Re: Custom Model field, to_python() / from_db_value() and unittests...

2015-06-17 Thread Jens Diemer 

Am 17.06.2015 um 16:48 schrieb charettes:

I suggest you use the following pattern which also accounts for py2/3:

...

This is stepping into the django-user@ territory so I suggest we move the
discussion over there if the provided example doesn't match your needs but you
are really just trying to write a portable third-party field.


Thanks for you suggestion.

I "moved" it to django-user list ;)

--


Mfg.

Jens Diemer



http://www.jensdiemer.de

--
You received this message because you are subscribed to the Google Groups "Django 
developers  (Contributions to Django itself)" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-developers+unsubscr...@googlegroups.com.
To post to this group, send email to django-developers@googlegroups.com.
Visit this group at http://groups.google.com/group/django-developers.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-developers/mls207%24lkp%242%40ger.gmane.org.
For more options, visit https://groups.google.com/d/optout.

Re: Custom Model field, to_python() / from_db_value() and unittests...

2015-06-17 Thread Jens Diemer 

Am 16.06.2015 um 18:43 schrieb Tim Graham:

The doc about how to ignore warnings in tests is here:
https://docs.djangoproject.com/en/dev/internals/contributing/writing-code/submitting-patches/#deprecating-a-feature

Alternatively, you can temporarily remove these lines in runtests.py:

warnings.simplefilter("error", RemovedInDjango20Warning)
warnings.simplefilter("error", RemovedInDjango21Warning)


Thanks!

But then, there can't exists tests that will raise a warning while importing ?!?




So i try to make it clear:

With v1.7 the "__metaclass__ = models.SubfieldBase" is needed. So i remove the 
tests without it.


And i found a existing Bug https://code.djangoproject.com/ticket/9619 for:

to_python not called when fetching data with .values(...)


I update the tests and create a ticket and pull request here:
* https://code.djangoproject.com/ticket/24993
* https://github.com/django/django/pull/4874

I can also made pull request for v1.8.x and master...





I also found the Solution for: "to_python() didn't call with Python 3":
The "__metaclass__" syntax changed in Python 3.

The Problem: I didn't read the doc carefully here:

https://docs.djangoproject.com/en/1.7/howto/custom-model-fields/#the-subfieldbase-metaclass

There are three code examples:
* for Python 2 only
* for Python 3 only
* for Python 2+3 using six.with_metaclass()

What's about to remove the first two examples and leave only the 
six.with_metaclass() example?!?


I made also a ticket/pull request for this:
* https://code.djangoproject.com/ticket/24992
* https://github.com/django/django/pull/4873













On Tuesday, June 16, 2015 at 12:30:05 PM UTC-4, Jens Diemer wrote:


I try to create a custom model field, that should "Converting values to 
Python
objects" as described in the documentation here:


<https://docs.djangoproject.com/en/dev/howto/custom-model-fields/#converting-values-to-python-objects

<https://docs.djangoproject.com/en/dev/howto/custom-model-fields/#converting-values-to-python-objects>>


It doesn't work with Python 2.7 and 3.4 with Django 1.7.x and 1.8.x...


I search around and found no unittest case for this 
"howto/custom-model-fields"

So i created a simple test case to investigate why my code not worked.


I made a unittest against "stable/1.7.x", "stable/1.8.x" and "master" here:

https://github.com/jedie/django/branches/yours
<https://github.com/jedie/django/branches/yours>

compare links:

stable/1.7.x

<https://github.com/jedie/django/compare/stable/1.7.x...test_custom_model_fields_1.7.x

<https://github.com/jedie/django/compare/stable/1.7.x...test_custom_model_fields_1.7.x>>


stable/1.8.x

<https://github.com/jedie/django/compare/stable/1.8.x...test_custom_model_fields_1.8.x

<https://github.com/jedie/django/compare/stable/1.8.x...test_custom_model_fields_1.8.x>>


master

<https://github.com/jedie/django/compare/master...test_custom_model_fields_master

<https://github.com/jedie/django/compare/master...test_custom_model_fields_master>>



I run these test and here the result:


*** 1.7.x with Py2:
test_custom_model_field (custom_model_fields.tests.TestModel1Tests) ... FAIL
test_values (custom_model_fields.tests.TestModel1Tests) ... FAIL
test_custom_model_field (custom_model_fields.tests.TestModel2Tests) ... ok
test_values (custom_model_fields.tests.TestModel2Tests) ... FAIL


*** 1.7.x with Py3:
test_custom_model_field (custom_model_fields.tests.TestModel1Tests) ... FAIL
test_values (custom_model_fields.tests.TestModel1Tests) ... FAIL
test_custom_model_field (custom_model_fields.tests.TestModel2Tests) ... FAIL
test_values (custom_model_fields.tests.TestModel2Tests) ... FAIL



*** 1.8.x with Py2:
test_custom_model_field (custom_model_fields.tests.TestModel1Tests) ... ok
test_values (custom_model_fields.tests.TestModel1Tests) ... ok


