recently found out about Proxy models.
I need opinions on best approach for above requirement.
the access links requirements are e.g
app1 customers.example.com
app2 operations.example.com
Customers will have its own set of users and authorization.
Operations will have its own set of users and authorization.
Operations app will create Customers[eg Cust_X, Cust_Y].
Cust_X will have users[eg User_X1, User_X2]
Cust_Y will have users[eg User_Y1, User_Y2]
I'm new to Django framework and currently working on an ecommerce website. Not sure what would be better, when creating new project and new app in Django, does a single app is enough and fine for whole website functionally(all HTML pages, user login/registration etc) or should I use separate apps in my project?
one app for one purpose.
don't describe your app with 'and'.
like: my_app_name' to manage students and exams.
just create 'students' app to manage students and 'exams' to manage exams
According to the great book on django 'Two scoops of django' we should create an app for only one purpose. If the work of an app is beyond a topic we should create another one.
So I think you should create separate apps for various tasks of your web-application like:
accounts : app for user model
products : app for product model
orders : app for managing orders
payments : app for the order payments
...
and many more.
As far I have used Django in my profession about four years, I think Django and python is comprehensive kit for building e-commerce web app.
I'm new to Django and am currently struggling with how to structure the apps.
The site is one with a public frontend, in which you can login to enter a dashboard. I've created a separate app for this dashboard.
Now I want to display a list of employees on one page of this dashboard, however I've created another app for these employees.
Should I create this new page/view, in the employees app? Or should I delete this employee app, and include that model in the dashboard app?
What is considered good practice?
It currently looks like this:
-site
-- dashboard app
-- employee app
Source: Two Scoops of Django: Best Practices for Django 1.8 p-35
I am using the sites framework to run multiple apps off of one code base. I have 3 users, and 3 sites. They can login to the django admin interface and create content but I want them to see only the site they are allowed to manage, not the others, can the sites framework handle this? if not can anyone guide me to the right direction as to how this can be accomplished?
EDIT:
What I did was a simple example. Here goes....
class Weblog(models.Model):
title = models.CharField(max_length=250)
slug = models.SlugField(unique=True)
user = models.ForeignKey(User) # this is the user who should own that blog and see nothing else
site = models.ForeignKey(Site)
objects = models.Manager()
on_site = CurrentSiteManager()
def __unicode__(self):
return self.title
class Entry(models.Model):
title = models.CharField(max_length=200)
slug = models.SlugField()
body = models.TextField()
author = models.ForeignKey(User)
weblog = models.ForeignKey(Weblog)
This is where I am confused. I understand the concept of a weblog having a reference to a site and a user as well. But then how does one limit that person to only see and add/edit the entries on their own weblog that was created for them?
Thanks
Yes, the Django sites framework can do exactly that. As I have not much information about what you already did, I can't really help you, so please give more details.
Also check the specific documentation.
EDIT Ok, I understand it now, your problem is to restrict users to only view and edit content about their dedicated site. This is a little more complicated.
It depends if you use the admin interface or custom views to handle this views and edits. If you use custom ones it can be done easily changing the queryset used, but I imagine you use the admin interface.
In this case, maybe overriding the default manager (objects) with CurrentSiteManager() can do the job. But
it can have side effects, overriding the default manager is not recommended, you need to test it (the first side effect is: you won't have a listing of all edits on all sites)
you must be sure that user A can't login in site B admin interface
Another solution may be to create custom admins for each one of these websites. See the admin doc.
But, just a question: if you don't want to let users edit content on each of these websites, do you however need to have a unique interface to all this admin websites? For example to let one person be able to edit content on all the sites)
If not, maybe the Sites framework is not the way to go, and you should better make each website independant and clearly separated?
Another solution is to look to the permissions possibilities of Django which let you define custom permissions to your views. I think (haven't tried it) it can also be used to protect admin views.
I hope this can help.
Django-site-permissions application would do exactly that:
https://github.com/bmihelac/django-site-permissions
You can integrate it in your project if it meets your needs or check the source code to see how site wide permissions can be implemented.
(disclaimer: I am the developer of django-site-permissions app)