I am building a photo sharing site with django where users are allowed to create groups to share photos. I have problems creating a proper user data model/logic which would cover all my requirements.
The basic requirements are:
User A is allowed to create a group where he can add another users (User B)
If the user B which has to be added to the group already exists then we will use this existing user B to be added to manytomany field of the group model representing the group
If the user B doesn't exist we will create a sort of "dummy" user. Setting the user_active to false. This is because the user B doesn't have set any sort of verification or password yet.
Now if the new added user B wants to be registered to the site, instead of creating a new user I would like to change the already existing user with the provided data from the signup form.
I would like to mention that I plan to use also the django-allauth for the social accounts users.
My question (considering the Django 1.5) is what would be the preferred way how to make this working:
Is this is something I should create my own User Manager or should I look into authentication backends ? I am really lost at this point.
Below is the diagram which represent both of the scenarios, signing up and adding of the user to the group:
http://i821.photobucket.com/albums/zz136/jorge_sanchez4/f79934d4-d0a4-4862-ab8b-7e1d09cd5642_zps06ec08f3.jpg
UPDATE:
So I tried following, created the custom user model where in the __new__ method I am returning the relevant object if it already exists and the is_active is set to False. Below is the both UserManager and user model:
class GruppuUserManager(BaseUserManager):
def create_user(self, username, email=None, password=None, phonenumber=None, **extra_fields):
now = timezone.now()
if not username:
raise ValueError('The given username must be set')
if not phonenumber:
raise ValueError('The given phonenumber must be set')
''' now lookup the user if it exists and is_active is set
then it is duplicate, otherwise return the user
and set the is_active to true '''
email = self.normalize_email(email)
if GruppUser.objects.filter(phonenumber__exact=phonenumber).exists():
if GruppUser.objects.filter(phonenumber__exact=phonenumber).values('is_active'):
''' duplicate - raise error '''
raise ValueError('The user is duplicate ')
else:
''' get the subscriber and set all the values '''
user = GruppUser.objects.filter(phonenumber__exact=phonenumber)
user.set_password(password)
user.is_active=True
if email:
user.email = email
user.save(using=self._db)
return user
user = self.model(username=username, email=email,
is_staff=False, is_active=True, is_superuser=False,
last_login=now, date_joined=now, phonenumber=phonenumber, **extra_fields)
user.set_password(password)
user.save(using=self._db)
return user
def create_superuser(self, username, email=None, password=None, phonenumber=None, **extra_fields):
u = self.create_user(username, email, password, phonenumber, **extra_fields)
u.is_staff = True
u.is_active = True
u.is_superuser = True
u.save(using=self._db)
return u
class GruppUser(AbstractBaseUser, PermissionsMixin):
''' django 1.5 - creating custom user model '''
id = models.AutoField(primary_key=True)
username = models.CharField(_('username'), max_length=30, unique=True,
help_text=_('Required. 30 characters or fewer. Letters, numbers and '
'#/./+/-/_ characters'),
validators=[
validators.RegexValidator(re.compile('^[\w.#+-]+$'), _('Enter a valid username.'), 'invalid')
])
first_name = models.CharField(_('first name'), max_length=30, blank=True)
last_name = models.CharField(_('last name'), max_length=30, blank=True)
email = models.EmailField(_('email address'), blank=True)
is_staff = models.BooleanField(_('staff status'), default=False,
help_text=_('Designates whether the user can log into this admin '
'site.'))
is_active = models.BooleanField(_('active'), default=True,
help_text=_('Designates whether this user should be treated as '
'active. Unselect this instead of deleting accounts.'))