*** 1.8.x with Py3
test_custom_model_field (custom_model_fields.tests.TestModel1Tests) ... ok
test_values (custom_model_fields.tests.TestModel1Tests) ... ok



*** master with Py2 - doesn't run:
Traceback (most recent call last):
File "/home/jens/PyLucid_env/src/django/tests/runtests.py", line 12, in

  from django.apps import apps
File "/home/jens/PyLucid_env/src/django/django/apps/__init__.py", line
1, in

  from .config import AppConfig   # NOQA
File "/home/jens/PyLucid_env/src/django/django/apps/config.py", line 6, 
in

  from django.utils.module_loading import module_has_submodule
File "/home/jens/PyLucid_env/src/django/django/utils/module_loading.py",
line
4, in

Custom Model field, to_python() / from_db_value() and unittests...

2015-06-16 Thread Jens Diemer 


I try to create a custom model field, that should "Converting values to Python 
objects" as described in the documentation here:


<https://docs.djangoproject.com/en/dev/howto/custom-model-fields/#converting-values-to-python-objects>

It doesn't work with Python 2.7 and 3.4 with Django 1.7.x and 1.8.x...


I search around and found no unittest case for this "howto/custom-model-fields"

So i created a simple test case to investigate why my code not worked.


I made a unittest against "stable/1.7.x", "stable/1.8.x" and "master" here:

https://github.com/jedie/django/branches/yours

compare links:

stable/1.7.x
<https://github.com/jedie/django/compare/stable/1.7.x...test_custom_model_fields_1.7.x>

stable/1.8.x
<https://github.com/jedie/django/compare/stable/1.8.x...test_custom_model_fields_1.8.x>

master
<https://github.com/jedie/django/compare/master...test_custom_model_fields_master>


I run these test and here the result:


*** 1.7.x with Py2:
test_custom_model_field (custom_model_fields.tests.TestModel1Tests) ... FAIL
test_values (custom_model_fields.tests.TestModel1Tests) ... FAIL
test_custom_model_field (custom_model_fields.tests.TestModel2Tests) ... ok
test_values (custom_model_fields.tests.TestModel2Tests) ... FAIL


*** 1.7.x with Py3:
test_custom_model_field (custom_model_fields.tests.TestModel1Tests) ... FAIL
test_values (custom_model_fields.tests.TestModel1Tests) ... FAIL
test_custom_model_field (custom_model_fields.tests.TestModel2Tests) ... FAIL
test_values (custom_model_fields.tests.TestModel2Tests) ... FAIL



*** 1.8.x with Py2:
test_custom_model_field (custom_model_fields.tests.TestModel1Tests) ... ok
test_values (custom_model_fields.tests.TestModel1Tests) ... ok


*** 1.8.x with Py3
test_custom_model_field (custom_model_fields.tests.TestModel1Tests) ... ok
test_values (custom_model_fields.tests.TestModel1Tests) ... ok



*** master with Py2 - doesn't run:
Traceback (most recent call last):
  File "/home/jens/PyLucid_env/src/django/tests/runtests.py", line 12, in 

from django.apps import apps
  File "/home/jens/PyLucid_env/src/django/django/apps/__init__.py", line 1, in 


from .config import AppConfig   # NOQA
  File "/home/jens/PyLucid_env/src/django/django/apps/config.py", line 6, in 


from django.utils.module_loading import module_has_submodule
  File "/home/jens/PyLucid_env/src/django/django/utils/module_loading.py", line 
4, in 

from importlib import import_module
  File "/home/jens/PyLucid_env/src/django/django/utils/importlib.py", line 6, 
in 

ImportError: cannot import name RemovedInDjango19Warning



*** master with Py3:
test_custom_model_field (custom_model_fields.tests.TestModel1Tests) ... ok
test_values (custom_model_fields.tests.TestModel1Tests) ... ok
test_custom_model_field (custom_model_fields.tests.TestModel2Tests) ... ok
test_values (custom_model_fields.tests.TestModel2Tests) ... ok




So the biggest problem is django 1.7.x...
But it should work in the same way:
<https://docs.djangoproject.com/en/1.7/howto/custom-model-fields/#converting-database-values-to-python-objects>


With 1.8.x i must remove the test with existing:
__metaclass__ = models.SubfieldBase


Otherwise the test will not run:

