I am working on developing a Trello-like website with Django Rest Framework.
I want to add selected users to BoardAccess model, a through table for User model and Board model, two of which are in Many to Many relationship. Being added to BoardAccess table will mean that the respective users will be having access to matching boards.
Models.py
class Board(models.Model):
name = models.CharField(max_length=50)
access_granted = models.ManyToManyField(User, through='BoardAccess', related_name='access_boards')
team = models.ForeignKey(Team, on_delete=models.CASCADE) # a team can have many boards
class BoardAccess(models.Model):
user = models.ForeignKey(User, on_delete=models.SET_NULL, null=True)
board = models.ForeignKey('Board', on_delete=models.CASCADE)
For User, I am currently using Django's default Auth User model and extending it with a Profile model via OneToOne Field.
Serializers.py
class BoardAccessSerializer(serializers.ModelSerializer):
members = serializers.SerializerMethodField()
added_users = # ???
new_name = serializers.CharField(
write_only=True, required=False, source='name') # in case of requests for renaming the board
def get_members(self, instance):
members = User.objects.filter(profile__team=instance.team)
return UserBoardSerializer(members, many=True).data
I would like to know what field / relations / another serializer should be assigned to added_users, which I think should be write_only=True, in order to successfully de-serialize input from the client-side containing primary keys of selected users.
get_members() method is used to first display information of all team members, from which a client will select users to be added to the board.
Views.py
class BoardAccessRetrieveUpdateAPIView(generics.RetrieveUpdateAPIView):
serializer_class = BoardAccessSerializer
permission_classes = [IsAuthenticated]
def get_queryset(self):
team_id = self.kwargs.get('team_id')
team = get_object_or_404(Team, id=team_id)
queryset = Board.objects.select_related(
'team').prefetch_related(
'access_granted').filter(team=team)
return queryset
I am new to DRF, so there may be a lot of points to be improved from the above. I would really appreciate every help!!
You can override the update method in your serializer, and get the user ids from the client side from initial_data
def update(self, instance, validated_data):
// do the actions on create
users = self.initial_data.get('users')
instance.access_granted.add(*users)
instance.save()
return instance
Also when using ModelSerializer have to add Meta class:
class BoardAccessSerializer(serializers.ModelSerializer):
class Meta:
model = Board
fields = "__all__"
Related
I have a database table called Supplier that has a foreign key of User, each User has their own Suppliers. I got the get request working so that it returns all Suppliers in the entire table, but I can not find a way to filter it so I only receive the Suppliers associated with the User requested.
I am accessing this request by this URL:
http://localhost:8000/pm/getsuppliers/primary-key-of-user/
models.py:
class UserProfile(models.Model):
user = models.OneToOneField(User,on_delete=models.CASCADE)
bio = models.CharField(max_length=200)
email = models.CharField(max_length=200)
class Supplier(models.Model):
user = models.ForeignKey(User, on_delete=models.CASCADE)
name = models.CharField(max_length=200)
phone = models.IntegerField()
email = models.EmailField(max_length=200)
views.py:
class getsuppliers(viewsets.ModelViewSet):
queryset = Supplier.objects.all()
serializer_class = GetSuppliersSerializer
lookup_field = 'user'
serializers.py:
class GetSuppliersSerializer(serializers.ModelSerializer):
class Meta:
model=Supplier
fields=['pk','user','name','email','phone']
The error I am receiving:
ERROR: pm.models.Supplier.MultipleObjectsReturned: get() returned more than one Supplier -- it returned 10!
I have done some searching on this error and they are saying to use .filter instead of .all in the view, but I am not sure how to make it return ALL Suppliers for the requested User, this seems like it would only return 1. Maybe I am wrong, hopefully someone has an easy solution!
You'll have to set the serializer's model (inside Meta) to User, and add in a supplier_set field:
class GetUserSuppliersSerializer(serializers.ModelSerializer):
supplier_set = SupplierSerializer(read_only=True, many=True)
class Meta:
model = User
fields = ['supplier_set']
class SuppliersSerializer(serializers.ModelSerializer):
class Meta:
model = Supplier
fields = ['pk','user','name','email','phone']
And also change the viewset queryset to get users.
Edit:
To answer the question in the comment, there are a few different ways to do that based on what you need, one way is to add a to_representation method in your GetUserSuppliersSerializer as such:
def to_representation(self, instance):
response = super().to_representation(instance)
response["supplier_set"] = sorted(response["supplier_set"], key=lambda x: x["pk"])
return response
I am doing an online classroom project in Django where I created a model named create_course which is accessible by teachers. Now I am trying to design this as the teacher who creates a class only he can see this after login another teacher shouldn't see his classes and how to add students into that particular class I created
the course model
class course(models.Model):
course_name = models.CharField(max_length=200)
course_id = models.CharField(max_length=10)
course_sec = models.IntegerField()
classroom_id = models.CharField(max_length=50,unique=True)
views.py
def teacher_view(request, *args, **kwargs):
form = add_course(request.POST or None)
context = {}
if form.is_valid():
form.save()
return HttpResponse("Class Created Sucessfully")
context['add_courses'] = form
return render(request, 'teacherview.html', context)
forms.py
from django import forms
from .models import course
class add_course(forms.ModelForm):
class Meta:
model = course
fields = ('course_name', 'course_id', 'course_sec', 'classroom_id')
Add one more field in course model that establish relationship with User model. Hence you can get the details about the teacher who has created course.
from django.contrib.auth.models import User
class course(models.Model):
course_name = models.CharField(max_length=200)
course_id = models.CharField(max_length=10)
course_sec = models.IntegerField()
classroom_id = models.CharField(max_length=50,unique=True)
created_by = models.ForeignKey(User, on_delete=models.CASCADE)
In your view function, you can check whether logged in user is same as the created of the requested course.
def teacher_view(request, *args, **kwargs):
# since this is course specific view, you will be passing an identiier or pk of the course as an argument to this function.
course_obj = Course.objects.get(id="identifier")
if request.user == course_obj.created_by:
# logged in user is same as the creator of the course
else:
# redirect
I would prefer creating permissions and having those in specific models. You can give it a try with that too. Let me know, if it doesn't work.