date_joined = models.DateTimeField(_('date joined'), default=timezone.now)
phonenumber = models.CharField(max_length=10)
#following = models.ManyToManyField(Stream,blank=True,null=True)
blocked_con = models.ManyToManyField(Blocked_Content,blank=True,null=True)
mmsemail = models.EmailField(_('email address'), blank=True)
smsemail = models.EmailField(_('email address'), blank=True)
verified = models.BooleanField(_('verified'), default=False,
help_text=_('Defines if the user has been verified'))
objects = GruppuUserManager()
USERNAME_FIELD = 'username'
REQUIRED_FIELDS = ['phonenumber']
class Meta:
verbose_name = _('user')
verbose_name_plural = _('users')
def __init__(self,phone=None,*args, **kwargs):
''' save the phone number '''
super(GruppUser,self).__init__(*args, **kwargs)
self.phonetocheck = phone
#staticmethod
def __new__(cls,phone=None,*args, **kwargs):
''' lookup for the same user '''
if GruppUser.objects.filter(phonenumber__exact=phone).exists():
if self.objects.filter(phonenumber__exact=phone).values('is_active'):
''' duplicate - raise error '''
raise ValueError('The user is duplicate')
else:
''' get the subscriber and set all the values '''
user = self.objects.filter(phonenumber__exact=phone)
user.is_active = True
return user
return super(GruppUser,cls).__new__(cls,*args, **kwargs)
def get_full_name(self):
"""
Returns the first_name plus the last_name, with a space in between.
"""
full_name = '%s %s' % (self.first_name, self.last_name)
return full_name.strip()
def get_short_name(self):
"Returns the short name for the user."
return self.first_name
def email_user(self, subject, message, from_email=None):
"""
Sends an email to this User.
"""
send_mail(subject, message, from_email, [self.email])
Anyway the strange issue I am having right now is that I can't connect to the admin site which is giving me following error:
I have traced the django and it seems that the query set is somehow shifted to the left:
(Pdb) context[self.user].phonenumber
u''
(Pdb) context[self.user].date_joined
u'9135261969'
(Pdb) context[self.user].is_active
datetime.datetime(2013, 9, 8, 20, 47, 30, tzinfo=<UTC>)
But the data in mysql is correct:
mysql> select is_active from demo_app_gruppuser;
+-----------+
| is_active |
+-----------+
| 1 |
+-----------+
1 row in set (0.00 sec)
mysql> select phonenumber from demo_app_gruppuser;
+-------------+
| phonenumber |
+-------------+
| 9135261969 |
+-------------+
1 row in set (0.00 sec)
mysql> select date_joined from demo_app_gruppuser;
+---------------------+
| date_joined |
+---------------------+
| 2013-09-08 20:47:30 |
+---------------------+
1 row in set (0.00 sec)
Here is the backtrace when trying to login to the admin:
20. context[self.varname] = LogEntry.objects.filter(user__id__exact=user_id).select_related('content_type', 'user')[:int(self.limit)]
File "/usr/site/gruppe/lib/python2.7/site-packages/django/db/models/manager.py" in filter
155. return self.get_query_set().filter(*args, **kwargs)
File "/usr/site/gruppe/lib/python2.7/site-packages/django/db/models/query.py" in filter
667. return self._filter_or_exclude(False, *args, **kwargs)
File "/usr/site/gruppe/lib/python2.7/site-packages/django/db/models/query.py" in _filter_or_exclude
685. clone.query.add_q(Q(*args, **kwargs))
File "/usr/site/gruppe/lib/python2.7/site-packages/django/db/models/sql/query.py" in add_q
1259. can_reuse=used_aliases, force_having=force_having)
File "/usr/site/gruppe/lib/python2.7/site-packages/django/db/models/sql/query.py" in add_filter
1190. connector)
File "/usr/site/gruppe/lib/python2.7/site-packages/django/db/models/sql/where.py" in add
71. value = obj.prepare(lookup_type, value)
File "/usr/site/gruppe/lib/python2.7/site-packages/django/db/models/sql/where.py" in prepare
339. return self.field.get_prep_lookup(lookup_type, value)
File "/usr/site/gruppe/lib/python2.7/site-packages/django/db/models/fields/__init__.py" in get_prep_lookup
322. return self.get_prep_value(value)
File "/usr/site/gruppe/lib/python2.7/site-packages/django/db/models/fields/__init__.py" in get_prep_value
555. return int(value)
Exception Type: ValueError at /admin/
Exception Value: invalid literal for int() with base 10: 'root'
Also in pdb is interesting that self.user.id which should be in this case 1 is returning "root" back. Seems that somehow django messed up what my pk are in this model even when I specified it in the model :
id = models.AutoField(primary_key=True)
Turns out that using __new__ method on Django model is not good idea, using the Model Manager create_user is working ok.
Related
I have written a model for my django project.
