When some user create an object in the admin panel, I want that the author field of that object to be the user's name (The user that created it). How can I do it ?
I have something like this :
author = models.ForeignKey(User)
I want to know what user created each object.
Sounds like you want to do what James Bennett (one of the Django core contributors) describes how to do here.
Related
In a feathersjs project, I have two models: user and company. I'm using Sequelize/MySQL.
Every user has one company. Every company belongs to one user.
When a user signs up (is created) I want to create the company object at the same time (with just blank data that can be edited later but with the correct association).
How do I do this with a user after:create hook?
Problem solved. The hook object has access to the app. So the solution:
generate an after:create hook on the user service ("feathers generate hook")
in the hook that is generated, create a company with:
return hook.app.service('companies').create({userId:
hook.result.id}).then(()=> {return hook});
In Django, I need to represent payment details for a client. These payment details depend on which country the client is in. For example, US has a Routing Number and Account Number while Canada has Institution, Transit, Account Numbers and anything European has IBAN and BIC.
I think data like this is exactly what JSON storage is made for so I used PostgreSQL's JSONField.
class Client(models.Model):
country = CountryField(blank=True)
payment_details = JSONField()
After some time, I figured the best place to populate the JSONField with a schema appropriate for the country is in the frontend, because in the backend, I would have to wait for the model to be saved first, which is silly from the user's perspective.
Here's the problem: I have to fill the JSONField with something like this:
{
"IFSC Number": "FDSAFDSA",
"Whatever Number": "12410202"
}
Right now I have the backend checking to see if the country changed, and then changing the schema in the JSONField accordingly. But this means that whenever someone changes the country, they have to first save the model before they can add their payment details!
So this has to be done in the frontend, but I don't know how. I'd have to do this in Django's admin pages, and also the actual end-user facing frontend! The end-user facing frontend might just be some jQuery, but I'm unfamiliar with overriding Django admin templates.
Not only that, if I add a new blank schema for some other country:
{
"Banking Number 1": "",
"Banking Code whatever"
}
I'll have to modify two things now, which is a sign that this isn't the right way to do things.
I need to fetch the Sitecore user information, mainly user's first name, last name along with user name. Username can be fetched from the table Users in Core db.
Which table contains the user's first and last name details in Core db?
Thanks
-Sunil
The location of the data is outlined in the answer to this Stack Overflow question:
Sitecore Custom User Profile - where is it stored how can it be queried
As they point out, the data isn't the easily accessible and it might be a good idea to use the Sitecore API to obtain it instead.
This document talks about getting/setting standard profile properties via the API:
Security API Cookbook
... and this article talks about getting/setting custom properties:
Sitecore users custom profile properties
Sitecore doesn't provide any fields for firstname and lastname, so you can only fetch Fullname and Username. IF you want to enter these information as well then you need to create your custom fields as Martin suggested in post.
To get Fullname and Username you can use below code -
Sitecore.Context.User.Profile.FullName
Sitecore.Context.User.Profile.UserName
I am creating one application using ASP.NET MVC 4.5/5.4.
i had model
public class user
{
prop string userId{ get; set;}
prop string email{ get; set;}
}
i am use it to view and taking userId in hidden field
#Html.HiddenFor(x => x.userId)
and submit it back to server,and then after i m updating user email
but mean a while if user change hidden field value of userid then its obviously going to do some adverse effect in server side.
So my question is how to prevent those kind of attack and store sensitive information in view ?
Appriciate guys,
Thanks&Regards
and store sensitive information in view ?
By not storing any sensitive information in your views. Sensitive information should live on the server. For example in a database or something.
Another possibility is to validate on the server that the ProjectId belongs to the currently authenticated user by querying your database. Obviously the currently authenticated user should be retrieved from the forms authentication module and absolutely never be part of any hidden fields. That's the only thing you could trust -> the currently authenticated user which is retrieved from the forms authentication cookie in a secure way. Once you know the user you could query your database to verify whether the input he provided (things like ProjectIds, etc...) really belong to him. This way if the user attempts to tamper with this information the validation will fail and you will greet him with the corresponding error message.
I'm really struggling to wrap my head around some of this stuff. Let me give an example of where I'm struggling.
I'm using Linq-2-Sql as the DAL for my app and the IRepository pattern used in the MVC Storefront sample app from Rob Conery.
In my domain I have a Customer Model which has a collection of Address Models. In my UI there is a button which allows the user to add a new address to the customer. This opens up an address editor which let's them fill in all the information.
What happens next? Does the address get saved to the database, then added to the list in my customer object? Does it just get added to the list but not updated until the Customer object get's saved? What if the user wants to delete an address? Do I delete the address in the database and then remove it from the list? Or do they just make all the deletes/adds they want and I dump everything from the database everytime and update it with whatever is in the Customer.Addresses collection? What's the right flow here?
Should the collection of addresses only get updated via the Repository by calling something like this:
public void AddAddressToCustomer(Customer c, Address a)
{
//validate and save address to db
//add the newly saved address to the Customer Object
}
Help...
DDD is an area where I have a lot of interest but but very little experience so please treat my suggestions cautiously. I only offer them because of the absence of other, more authoritative, answers.
In 'the book' by Eric Evans address is given as an example of something that should typically be treated as a Value Object rather than as an Entity. So I believe the Add method would belong to the Customer:
customer.Add(address);
There would be a Customer Repository (but not one for addresses). This might be used like this:
customerRepository.Update(customer);
The intentional affect of this is that all the difficult questions you ask about how this is then implemented at the DB layer are not the concern of the domain objects (i.e. the customer object). I'm afraid I can't help beyond that point either.
Sounds like you don't know the context of your domain as well as you need to. Ask some more questions and get a better user story. Potentially any of your proposed scenarios may meet the business need, depending on what it is. When you understand the need then I believe this issue will iron itself out.
it depends had a great start on the answer. Once you add the address to the customer and save the customer using:
customer.Add(address);
customerRepository.Update(customer);
Your repository would then map your customer and address domain layer entities to LINQ to SQL. This will likely involve creating a new DataContext object, getting the related LINQ to SQL entities (or creating new ones) and then mapping the domain layer entities to your LINQ to SQL entities.
var context = new MyDataContext();
var linqCustomer = MapCustomerToLinqCustomer(context, customer);
var linqAddress = MapAddressToLinqAddress(context, customer.Addresses.First());
context.SubmitChanges();
You could also use DataMapper classes for mapping, but the MapXYZ methods more closely follow Rob Conery's example. If you need more help with the MapXYZ methods, let me know.