python - Restricting access to Django generic views -

-

I am creating a Django app where users can create accounts for them and then add transactions to each account. Part of a site that will allow users to track investment benefits. I am using generic class ideas to get it.

Users add transactions to a particular account (code is not shown) and then they transact the transaction of that particular account to the site / transaction / 2 /, where there is 2 account ID.

The problem can change the login of any other user's account to any login user URL. I can easily determine that the given account id is for the user, but I think that should be a better way. What are the best ways that I can get it? Maybe this URL should be encoded? I do not like the views of users who see their account ID in DB in any way.

In addition to this, I want to make it possible to see the transactions of some accounts of users, for example in the same list, show all the transactions for all your 5 accounts. Then this URL method will not actually work.

I have other options: 

  class account (models.Model): name = models.CharField (max_length = 40, Exclusive = true, db_index = True = user = models.ForeignKey (user) class transaction (models.Model): value = models.DecimalField (max_digits = 15, decimal_places = 2) date = models.DateField ('transaction date' )   
 views.py:  
  class index view (LoginRequiredMixin, generic.ListView): m Dual = transaction def get_queryset (auto): account_id = self.kwargs ['account_id'] queryset = Transaction.objects.filter (account_id = account_id) return query   
 and then I have You can use a  transaction_list  template  
 thanks   
 
 
 Can Auxiliary Work  get_object_or_404 ()  To obtain accou the first object, if you want a 404 error.  
 Like this:  
  def get_queryset (self): account_id = self.kwargs ['account_id'] # increased 404 if no account was found for the current user account Then = get_object_or_404 (account, pk = account_id, user = self requests. User) queryset = Transaction.objects.filter (account = account) returns queretset   
 for your second thing As mentioned, you can either create a new view, or just check that if the  'account_id'  was in the URL, and your current Reuse Rishy you will need a new URL.  
 urls.py:  
  url (r '^ (? P & lt; account_id & gt; \ d +) / $', views  < / Pre> 
 Your account again for that case where no account id is not in the url:  
  def get_queryset (self): # account_id None will have the second URL if it was one, account_id = self.kwargs.get ('account_id', none) if account_id: # 404 is increased if no account is found for the current user account = get_object_or_404 (account , Pk = account_id, user = self requests). Queryset = Transaction .objects.filter (account = account) New: # We are displaying all the transactions for the user instead of a particular account query = Transaction.objects.filter (account__user = self.request.user) Return querySet

Comments

Post a Comment

Popular posts from this blog

java - ImportError: No module named py4j.java_gateway -

-
I'm trying to call the Python using the Java program py4j . I've been installing the plug-in Eclipse and test name Piidvi project. I'm trying to execute the following part of the code found on py4j webpage: Import from py4j.java_gateway to JavaGateway, java_import gateway = JavaGateway () jvm = gateway.jvm java_import (jvm, '' Org.eclipse Kkorkrisorsej. * ") Vrkspes_rut = Jvankresourkesplginkgetvrkspas (). GetRoot (Gateway .help (workspace_root, '* Projects *') project_names = [project.getName () (for projects workpace_root.getProjects))] print (Projekt_nam) But I There is an error in import. I have checked that the P4JJ is present in the Jar Eclipse plugin directory. Can anyone help please? I had to install the py4j application
Read more

python - Receiving "KeyError" after decoding json result from url -

-
I am new to Python I am trying to parse JSON result from a URL. Basically, I was using the following: response = urllib.request.urlopen (url) json_obj = json.load (response) It should be a stroke "str 'not' bytes' in the lines of a given" JSON object, so after searching on the StackoverView Flo, I decode the response in this way: F = urllib.request.urlopen (Url) charset = f.info (). Get_param ('charset', 'utf8') data = f.read () decoded = json.loads (data.decode (charset)) If I print "decode" I is as follows: { 'link': { 'summary data': 'https: // localhost / piwebapi / streams / p0_7qHaW4UHU-RlCaz8tpasAAQAAAAU0hJTExNQU42NDIwXFNJTlVTT0lE / summary' 'value': 'https: // localhost / Piwebapi / streams / P0_7qHaW4UHU-RlCaz8tpasAAQAAAAU0hJTExNQU42NDIwXFNJTlVTT0lE / price ',' InterpolatedData ':' https: // localhost / Piwebapi / streams / P0_7qHaW4UHU-RlCaz8tpasAAQAAAAU0hJTE...
Read more

.net - Creating a new Queue Manager and Queue in Websphere MQ (using C#) -

-
"itemprop =" text "> I am writing applications that use WebSphere MQ to send messages. My unittests (for flow), I want to verify that I have put the correct message on the response queue. I am trying to figure out how to do this. My main obstacle is that I think it might be scary to clear the queue before running in my queue because the same queue can be used by other applications, I thought a decent solution would be a new line The manager will remove the queue for my solidarity and after using it. So my question is: Is it possible to use C # by using queue manager and queue? After the For future reference and future people, who want to make queues. I thought how to make and remove IBM MQ QE (not quenhers) with PCM messaging. It is not very simple, but it can be done. We have implemented it in a library and it is being used to create and delete commands before and after integration tests. The most important part of the code in this library is shown in the...
Read more