Flask drop-down list Ajax - flask

I have an administrator page and each time when new user is added, administrator should determine group of that user (by default it will be viewer).
First, can someone please write how I can keep the default value in SQL-Alchemy?
Second, how can I update database based on drop-down list parameter?
If someone can share their own experience I will be grateful.

If I understand your question correctly, for #1 you need to store a default value in SQL-Alchemy. If you're using Flask-SqlAlchemy then you can define a default value like this:
class User(db.Model):
id = db.Column(db.Integer, primary_key=True)
name = db.Column(db.String(80), default='John')
For SQL-Alchemy it wouldn't be much different.
And for your question #2, you need to define a controller that gets data from an Ajax call from the drop-down list and stores it in the database. I suggest using Select2 which has autocomplete and Ajax remote data features. As user types in the input it sends an Ajax call to the URL you define and you can get the keyword user is searching for. For a working example of Select2 you can visit this.

Related

How to encrypt or Obfuscate REST API URL in Django

Hello Django REST API Experts,
We are building University Course portals where app offers various user types like Professor, Students and Admins using DJANGO/REACT. We are using REST API to connect between backend and frontend.
So, far we are able to perform some basic operation and it really works great. However now I need help from this group to do following:
When students enrolled in course it generates an acknowledge document stating course description, and its prerequisite which needs to get signed by students to ensure student acknowledge they fulfill these requirements.
In order to do this we have following:
Model for each course which contains the Content, Description and Prerequisite for each course.
StudentCourseAck Model which has FK to Course, Signed Boolean field, Binary field to store signed doc.
User flow:
Student logins to portal,
Select the Course, which generate StudentCourseAck entry.
Let Student review document and signed the document (on client side using sign pad).
The Signature gets stored in PDF (as binary field).
So far so good…
Now we want to enhance the featureset which allows admin to email student the link of studentcouseack document incase its not signed before course start. Also this link should only be valid for 48 hours or else it will expire.
So we need some help to enhance these featuresets as follow:
Current the API is exposed to frontend like: mysite.com/courseack/studentid/documentid
However we want to encrypt this so the link look like this: mysite.com/uniqueid
Where uniquid is mapped to /studentid/documented
So I have following design question:
Question 1: Should we enhance StudentCourseAck which store the UUID for each document?
Question 2: If I store UUID for each document, how do I make it expire once its generated?
Question 3: When Student is finished signing, I need to update the document into database to ensure that right document is saved to right student profile, so how can I ensure this security requirement.
I would really appreciate some expert opinion or some guidance so we can proceed this feature implementation. Any other alternative which is simpler and easier to maintain.
Once again thank you for your time and consideration.
Thank You.
Any other alternative which is simpler and easier to maintain.
Keeping the above phrase in mind I propose this solution.
Firstly I will not consider this as a DRF problem but as a general problem and proceed to answer your Questions.
The simple solution lies in 4 steps
Create a UUID field inside StudentCourseACK so that you can map this uuid with your url mysite.com/uniqueid, catch the document id inside the StudentCourseACK record as a foreign key and also create a created_at inside the model (this will be required for expiry timer)
Make a view inside your views.py that takes this StudentCourseACK UUID as a url parameter where you will have to fetch courseack, studentid and documentid from this StudentCourseACK mapping table and redirects it to mysite.com/courseack/studentid/documentid. When you link this view with your url pattern make sure the listing is at the very bottom.
To make an expiry timer you can check the created_at date in your StudentCourseAck record for 48hours limit before redirecting inside Step 2
Finally when the student is redirected to the mysite.com/courseack/studentid/documentid endpoint you will have to follow a simple process of getting the StudentCourseAck data via .filter(studentid="some value", documentid="somevalue") and make changes to this data accordingly.
Another thing that I realise is that you can completely ditch the long mysite.com/courseack/studentid/documentid url and correspond it's logic inside the new view, but I assume that you want to keep it that way.

How can i confirm a database entry in django admin?

