Django set ModelForm field without including it in the form - django

In my app, I have Users create Post objects. Each Post has a User
class Post(models.Model):
user = models.ForeignKey(User, on_delete = models.CASCADE)
...
I want to create a post-submission form for editing and submission, so I plan to use Django's ModelForm functionality.
class PostForm(ModelForm):
class Meta:
model = Post
fields = "__all__"
However, if I do this, then whoever is viewing the form will be able to set who the Post author is. I want to make sure that the resulting user field is them. But, if I exclude the user field from the ModelForm,
class PostForm(ModelForm):
class Meta:
model = Post
exclude = 'user'
then the user will not be set on form submission. I've hacked my way around this by making a custom form and updating the post field
def submit_view(request):
....
request.POST = request.POST.copy()
request.POST.update({
'user' : request.user.id
})
form = PostForm(request.POST, request.FILES)
....
but then I lose automatic UI generation and form validation, which in some ways defeats the purpose of the Form class. Could somebody point me to the idiomatic way of setting the user field without including it in the Form?

Try this view:
def submit_view(request):
form = PostForm(request.POST or None)
if form.is_valid():
new_post = form.save(commit=False)
new_post.user = request.user
new_post.save()

view.py
from django.views.generic import CreateView
from .models import Post
class PostCreate(CreateView):
model = Post
template_name ="new_Post_form.html"
fields = ['text']
def form_valid(self, form):
object = form.save(commit=False)
object.user = self.request.user
object.save()
return super(PostCreate, self).form_valid(form)
def get_success_url(self):
return "/"
url.py
url(r'^newpost$',views.PostCreate.as_view(),name='post_new',),
new_post_form.html
<form method="post" enctype="multipart/form-data" class="form" action="newpost" id="new-post-form">
<div class="modal-body">
{% csrf_token %}
{{ form.as_p }}
<input type="submit" value="Submit" />
</div>

Related

How can I autofill author with a model form (video upload)

I need to tie the user to their post but 'author' is not included in the fields of the video upload form so I can't access the field when I save the form.
When I add 'author' to the fields it gives a drop down box. (users shouldn't be able to post as anyone but themselves) I tried just listing the fields individually like so {{form.title}} to keep the author field but not show it to the user, it showed anyway.
In the 'author' field of the VideoPost model I've tried changing out the null=True for these variants on default default=None, default=0, default='None', default=User, default=User.id where User = get_user_model()
When I used default='None' the author dropdown box had the current users name in it, but still allowed a choice, when I tried to post it I got
ValueError: invalid literal for int() with base 10: 'None'
Also, in the views.py, I tried form = VideoPostForm(request.user,request.POST or None, request.FILES or None)
and got CustomUser object has no .get() attribute and that was caused by form.save()
I feel like this might be obvious to someone else but I've been staring at this code for a while now to figure it out.(a couple hours a day doing research and gaining better understanding as to how all of the things I'm doing actually work 'under the hood', I worked on other parts while trying to figure this out because, development speed matters and I could actually figure the other stuff out)
forms.py
class VideoPostForm(forms.ModelForm):
class Meta:
model = VideoPost
fields = ['author','title', 'description', 'file']
views.py
def upload_video(request):
form = VideoPostForm(request.POST or None, request.FILES or None)
if form.is_valid():
form.save(commit=False)
VideoPost.author = request.user
form.save()
return redirect('home')
else:
form = VideoPostForm()
return render(request, 'upload_video.html', {'form': form})
models.py
class VideoPost(models.Model):
objects = models.Manager()
author = models.ForeignKey(User, related_name='video_post', on_delete=models.CASCADE, null=True)
title = models.CharField(max_length=50, null=True, blank=True)
published_date = models.DateTimeField(auto_now_add=True)
description = models.TextField()
validate_file = FileValidator(max_size=52428800)
file = models.FileField(upload_to='videos/', validators=[validate_file])
def __str__(self):
return 'Post by {}'.format(self.author)
template (excluding author field)
<h1>Create Post Page</h1>
<form method="post" enctype="multipart/form-data">
{% csrf_token %}
<p> <!-- Normally the fields would be form.as_p -->
{{ form.title }}
{{ form.description }}
{{ form.file }}</p>
<button type="submit">Submit New Post</button>
</form>
The views.py is very close. The form.save() method returns an instance of VideoPost. You can then set the author to the current user directly to the new video post object that was created by the form. See code sample below.
views.py
def upload_video(request):
if request.method == "POST":
form = VideoPostForm(request.POST, request.FILES or None)
if form.is_valid():
new_videopost = form.save()
new_videopost.author = request.user
new_videopost.save()
return redirect('home')
else:
form = VideoPostForm()
return render(request, 'upload_video.html', {'form': form})