This is my model
from django.utils.translation import ugettext_lazy as _
from django.db import models
from django.utils.crypto import get_random_string
from django.db import models
from django.contrib.auth.models import(
BaseUserManager,
AbstractBaseUser,
PermissionsMixin,
)
def generate_vid():
"""Generates a vid for the users"""
not_unique = True
while not_unique:
vid = get_random_string(10, 'abcdefg0123456789')
if not User.objects.filter(v_id = vid).exists():
not_unique=False
return vid
class UserManager(BaseUserManager):
"""Model for user manager"""
def create_user(self, username, password, **params):
"""Create and return a user"""
u_type = params.pop('usertype','v')
params.update({'usertype':u_type})
p_username = params.pop('parent_username', 0)
if(u_type=='v'):
pass
else:
parent_id = User.objects.filter(username = p_username).values_list('v_id')
params.update({'parent_id': parent_id})
user = self.model(username=username, **params)
user.set_password(password)
user.save(using=self._db)
return user
def create_superuser(self, username, password, **params):
"""Create and return a user"""
params.setdefault('is_staff',True)
params.setdefault('is_superuser',True)
params.setdefault('is_active',True)
if params.get('is_staff') is not True:
raise ValueError(_('Superuser must have is_staff=True.'))
if params.get('is_superuser') is not True:
raise ValueError(_('Superuser must have is_superuser=True.'))
return self.create_user(username, password, **params)
class User(AbstractBaseUser, PermissionsMixin):
"""Models for user"""
v_id = models.CharField(
max_length=10,
default=generate_vid,
primary_key = True,
)
username = models.CharField(max_length=20, unique=True)
email = models.EmailField(blank=True, unique = True)
parent_id = models.ForeignKey('User', on_delete=models.SET_DEFAULT, default=0)
usertype = models.CharField(max_length=1, choices=[('f', 'family'), ('v', 'veteran')])
REQUIRED_FIELDS = ['usertype']
is_staff = models.BooleanField(default=False)
is_active = models.BooleanField(default=True)
USERNAME_FIELD = 'username'
objects = UserManager()
def __str__(self):
return self.username
Now I want to impose the condition while creating a user such that every time I provide usertype=f, and I provide a username(say username='Test")
the parent_id of that particular entry is automatically set as the v_id of the username provided.
The parent_id is a self referential foreignkey.
This is the error showing while testing the feature
File "/py/lib/python3.9/site-packages/rest_framework/serializers.py", line 205, in save
self.instance = self.create(validated_data)
File "/app/user/serializers.py", line 17, in create
return get_user_model().objects.create_user(**validated_data)
File "/app/base/models.py", line 39, in create_user
user = self.model(username=username, **params)
File "/py/lib/python3.9/site-packages/django/db/models/base.py", line 485, in __init__
_setattr(self, field.name, rel_obj)
File "/py/lib/python3.9/site-packages/django/db/models/fields/related_descriptors.py", line 215, in __set__
raise ValueError(
ValueError: Cannot assign "<QuerySet []>": "User.parent_id" must be a "User" instance.
I think you can try signals to set data after creating a user account. You can choose from several types, but I would recommend you focus on pre_save and post_save.
UPDATE
I wrote examples, but the website will probably better illustrate it. In general, there are quite a few signals, but the most commonly used are pre_save and post_save.
#2 UPDATE
Try use a first or latest. Details in documentation.
