Gmail Calendar Documents Reader Web more »
Recently Visited Groups | Help | Sign in
Google Groups Home
Django users
Home
+ new post
Pages
Files
About this group
Join this group
Message from discussion Overriding returned contents of user objects
The group you are posting to is a Usenet group. Messages posted to this group will make your email address visible to anyone on the Internet.
Your reply message has not been sent.
Your post was successful
 
From:
To:
Cc:
Followup To:
Add Cc | Add Followup-to | Edit Subject
Subject:
Validation:
For verification purposes please type the characters you see in the picture below or the numbers you hear by clicking the accessibility icon. Listen and type the numbers you hear
 
Tane Piper  
View profile  
 More options Apr 13 2008, 9:56 pm
From: "Tane Piper" <digitalspaghe...@googlemail.com>
Date: Sun, 13 Apr 2008 12:56:15 +0100
Local: Sun, Apr 13 2008 9:56 pm
Subject: Re: Overriding returned contents of user objects
Reply to author | Forward | Print | View thread | Show original | Report this message | Find messages by this author
Hi Malcolm,

values() seems to be the way to go for now.  I've extracted some of
the code back to a context variable, and anything within a view I'll
just have to try and make it as efficient as possible, while still
removing the user object from the context.

On Sun, Apr 13, 2008 at 11:59 AM, Malcolm Tredinnick

<malc...@pointy-stick.com> wrote:

>  On Sun, 2008-04-13 at 11:46 +0100, Tane Piper wrote:
>  [...]

> > What I want to
>  > know is there any way I could simplify the method and have it remove
>  > the password field any time a user object is being selected as part of
>  > a related query??

>  Not really, unless you use values(). For any model, if the Python object
>  is being constructed, it pulls back all the values it needs to populate
>  the attributes. The password hash is an attribute of the User model.

>  >  I'm sure there is a need for it when doing
>  > authorisation, but once a session has been confirmed, is it needed
>  > again?

>  Login isn't the only time when the password hash might be needed (for
>  example, it's displayed and editable in the admin screen) and it would
>  be quite hacky to introduce a special case for saying when that field
>  shouldn't be displayed. You're using the User object in public-readable
>  situations, which isn't really part of the design. So change your design
>  a bit so that you're not throwing around this information if you don't
>  want it displayed. Yes, anything can be serialised using json, but that
>  doesn't mean you should indiscriminately do so or that the framework
>  should accommodate that.

>  It might make sense in your situation to just pull back the values()
>  that you need for various objects and serialise that dictionary. Or you
>  could make another pass through the projects list and blank out the
>  attribute(s) you aren't interested in, such as _project_manager_cache.

>  Regards,
>  Malcolm

>  --
>  A clear conscience is usually the sign of a bad memory.
>  http://www.pointy-stick.com/blog/

--
Tane Piper
Blog - http://digitalspaghetti.me.uk
Skype: digitalspaghetti

This email is: [ ] blogable [ x ] ask first [ ] private


    Reply to author    Forward  
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
Create a group - Google Groups - Google Home - Terms of Service - Privacy Policy
©2009 Google