I have been working around this problem. I have a user submitting a HTML form lets say to list their hotel on my website. I need to review this form before i add it into my hotels model to be published.
One approach i have worked on is to use a requests model where this form can be stored and later using django admin action write a custom action to add/remove the request. In case of acceptance i copy the details to my hotels model else it sends an email or a notification back to user.
Second approach is simply using django action on hotels model where the request is sent to approve it or reject it. In this case i want to know if thats possible where a data point doesn't get written to database until it's been accepted by admin. If yes how can i do that?
Finally, these details are displayed on my main page and search page for users to book these places.
If there is a better and effective way to do it. Please share that.
Thanks in advance. If something isn't clear i can answer your specific questions in the comments below 😊.
Have a nice day.
You can have is_published Boolean field in your hotel model and you can default it to false initially. After you inspect the hotel details you can set the is_published field to True from django admin.
So now whenever you are querying for hotels to show on your website. You can query
Hotel.objects.filter(is_published=True)

Create a input box on a app using django

I am tasked with a project of creating an app with python. We have decided to use django for this purpose. Basically, I need to create an app where users can go on to a website, type their names, addresses and get the required information about their historical product purchase.
Now, I am using mariadb in python to query the names. The function I created successfully gets the users name using some name matching algorithm and gets their required information. If the user misspells his/her name, the program also outputs suggested names that match what the user implied. Hence, if the user clicks on his/her name, he will get all historical purchase history for that user.
I managed to use django to create a basic website. But, I want to create input boxes where users can put in their info. Do I actually go to models.py in django and create a names model? Also, is an administrative site required for this purpose?
Edit: from further reading, it seems I need to use inspectdb and tell django to automatically create models for me?
You may get all the information you need from the Django tutorial in the docs. The first three chapters talk about the initial setup for the database and administration site.
https://docs.djangoproject.com/en/2.0/intro/tutorial01/
The fourth one handles the the creation of forms:
https://docs.djangoproject.com/en/2.0/intro/tutorial04/

Session or Model Field in Django?

I'm a beginner in Django. When developing an app, I want to fulfill the following functionality: There is some pictures in one webpage. A user can 'like' a picture by clicking a button bellow it. But one user can only like a specific picture once.
Now there seem two methods to do this.
1) Set an attribute in the session. So I when a user click a button, I can check if he has already 'liked' this picutre according to this session.
2) Add a new field in my user's model to record which pictures he has 'liked'.
Then I don't know which one to use. My questions are as follows:
For method (1), session can expire after some time (e.g. 2 weeks).
So for a user who revisits my website after 2 weeks, is it true that
I can not prevent him from re-liking the picture he's already 'liked'
before?
If I want to have access to the info about which pictures a user
has 'liked', is it true that I can only use method (2) to store this
information?
Thanks a lot!
If you want the "favorites" to persist across multiple sessions, then yes, you need to store the data somewhere that isn't volatile. A simple solution is to use a separate model, a LikedPicture for example:
class LikedPicture(models.Model):
user = models.ForeignKey(User, db_index=True)
picture = models.ForeignKey(Picture)
Session expired? No problem, just get the ones they've liked from the model. You could take it a step further and make the related model generic, so you don't have to make a separate model to hold each association, if you have several different models you're going to associate similarly.
Want to make sure the user only favorites something once? Django makes this ridiculously easy with get_or_create():
favorited_picture, created = FavoritedPicture.objects.get_or_create(user=user,
picture=picture, defaults={'user': user, 'picture': picture})
I find this method to be much more straightforward than trying to maintain a comma-separated-field on a model to store the ids of the favorited things.

How can I implement adding multiple objects with Django form?

How I can go about adding multiple objects from a single form with Django?
For example: if I have a sales form which stores sold products' register.
Imagine the form:
datetime: [_____________]
customer: [_____________]
product: [______________] ---> How should I implement adding multiple products
in the same form?
cost: [_________________]
Save (button)
Hint: it is just a question, if you have some ideas tell me please because I don't know how to do it.
thanks
One way is to use a Formset. Formsets you may have seen, for example, in Django admin for displaying multiple related objects as inlines.
Another way could involve AJAX, example solution:
“Added products” is a simple <ul> list with products added to order
“Search product” is a plain text field, where user enters product name or SKU
User input is sent via AJAX to the server, which returns a list of relevant products
These product suggestions are displayed to user
When user clicks on a product name, another AJAX request is made to associate given product with the order
After request completes, the “Added products” list is refreshed via AJAX, and newly added product appears there
This would require that you first create a temporary order to which you could later attach products via separate requests. Formsets don't have this requirement, but personally I haven't used them a lot, they look a bit cumbersome.