parent_id = User.objects.filter(username = p_username).first()
I'm trying to develop a Facebook social authentication feature on an application that uses a custom Django user model and django-rest-framework-social-oauth2 as the social authentication package. My custom user model is called 'Account' and it inherits from the AbstractBaseUser class. The Account model is shown below:
class Account(AbstractBaseUser):
# Account model fields:
email = models.EmailField(verbose_name='email', max_length=60, unique=True)
username = models.CharField(max_length=30, unique=True)
first_name = models.CharField(max_length=30)
last_name = models.CharField(max_length=30)
date_joined = models.DateTimeField(verbose_name='date joined', auto_now_add=True)
last_login = models.DateTimeField(verbose_name='last login', auto_now=True)
is_admin = models.BooleanField(default=False)
is_active = models.BooleanField(default=True)
is_staff = models.BooleanField(default=False)
is_superuser = models.BooleanField(default=False)
# The user will log in with their email instead of username:
USERNAME_FIELD = 'email'
# Required fields when registering, other than the email:
REQUIRED_FIELDS = ['username', 'first_name', 'last_name']
# Telling the Account object how to use the account manager:
objects = MyAccountManager()
The function that handles creating a new user is called 'create_user' and is defined within my custom written MyAccountManager class which extends the Django BaseUserManager class. This is given below:
class MyAccountManager(BaseUserManager):
def create_user(self, email, username, first_name, last_name, password=None):
# Checking to see if correct function parameters have been passed in:
if not email:
raise ValueError('Users must have an email address')
if not username:
raise ValueError('Users must have a username')
if not first_name:
raise ValueError('Users must have a first name')
if not last_name:
raise ValueError('Users must have a last name')
# Creating the new user:
user = self.model(
email = self.normalize_email(email),
username = username,
first_name = first_name,
last_name = last_name,
)
user.set_password(password)
user.save(using = self._db)
return user
I've set up a working django-rest-framework-social-oauth2 url for creating a new user with a Facebook account. The relevant Facebook configuration in the Django settings.py file is shown below:
SOCIAL_AUTH_FACEBOOK_KEY = config('SOCIAL_AUTH_FACEBOOK_KEY')
SOCIAL_AUTH_FACEBOOK_SECRET = config('SOCIAL_AUTH_FACEBOOK_SECRET')
SOCIAL_AUTH_FACEBOOK_SCOPE = ['email']
SOCIAL_AUTH_FACEBOOK_PROFILE_EXTRA_PARAMS = { 'fields': 'id, name, email' }
The issue that I've been having is the following:
When the create_user function is called for a user that is using Facebook social login, the parameters email, first_name and last_name, that are required in the create_user function are not being provided by Facebook and I'm getting the error message shown in the image. The error message states the following:
create_user() missing 2 required positional arguments: 'first_name' and 'last_name'
Error Message from Django
Does anyone know how I would be able to access these additional parameters (email, first name, last name) from Facebook so that the correct parameters are passed into the create_user function?
Further Information
On implementing the pipeline suggestion I am still left with the same issue whereby the custom create_user function is missing both the first_name and last_name parameters. I think the reason that this occurring is due to the suggested pipeline cleanup_social_account function being called after create_user, where in my case both first_name and last_name are required fields, and as such a user object cannot be created in the database if they are not provided at the time the create_user function is called.
I am receiving this error due to the following function in the suggested custom pipeline:
social_core.pipeline.user.create_user
The code for this function in the social_core installed library is the following:
def create_user(strategy, details, backend, user=None, *args, **kwargs):
if user:
return {'is_new': False}
fields = dict((name, kwargs.get(name, details.get(name)))
for name in backend.setting('USER_FIELDS', USER_FIELDS))
if not fields:
return
return {
'is_new': True,
'user': strategy.create_user(**fields)
}
The details parameter passed into the above function contains the values that I need (first_name and last_name). However, they are not actually being added into the fields variable when it is created. The fields variable is shown above and is defined by the following:
fields = dict((name, kwargs.get(name, details.get(name)))
for name in backend.setting('USER_FIELDS', USER_FIELDS))
In summary:
The issue appears to be that first_name and last_name are not appearing within backend.settings('USER_FIELDS', USER_FIELDS), and therefore are not being added to the fields variable, and as such are not being passed into strategy.create_user(**fields).
So social_auth auto-populates those fields for me when I just get name and email from Facebook. It knows to bring in first_name and last_name. Since it doesn't seem to be working for you, you can create a custom pipeline function.
settings.py:
SOCIAL_AUTH_PIPELINE = (
'social_core.pipeline.social_auth.social_details',
'social_core.pipeline.social_auth.social_uid',
'social_core.pipeline.social_auth.auth_allowed',
'social_core.pipeline.social_auth.social_user',
'social_core.pipeline.user.get_username',
'social_core.pipeline.social_auth.associate_by_email',
'social_core.pipeline.user.create_user',
# YOUR CUSTOM PIPELINE FUNCTION HERE. I CREATED A FILE/MODULE
# NAMED pipeline.py AND STUCK IT IN THERE. MAKE SURE TO PUT THIS
# AFTER CREATE USER.
'path.to.custom.pipeline.cleanup_social_account',
'social_core.pipeline.social_auth.associate_user',
'social_core.pipeline.social_auth.load_extra_data',
'social_core.pipeline.user.user_details',
)
pipeline.py:
def cleanup_social_account(backend, uid, user=None, *args, **kwargs):
"""
3rd party: python-social-auth.
