For each User I want to display his invitation status:
"Invitation Sent" or "Invitation Accepted"
Currently I just check if a field encrypted_password in Users table contains anything.
If it is not - then a user did not registered (accepted an invitation) yet but it was sent to him (otherwise this user's record would not exist in DB)
Is there a more elegant way to do it?
Yes you should take a
is_registered:boolean
column in user table which contains default value "false". Now you just have to do is when user get registered that time you just change value to "true".
when ever you want to check is user registered? just do
#user.is_registered? or current_user.is_registered?
this returns true/false
Related
I have 2 radio buttons in the UI, one for setting a variable (ng-model) say selected as true (ng-value=true) and other one for setting it as false (ng-value=false). Now, when none of them is selected it results in the variable selected being absent from the outgoing request (as expected).
However, when that is dealt with Django Forms, the self.data dictionary in the clean() method gives False on accessing self.data.get('selected') / self.data['selected'] why is that so? Shouldn't it be None or at least give a key-error when it was not even present in the actual request?
Note that the variable 'selected' is actually a field in a Django Model with default=False, is that thing responsible for this behaviour? How can I circumvent this situation considering that altering the Django Model field isn't an option?
So I dealt with it the other day by checking for the selected key in the raw request.body. Now, since its a string, I had to parse it to a dict and then access the mentioned key using :
json.loads(request.body).get('selected')
In this way, if selected is not present at all when none of the radio buttons are selected, I get None. Similarly, if the radio button for ng-value=true is selected then I get True and vice-versa.
I have a mailing list system in which a user can click a link to unsubscribe. This link contains the user's email in a GET parameter and the page it points to contains a short form to ask for feedback. This feedback needs to point to the email of the user who submitted it.
The way I tried to achieve this is:
take the email from the GET parameter
put it as initial value in a hidden field on the feedback form
retrieve it from form data when the form is sent
The problem is that if this hidden field is not disabled, the user can meddle with its value and dissimulate his own identity or even claim that the feedback came from another user. But if I set the field as disabled, the request.POST dictionary does not contain the field at all.
I also tried keeping the field enabled and checking for its presence in form.changed_data, but it seems to always be present there even if its value does not change.
This is the form class:
class UnsubscribeForm(forms.Form):
reason = forms.ChoiceField(choices=UnsubscribeFeedback.Reasons.choices)
comment = forms.CharField(widget=forms.Textarea, required=False)
user_email = forms.CharField(widget=forms.HiddenInput, required=False, disabled=False)
This is how I populate user_email in the view when the method is GET:
email = request.GET.get("email", "")
# ...
context["form"] = UnsubscribeForm(initial={"user_email": email})
Note that I also tried disabling the field manually after this line, as well as in the form's init method. The result is the same: if the field is disabled, the value does not get passed.
After setting the initial value, I print()ed it to make sure it was being set correctly, and it is. I also checked the page's source code, which showed the value correctly.
And this is how I check for the value in the POST part of the view, when the data-bound form is being received:
form = UnsubscribeForm(request.POST)
if form.is_valid(): # This passes whether I change the value or not.
if "user_email" in form.changed_data: # This too passes whether I change the value or not.
print("Changed!")
email = form.cleaned_data["user_email"] # This is "" if user_email is disabled, else the correct value.
I have no idea why the initial value I set is being ignored when the field is disabled. As far as I know, a disabled field passes the initial value over regardless of any changes, but here the initial value isn't being passed at all. And as I outlined above, I can't afford to keep this field editable by the user, even if it's hidden.
Django is version 3.0.3, if that matters.
Any solution? Is this a bug?
I found a solution to my problem, though it doesn't quite answer the question of why disabled fields ignore runtime initial values, so in a sense, the question is still open to answers.
In the original question, I crucially neglected to specify (in an effort to make the code minimal and reproducible) that the GET request that includes the user's email address also contains a token I generate with unpredictable data to verify that the email is authentic and corresponds to a subscribed user. In order to successfully meddle with the email, a user would also have to forge a valid token, which is unlikely (and not worth the effort) unless they have access to both my database and codebase (in which case I have worse problems than a feedback form).
I will simply keep the hidden field not disabled and also pass the token along, to verify that the address is indeed valid.
In views, I have a function defined which is executed when the user submits the form online. After the form submission there are some database transactions that I perform and then based on the existing data in the database API's are triggered:
triggerapi():
execute API to send Email to the user and the administrator about
the submitted form
def databasetransactions():
check the data in the submitted form with the data in DB
if the last data submitted by the user is before 10 mins or more:
triggerapi()
def formsubmitted(request):
save the user input in variables
Databasetransactions()
save the data from the submitted form in the DB
In the above case, the user clicks on submit button 2 times in less than 5 milliseond duration. So 2 parallel data starts to process and both trigger Email which is not the desired behavior.
Is there a way to avoid this ? So that for a user session, the application should only accept the data once all the older data processing is completed ?
Since we are talking in pseudo-code, one way could be to use a singleton pattern for triggerapi() and return Not Allowed in case it is already istantiated.
There are multiple ways to solve this issue.
One of them would be to create a new session variable
request.session['activetransaction'] = True
This would however require you to pass request, unless it is already passed and we got a changed code portion. You can also add an instance/ class flag for it in the same way and check with it.
Another way, which might work if you need those submissions handled after the previous one, you can always add a while request.session['activetransaction']: and do the handling afterwards.
def formsubmitted(request):
if 'activetransaction' not in request.session or not request.session['activetransaction']:
request.session['activetransaction'] = True
# save the user input in variables
Databasetransactions()
# save the data from the submitted form in the DB
request.session['activetransaction'] = False
...
I have created a PI, :P1_ID defined as checkbox and added a DA to update a field on specific criteria.
On form, have a :P1_REF_NAME which contain the emailAdd of user who has login
e.g app_user = TESTUSER
:P1_REF_NAME = TESTUSER#TESTING.COM
I want to do something like that the checkbox option should be hidden / disable when User who login access his own record.
Any idea, How is it possible to do that pls?
If P1_REF_NAME contains the username then you could put a Condition on the item of type PL/SQL with expression
:P1_REF_NAME != :APP_USER
Then the item will not be rendered for the user's own record.
However, in your case it seems that the item contains a different value, i.e. the email address associated with the user. Presumably this is held in some table. In that case you can use a condition of type "SQL Not Exists" with an expression something like:
select null
from my_user_table
where username = :APP_USER
and email_address = :P1_REF_NAME
How to verify email through link.
I have user edit profile and it is showing user email.I want to give one link to verify email.I do not what to do.
Add one column to your
User Model : email_verification and by default set to zero (0).
Then using persistence_token create a URL and sent to that specific email address. If you dnt have persistence_token as column in your User model then you can add custom column of your choice like verify_email_token as column name and stored 50 random string.
Using
o = [('a'..'z'),('A'..'Z'),('0'..'9')].map{|i| i.to_a}.flatten
string = (0...50).map{ o[rand(o.length)] }.join
URL example :
http://www.yoursitename.com/VerifyEmailAddress/?token=persistence_token ;
When user click on that link, internally call function like VerifyEmailAddress and in that method update email_verification column by one (1).