How can i alter my code so that the user logged is not able to follow themselves. I tried unique_together but could not get it to work
I will be using a button on other users profile pages to add the user to the logged in users following list in this table.
class FollowList(models.Model):
user = models.OneToOneField(User, on_delete=models.CASCADE, primary_key=True)
following = models.ManyToManyField(User, related_name='followers')
I'd suggest you use something like intermediary model. ManyToMany in fact is a model with two ForeignKey fields: first is for your FollowList model and second is for linking the User instance. So you have an extra relation to your model. Better way:
class Follow(models.Model):
follower = models.ForeignKey(User, on_delete=models.CASCADE, related_name='my_following_users')
following = models.ForeignKey(User, on_delete=models.CASCADE, related_name='my_followers')
class Meta:
unique_together = (
('follower', 'following'),
)
def save(self, *args, **kwargs):
if self.follower.pk != self.following.pk: # preventing of following themselves
return super().save(*args, **kwargs)
# use like this
dev YourView():
Follow.objects.create(follower=request.user, following=user)
UPD:
If you need to set multiple followers with once request, do something like this:
dev YourView():
items = []
for uid in ("<user ids here>"):
items.append(Follow(follower=request.user, following__pk=uid))
Follow.objects.bulk_create(items)
I have 2 models, Todo and a Tag. Todo has a ManyToMany relationship with Tag. When adding new Todos from the Browsable API, I want to be able to see only the Tags added by the current user as the available options in the multiselect. Currently, it shows all the added Tags, irrespective of who added them. I want to limit the options to only show the Tags added by the current user. (Authentication is setup already)
The models:
class Todo(models.Model):
title = models.CharField(max_length=100)
description = models.TextField(blank=True)
created_at = models.DateTimeField(auto_now_add=True)
due_at = models.DateTimeField(blank=True)
updated_at = models.DateTimeField(auto_now=True)
tags = models.ManyToManyField(Tag, related_name='todos')
creator = models.ForeignKey(User, on_delete=models.CASCADE, related_name='todos')
class Tag(models.Model):
name = models.CharField(max_length=20)
creator = models.ForeignKey(User, on_delete=models.CASCADE, related_name='created_tags')
def __str__(self):
return self.name
The Serializer:
class TodoCreateSerializer(serializers.ModelSerializer): #This is the one being used for a POST
class Meta:
model = models.Todo
fields = ('title', 'description', 'due_at', 'tags')
Is there some serializer field or some other way to specify which queryset to use in the Serializer? Is there another better approach?
In your TodoCreateSerializer you need to add PrimaryKeyRelatedField with a custom queryset that has the filtered tags of a user.
First, you will need to create a custom PrimaryKeyRelatedField that filter any objects to get only those who owned by the user.
class UserFilteredPrimaryKeyRelatedField(serializers.PrimaryKeyRelatedField):
def get_queryset(self):
request = self.context.get('request', None)
queryset = super(UserFilteredPrimaryKeyRelatedField, self).get_queryset()
if not request or not queryset:
return None
return queryset.filter(user=request.user)
(This is a generic one and can be used when filtering in objects by user)
Then you should use this one in you TodoCreateSerializer:
class TodoCreateSerializer(serializers.ModelSerializer):
tags = UserFilteredPrimaryKeyRelatedField(queryset= Tag.objects, many=True)
class Meta:
model = models.Todo
fields = ('title', 'description', 'due_at', 'tags')
I am working on a project where I have a class called Investment. Basically, a user can can have many investments, and an investment can consist of many users. As such my models.py looks like this:
# Not sure if this class is relevant to my question
class UserProfile(models.Model):
user = models.OneToOneField(User)
first_name = models.CharField(max_length=24)
last_name = models.CharField(max_length=24)
phone_number = models.CharField(max_length=12)
account_type = models.CharField(max_length=55, choices=ACCOUNT_TYPES)
def __str__(self):
return self.user.username
class Investment(models.Model):
user = models.ForeignKey(User)
offered_fund = models.ForeignKey(OfferedFunds)
amount = models.IntegerField(default=0)
purchase_date = models.DateTimeField(auto_now_add=True)
def __int__(self):
return self.offered_fund.fund_name.name
and my forms.py:
class InvestmentForm(forms.ModelForm):
class Meta:
model = Investment
fields = ('offered_fund','amount')
exclude = ['user']
finally, my views.py:
if form.is_valid():
instance = form.save(commit=False)
instance.user = request.user
instance.save()
So the way it works when deployed is the user selects an offered_fund, and enters an amount then hits submit. When I do this once, it registers and I can see it in the Django Administration page. However, the second time I try to do it (selecting the same or a different offered_fund) I get the error:
UNIQUE constraint failed: users_investment.user_id
Any idea on how I can solve this? Thanks.
You're using a ForeignKey relationship which only allows one User object for each Investment.
You should be using a ManyToManyField which allows more than one User per Investment.