Social auth pipeline to cleanup the user's data. Must be placed
after 'social_core.pipeline.user.create_user'.
"""
# Check if the user object exists and a new account was just created.
if user and kwargs.get('is_new', False):
*** THIS IS UNTESTED, BUT FACEBOOK'S DATA SHOULD COME INTO THE DETAILS KWARG ***
user.first_name = kwargs['details']['first_name']
user.last_name = kwargs['details']['last_name']
user.save()
return {'user': user}
Just add SOCIAL_AUTH_GOOGLE_OAUTH2_USER_FIELDS = ['username', 'email', 'first_name', 'last_name'] in your settings.py file and these fields should be added to **kwargs in you create_user method.
Sample Usage
In settings.py file add this
SOCIAL_AUTH_GOOGLE_OAUTH2_USER_FIELDS = ['first_name', 'last_name', 'email']
In your UserManager class modify create_user like below
def create_user(self, password=None, **kwargs):
"""Create and return a `User` with an email, username and password."""
first_name = kwargs.get('first_name')
last_name = kwargs.get('last_name')
email = kwargs.get('email')
if first_name is None or last_name is None:
raise TypeError(f"Invalid FirstName: {first_name}, LastName: {last_name}, Email: {email}")
if email is None:
raise TypeError("Users must have an email address.")
user = self.model(
first_name=first_name,
last_name=last_name,
email=self.normalize_email(email),
)
user.set_password(password)
user.save()
return user
I am getting this error. I do not understand the head and tail of it.
__init__() got multiple values for keyword argument 'max_length'.
I am adding three fields to UserCreationForm from django.contrib.auth.forms,
which are email, first name and last name and I want to save them to my User object.
(Does the first name and last name gets saved automatically).
Here is my form that I am trying to load.
class MyRegistrationForm(UserCreationForm):
#define fields
email=forms.EmailField(required=True)
first_name = forms.CharField(_('first name'), max_length=30, required=True)
last_name = forms.CharField(_('last name'), max_length=30, required=True)
helptext={'username':"* must contain only alphabets and numbers",
'email':"*",
'password1':"*must contain alphabets in upper and lower case, numbers special char",
'password2': "*Enter the same password as above, for verification"}
err_messages={'invalid_username': _("username must include only letters and numbers"),
'password_length': _("minimum length must be 8 characters"),
'password_invalid':_("must include special character")}
def __init__(self, *args, **kwargs):
super(MyRegistrationForm, self).__init__(*args, **kwargs)
for fieldname in ['username', 'password1', 'password2','email']:
self.fields[fieldname].help_text = self.helptext[fieldname]
self.error_messages.update(self.err_messages)
class Meta:
model=User
fields=('first_name','last_name','username','email','password1','password2')
#import pdb; pdb.set_trace()
def clean_username(self):
# Since User.username is unique, this check is redundant,
# but it sets a nicer error message than the ORM. See #13147.
username = self.cleaned_data["username"]
if not re.match(r'^\w+$',username):
raise forms.ValidationError(
self.error_messages['invalid_username'],
code='invalid_username',
)
return super(MyRegistrationForm, self).clean_username()
def clean_password2(self):
password1 = self.cleaned_data.get("password1")
if len(password1)<8:
raise forms.ValidationError(
self.error_messages['password_length'],
code='password_length',
)
if not (re.search(r'[a-z]', password1) and
re.search(r'[A-Z]', password1) and
re.search(r'[^a-zA-Z\d\s:;]',password1)):
raise forms.ValidationError(
self.error_messages['password_invalid'],
code='password_invalid',
)
return super(MyRegistrationForm, self).clean_password2()
def clean_email(self):
email = self.cleaned_data["email"]
try:
user = User.objects.get(email=email)
print user.email
print user.username
raise forms.ValidationError("This email address already exists. Did you forget your password?")
except User.DoesNotExist:
return email
def save(self, commit=True):
user = super(MyRegistrationForm, self).save(commit=False)
user.email=self.cleaned_data["email"]
if commit:
user.save()
return user
I have read this article but it did not help in my situation.