Overriding ModelForm with widgets

A user has a form where he can save sensitive data. I am capable of crypting this data and store it in the database using modelforms. However, if the user wants to modify this data, it appears in the TextInput from the form.
I've read this post, and this one. The answer seems to be there, but I can't manage to suceed in the implementation. Here is what I have:
Models
class CustomUser(AbstractUser):
api_key = models.CharField(max_length=256, default='null')
Forms
class APIForm(forms.ModelForm):
class Meta:
model = CustomUser
fields = ('api_key')
widgets = {
'api_key': TextInput(attrs={'size': 10, 'placeholder': 'Your key'}),
}
Html
<form method="post">
{% csrf_token %}
{{ form|crispy }}
<button type="submit">Save changes</button>
</form>
It seems that the form is not detecting the widget, since if I change the value of the attribute size, the form will not change.
Am I missing something?
Thanks in advance
UPDATE.
Here is my view code simplified:
Views
class KeyView(LoginRequiredMixin, UpdateView):
model = CustomUser
form_class = APIForm
template_name = 'account/api_form.html'
success_url = reverse_lazy('pages:home')
def get_object(self):
return self.request.user
def form_valid(self, form):
self.object = form.save(commit=False)
key=botcrypt.encrypt_val(self.object.api_key)
self.object.api_key =key.decode("utf-8")
self.object.save()
messages.success(self.request, 'key updated with success!')
return super().form_valid(form)
I'm using allauth for accounts, in case this information is important
You can try alernative for above method
api_key = forms.CharField(_(u'API Key'), required=False)
api_key.widget = forms.TextInput(attrs={'size': 10, 'title': 'API Key',})
or
api_key = forms.CharField(
_(u'API Key'),
required=False,
widget=forms.TextInput(attrs={'size': 10, 'title': 'API Key',})
)
So actually the solution was pretty simple, as expected....
All the code from Models, Forms and html was right.
I only had to empty the value of the key within the get_object from views:
def get_object(self):
self.request.user.api_key = ""
return self.request.user

Django admin. Edit user and leave password unchanged

I have my custom user model:
class RemoteUser(AbstractUser):
class Meta:
verbose_name= 'MyUser'
verbose_name_plural = 'MyUsers'
# Custom fields here...
How do I set up my user admin form to edit user details hiding the password?
class RemoteUserForm(UserCreationForm):
# What do I put here?
Even if I exclude password from fields it keeps giving me KeyError 'password1'.
Use ModelForm, its very simple using that. You create a form class for editing user objects, in fields you can specifiy whichever you want to edit. Use this form in view to save the input data and use the context in template to complete the cycle.
Forms.py
from django.contrib.auth.models import User
class EditUserForm(forms.ModelForm):
class Meta:
model = User
fields = {'username'}
Views.py
def update_userprofile(request, pk):
user = User.objects.get(pk=pk)
user_form = EditUserForm(instance=user)
if request.user.id == user.id:
if request.method == "POST":
user_form = EditUserForm(request.POST, instance=user)
if user_form.is_valid():
created_user = user_form.save(commit=False)
return redirect('someview') #wherever you want
return render(request, "app_name/update_userprofile.html", {
"noodle": pk,
"noodle_form": user_form,}
else:
raise PermissionDenied
Update_userprofile.html
<form method="post">
{% csrf_token %} {{ noodle_form.as_p }}
<button type="submit">Submit</button>
</form>

Modelforms : not able to view the editable content while updating

Possibly a newbie question, so please bear with me.
I have a Django form that edits a certain instance of a Model. I am using Modelforms. I am able to edit the instance but I am not able to see the content of instance that I want to edit.
I am learning django right now using video tutorials and in the tutorial adding instance=instance to ModelForm instance and then using form.as_p the values were populated in the input box.
In my case when I got to edit url my input fields are blank. However, whatever I write in new blank form gets updated to that object. What could have been wrong here? I am stuck at this point for 4 days so this question is a very desperate one :)
My form class:
from django import forms
from .models import Entry
class EntryForm(forms.ModelForm):
class Meta:
model = Entry
fields = ['name','type', 'date', 'description']
My Model:
from django.db import models
class Entry(models.Model):
name = models.CharField(max_length=200)
type = models.CharField(max_length= 200)
date = models.DateTimeField()
description = models.TextField()
My views look like this :
def update(request,pk):
instance = get_object_or_404(Entry,pk=pk)
if request.method == 'POST':
form = EntryForm(request.POST or None,instance=instance )
if form.is_valid():
instance =form.save(commit=False)
instance.save()
return HttpResponseRedirect('/')
else:
form = EntryForm()
return render(request, "form.html", {"name":instance.name,'instance':instance,'form': form})
Form template :
<form method="POST">
{% csrf_token %}
{{form.as_p}}
<button class="btn btn-success" type='submit'>Submit</button>
</form>
You are not passing the instance for the second case. Update your views.py to this.
def update(request,pk):
instance = get_object_or_404(Entry,pk=pk)
if request.method == 'POST':
form = EntryForm(request.POST or None,instance=instance )
if form.is_valid():
instance =form.save(commit=False)
instance.save()
return HttpResponseRedirect('/')
else:
form = EntryForm(instance=instance)
return render(request, "form.html", {"name":instance.name,'instance':instance,'form': form})

ModelForm. Why my form is not filled with data from model?

Why my form is not filled with data from model?
This is my model.py
class People(models.Model):
user = models.OneToOneField(User)
name = models.CharField(max_length=100)
address = models.CharField(max_length=255)
This is my forms.py
from django.forms import ModelForm
class EditForm(ModelForm):
class Meta:
model = People
exclude=('user',)
views.py
def edit_data(request):
user = request.user
people = People.objects.get(user=user)
form = EditForm(request.POST, instance = people)
if request.method == 'POST':
if form.is_valid():
form.save()
else:
print 'Error'
else:
form = EditForm()
return render_to_response('profile.html',{'form':form}, context_instance=RequestContext(request))
profile.html
<form action="/profile/" method="post">{% csrf_token %}
{{ form.as_p }}
</form>
The problem is that you're redefining form in your else clause (to a new instance of your EditForm, which doesn't have the instance variable set). Remove the else (and the line under it) and you should be good to go.