Posts

Showing posts from July, 2008

Django admin changes in SVN trunk

Recently in Django SVN trunk all admin interface changed to newforms. It doesn't have backward compatibility, so I provide some hints to upgrade existing Django applications.There are at least 3 steps for upgrading:Update urls.py to follow new admin URLs.Update admin classes.Change all newforms imports.Update urls.py to follow new admin URLs.Initially urls.py looks like: urlpatterns = patterns('', (r'^admin/', include('django.contrib.admin.urls')), ) Now it should look like: from django.contrib import admin admin.autodiscover() urlpatterns = patterns('', (r'^admin/doc/', include('django.contrib.admindocs.urls')), (r'^admin/(.*)', admin.site.root), ) Update admin classes.Initially admin classes were a part of model classes. Now they should be moved to independent classes.If a model had empty class: class Model1(models.Model): class Admin: pass Now it is enough just register a model with admin site: from dja…

Adding security features to Django projects

Security is most valuable feature of any software, and each developer should keep in mind security issues during programming. In this article I show how to restrict user's access to view, but not modify objects in Django project. It could be an equivalent of 'Readers' field in Lotus Notes/Domino application.First of all, let's set up Django.Check out Django’s main development branch (the ‘trunk’) like so: svn co http://code.djangoproject.com/svn/django/trunk/ django-trunk Install it: cd django-trunk sudo python setup.py install Create project, which be called 'secure_site': django-admin.py startproject secure_site Test the installation - start our project: cd secure_site/ chmod +x manage.py ./manage.py runserver 9000 Open browser by URL: http://localhost:9000/ and if 'It worked!' page is shown, then go further.Create two applications - sample (for testing) and secure (for handling security information): ./manage.py startapp sample ./manage.py startapp s…