Form fields are not model fields: they don't take a positional parameter as a verbose name. You need to specify it as the label kwarg:
first_name = forms.CharField(label=_('first name'), max_length=30, required=True)
what Daniel suggested above should work.
first_name = forms.CharField(label=_('first name'), max_length=30, required=True)
you also dont need to save first name and last_name explicitly. It will be taken care by the save function you have above. unless you want to do some cleaning yourselves.
I have two data models, one is User and other one is ShibUser, ShibUser associate with User by storing User table's id as its Foreign Key.
Here is my ShibUser Table:
+----+--------------+------------------+----------------+
| id | auth_user_id | shib_username | shib_user_role |
+----+--------------+------------------+----------------+
| 1 | 4 | auser#domain.edu | Student |
| 2 | 5 | buser#domain.edu | Student |
+----+--------------+------------------+----------------+
from django.db import models
from askbot.deps.django_authopenid.models import User
class ShibUser(models.Model):
auth_user = models.ForeignKey(User)
shib_username = models.CharField(max_length = 200)
shib_user_role = models.CharField(max_length = 200)
Here is my User (auth_user) table:
+----+----------------+------------+--------+
| id | username | reputation | status |
+----+----------------+------------+--------+
| 4 | aaUser | 1 | w |
| 5 | MrBUser_Cool | 1 | w |
+----+----------------+------------+--------+
Model Definition for User:
class User(models.Model):
"""
Users within the Django authentication system are represented by this
model.
Username and password are required. Other fields are optional.
"""
username = models.CharField(_('username'), max_length=30, unique=True,
help_text=_('Required. 30 characters or fewer. Letters, numbers and '
'#/./+/-/_ characters'))
first_name = models.CharField(_('first name'), max_length=30, blank=True)
last_name = models.CharField(_('last name'), max_length=30, blank=True)
email = models.EmailField(_('e-mail address'), blank=True)
password = models.CharField(_('password'), max_length=128)
is_staff = models.BooleanField(_('staff status'), default=False,
help_text=_('Designates whether the user can log into this admin '
'site.'))
is_active = models.BooleanField(_('active'), default=True,
help_text=_('Designates whether this user should be treated as '
'active. Unselect this instead of deleting accounts.'))
is_superuser = models.BooleanField(_('superuser status'), default=False,
help_text=_('Designates that this user has all permissions without '
'explicitly assigning them.'))
last_login = models.DateTimeField(_('last login'), default=timezone.now)
date_joined = models.DateTimeField(_('date joined'), default=timezone.now)
groups = models.ManyToManyField(Group, verbose_name=_('groups'),
blank=True, help_text=_('The groups this user belongs to. A user will '
'get all permissions granted to each of '
'his/her group.'))
user_permissions = models.ManyToManyField(Permission,
verbose_name=_('user permissions'), blank=True,
help_text='Specific permissions for this user.')
objects = UserManager()
class Meta:
verbose_name = _('user')
verbose_name_plural = _('users')
def __unicode__(self):
return self.username
def natural_key(self):
return (self.username,)
def get_absolute_url(self):
return "/users/%s/" % urllib.quote(smart_str(self.username))
def is_anonymous(self):
"""
Always returns False. This is a way of comparing User objects to
anonymous users.
"""
return False
def is_authenticated(self):
"""
Always return True. This is a way to tell if the user has been
authenticated in templates.
"""
return True
def get_full_name(self):
"""
Returns the first_name plus the last_name, with a space in between.
"""
full_name = u'%s %s' % (self.first_name, self.last_name)
return full_name.strip()
def set_password(self, raw_password):
self.password = make_password(raw_password)
def check_password(self, raw_password):
"""
Returns a boolean of whether the raw_password was correct. Handles
hashing formats behind the scenes.
"""
def setter(raw_password):
self.set_password(raw_password)
self.save()
return check_password(raw_password, self.password, setter)
def set_unusable_password(self):
# Sets a value that will never be a valid hash
self.password = make_password(None)
def has_usable_password(self):
return is_password_usable(self.password)
def get_group_permissions(self, obj=None):
"""
Returns a list of permission strings that this user has through his/her
groups. This method queries all available auth backends. If an object
is passed in, only permissions matching this object are returned.
"""
permissions = set()
for backend in auth.get_backends():
if hasattr(backend, "get_group_permissions"):
if obj is not None:
permissions.update(backend.get_group_permissions(self,
obj))
else:
permissions.update(backend.get_group_permissions(self))
return permissions
def get_all_permissions(self, obj=None):
return _user_get_all_permissions(self, obj)
def has_perm(self, perm, obj=None):
"""
Returns True if the user has the specified permission. This method
queries all available auth backends, but returns immediately if any
backend returns True. Thus, a user who has permission from a single
auth backend is assumed to have permission in general. If an object is
provided, permissions for this specific object are checked.
"""
# Active superusers have all permissions.
if self.is_active and self.is_superuser:
return True
# Otherwise we need to check the backends.
return _user_has_perm(self, perm, obj)
def has_perms(self, perm_list, obj=None):
"""
Returns True if the user has each of the specified permissions. If
object is passed, it checks if the user has all required perms for this
object.
"""
for perm in perm_list:
if not self.has_perm(perm, obj):
return False
return True
def has_module_perms(self, app_label):
"""
Returns True if the user has any permissions in the given app label.
Uses pretty much the same logic as has_perm, above.
"""
# Active superusers have all permissions.
if self.is_active and self.is_superuser:
return True
return _user_has_module_perms(self, app_label)
def email_user(self, subject, message, from_email=None):
"""
Sends an email to this User.
"""
send_mail(subject, message, from_email, [self.email])
def get_profile(self):
"""
Returns site-specific profile for this user. Raises
SiteProfileNotAvailable if this site does not allow profiles.
"""
if not hasattr(self, '_profile_cache'):
from django.conf import settings
if not getattr(settings, 'AUTH_PROFILE_MODULE', False):
raise SiteProfileNotAvailable(
'You need to set AUTH_PROFILE_MODULE in your project '
'settings')
try:
app_label, model_name = settings.AUTH_PROFILE_MODULE.split('.')
except ValueError:
raise SiteProfileNotAvailable(
'app_label and model_name should be separated by a dot in '
'the AUTH_PROFILE_MODULE setting')
try:
model = models.get_model(app_label, model_name)
if model is None:
raise SiteProfileNotAvailable(
'Unable to load the profile model, check '
'AUTH_PROFILE_MODULE in your project settings')
self._profile_cache = model._default_manager.using(
self._state.db).get(user__id__exact=self.id)
self._profile_cache.user = self
except (ImportError, ImproperlyConfigured):
raise SiteProfileNotAvailable
return self._profile_cache
I have a form which represent the user profile and I want to show the role of the user, I have import both the objects in my form but I am struggling on how to really get the user role based on User objects username.
Here is the exact place I am trying to add this:
from askbot.shibapp.models import ShibUser
from django.contrib.auth.models import User
def __init__(self, user, *args, **kwargs):
super(EditUserForm, self).__init__(*args, **kwargs)
logging.debug('initializing the form')
shib_user_role = ShibUser.objects.get(auth_user=4)
if askbot_settings.EDITABLE_SCREEN_NAME:
self.fields['username'] = UserNameField(label=_('Screen name'))
self.fields['username'].initial = user.username
self.fields['username'].user_instance = user
self.fields['email'].initial = user.email
self.fields['realname'].initial = user.real_name
self.fields['website'].initial = user.website
self.fields['city'].initial = user.location
if askbot_settings.EDITABLE_SCREEN_NAME:
self.fields['role'].initial = "test_role" (Instead of 'test_role')
I am very new to django world.
Ok so I think you're trying to go from auth.User.username to ShibUser to do this follow the ForeignKeys backwards:
user = User.objects.get(username=username)
# for reverse relationships the foo_set is created by django enabling
# reverse relationship. You can override this by providing a related_name
shibuser = user.shibuser_set.get()
# Alternative syntax
shibuser = user.shibuser_set.all()[0]
From there you can get your ShibUser role. If More than one ShibUser can exist per User then you want to drop the index and will instead have a queryset of ShibUser objects to work with.
If only one ShibUser object can exist per User you should make this a OneToOneField instead of a foreignkey and things become simpler:
shibuser = user.shibuser
Finally you can even start from the ShibUser model and work with it:
shibuser = ShibUser.objects.get(auth_user__username=username)
# Or if you already had the User object instance
shibuser = ShibUser.objects.get(auth_user=user)
Keep in mind several exceptions can be raised around this depending on the approach: the User could not exist or the ShibUser for the given User could not exist. Perhaps more than one ShibUser could be related to a single user and therefore the .get() calls will result in a MultipleObjectsReturned exception. Your schema isn't very tight to your use case it sounds like so I would probably improve that with a OneToOneField
I have an app with 2 user levels; Superuser, and Staff. Superuser will login to this app and create a new user and assign the user either Superuser or Staff permissions, but they are not logging in through the default Django admin, they will be logging into a custom admin. How do I display the permission checkboxes in my form and how do I save them for that new user being created? Is it merely just a normal checkbox or is there something I need to override to be able to accomplish this?
Here is my CreateUserForm as it is now.
class CreateUserForm(forms.Form):
username = forms.EmailField(max_length=50)
email = forms.EmailField()
first_name = forms.CharField(max_length=150)
last_name = forms.CharField(max_length=150)
password1 = forms.CharField(max_length=30, widget=forms.PasswordInput(render_value=False), label='Password')
password2 = forms.CharField(max_length=30, widget=forms.PasswordInput(render_value=False), label='Password Confirmation')
address_1 = forms.CharField(max_length=50)
address_2 = forms.CharField(max_length=50)
city = forms.CharField(max_length=50)
province = forms.CharField(max_length=2)
country = forms.CharField(max_length=50)
postal_code = forms.CharField(max_length=10)
work_phone = forms.CharField(max_length=20)
mobile_phone = forms.CharField(max_length=20)
fax = forms.CharField(max_length=20)
url = forms.CharField()
comments = forms.CharField(widget=forms.Textarea)
def clean_username(self):
try:
User.objects.get(username=self.cleaned_data['username'])
except User.DoesNotExist:
return self.cleaned_data['username']
raise forms.ValidationError("Sorry, this username has already been taken. Please choose another.")
def clean_email(self):
try:
User.objects.get(email=self.cleaned_data['email'])
except User.DoesNotExist:
return self.cleaned_data['email']
raise forms.ValidationError("Sorry, this email has already been taken. Please choose another.")
def clean(self):
if 'password1' in self.cleaned_data and 'password2' in self.cleaned_data:
if self.cleaned_data['password1'] != self.cleaned_data['password2']:
raise forms.ValidationError("You must type the same password each time.")
if ' ' in self.cleaned_data['username']:
raise forms.ValidationError("username must not contain spaces")
return self.cleaned_data
def save(self):
new_user = User.objects.create_user(
username = self.cleaned_data['username'],
email = self.cleaned_data['email']
)
new_user.first_name = self.cleaned_data['first_name']
new_user.last_name = self.cleaned_data['last_name']
new_user.set_password(self.cleaned_data['password'])
new_user.is_active = True
new_user.save()
new_profile = UserProfile(
# TODO:
)
Thanks
If you mean the permission checkboxes for is_staff and is_superuser, then you're probably best off using a ModelForm w/ the User model. This will automatically take care of everything for you.
class UserForm(forms.ModelForm):
class Meta:
model = User
exclude = ('last_login', 'date_joined')
EDIT per OP update: You can just add 2 forms.BooleanField() fields to your form for is_superadmin and is_staff (or name them differently), and much like you're already doing in the save method you can do new_user.is_staff = self.cleaned_data['is_staff']. You may consider using a choice field instead, w/ a dropdown w/ 3 entries, "Normal User", "Staff User", "Admin User", and then set is_staff and is_superadmin according to the user's selection.
It's also still possible to use a ModelForm on the User model and just add the necessary extra fields in addition. It may or may not be worth it to you, depending how custom you're getting.
Another note about your form - when it comes to editing existing users, this won't be able to be used for that w/ the current clean methods on username/email. But if you tweak those to exclude the current instance (if set) from the lookup, you will be able to use this form for editing existing users (though since it's not a model form you'd need to populate the initial data manually).