Testing against Django installed in '/home/jens/PyLucid_env/src/django/django'
Importing application custom_model_fields
Traceback (most recent call last):
  File "/home/jens/PyLucid_env/src/django/tests/runtests.py", line 448, in 

options.debug_sql)
  File "/home/jens/PyLucid_env/src/django/tests/runtests.py", line 235, in 
django_tests

state = setup(verbosity, test_labels)
  File "/home/jens/PyLucid_env/src/django/tests/runtests.py", line 214, in setup
apps.set_installed_apps(settings.INSTALLED_APPS)
  File "/home/jens/PyLucid_env/src/django/django/apps/registry.py", line 324, 
in set_installed_apps

self.populate(installed)
  File "/home/jens/PyLucid_env/src/django/django/apps/registry.py", line 108, 
in populate

app_config.import_models(all_models)
  File "/home/jens/PyLucid_env/src/django/django/apps/config.py", line 198, in 
import_models

self.models_module = import_module(models_module_name)
  File "/usr/lib/python2.7/importlib/__init__.py", line 37, in import_module
__import__(name)
  File "/home/jens/PyLucid_env/src/django/tests/custom_model_fields/models.py", 
line 41, in 

class CommaSeparatedModelField2(CommaSeparatedModelField1):
  File 
"/home/jens/PyLucid_env/src/django/django/db/models/fields/subclassing.py", line 
22, in __new__

RemovedInDjango20Warning)
django.utils.deprecation.RemovedInDjango20Warning: SubfieldBase has been 
deprecated. Use Field.from_db_value instead.




Maybe i miss something to handle warnings with tests, but didn't find something 
about warnings he

form validation in contrib.auth

2015-05-12 Thread Jens Diemer 


The default auth.form.AuthenticationForm() did not set a max_length for the 
password field:


https://github.com/django/django/blob/72f6513ebaa7a3fd43c26300e9a8c430dc07cdb5/django/contrib/auth/forms.py#L120-L126

Ok there is not really a max_length constraint. Because in the end the 
auth.models.User must only store the hash value.


The available hashers will consume more RAM if the password is very long. (The 
CPU usage is very similar to a short password)
Only if the server has a POST data limit, the password size is limited. But it 
seems that POST limits are not set or very large on default installations...



On the other side: I didn't see any side effects with a limitation e.g.: 
max_length=1024





Another thing: The auth.models.AbstractUser has the 'username' field with 
max_length=30 and validators.RegexValidator(r'^[\w.@+-]+$',...)


The AuthenticationForm has max_length=254 and no validator...



IMHO one principle is: Validate incoming data as soon as possible, isn't it?



Next thing is "auth.signals.user_login_failed"

This signal will only fired if the auth backends was called.
IMHO it should be called on every failed login. Also if the form is not valid.






--


Mfg.

Jens Diemer



http://www.jensdiemer.de

--
You received this message because you are subscribed to the Google Groups "Django 
developers  (Contributions to Django itself)" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-developers+unsubscr...@googlegroups.com.
To post to this group, send email to django-developers@googlegroups.com.
Visit this group at http://groups.google.com/group/django-developers.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-developers/mis98k%24n71%241%40ger.gmane.org.
For more options, visit https://groups.google.com/d/optout.

Re: Adding Support for PyMySQL (for Python 3)

2011-12-08 Thread Jens Diemer 

Am 07.12.2011 21:38, schrieb Ian Clelland:

PyMySQL is a pure python implementation of PEP 249 for MySQL, and supports
Python 2.4 - 3.2, and MySQL 4.1 and higher.


Another goal of PyMySQL would be to use Django + MySQL with PyPy, isn't it?

See also: 
https://groups.google.com/group/django-users/browse_thread/thread/cbef429d014c1ad9/


--

Mfg.

Jens Diemer



http://www.jensdiemer.de

--
You received this message because you are subscribed to the Google Groups "Django 
developers" group.
To post to this group, send email to django-developers@googlegroups.com.
To unsubscribe from this group, send email to 
django-developers+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-developers?hl=en.

Re: The state of per-site/per-view middleware caching in Django

2011-10-20 Thread Jens Diemer 

Hi...

For PyLucid i made a simple cache middleware [1] simmilar to Django per-site 
cache middleware [2]. But i doesn't vary on Cookies and don't cache cookies. I 
simply cache only the response content.


Of course: This doesn't solve the problem if "csrfmiddlewaretoken" in content.

Here some pseudo code from [1]:
-
def process_request(self, request):
if not self.use_cache(request):
return

response = cache.get(cache_key)
if response is not None:
return response

def process_response(self, request, response):
if not self.use_cache(request):
return response

# Cache only the raw content
response2 = HttpResponse(
content=response._container, status=200,
content_type=response['Content-Type']
)

patch_response_headers(response2, timeout)

cache.set(request.path, response2, timeout)

return response

-

[1] 
https://github.com/jedie/PyLucid/blob/master/pylucid_project/middlewares/cache.py

[2] https://docs.djangoproject.com/en/1.3/topics/cache/#the-per-site-cache


Mfg.

Jens D.

--
You received this message because you are subscribed to the Google Groups "Django 
developers" group.
To post to this group, send email to django-developers@googlegroups.com.
To unsubscribe from this group, send email to 
django-developers+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-developers?hl=en.

Re: CSRF token not validated?

2011-09-13 Thread Jens Diemer 

Am 12.09.2011 22:32, schrieb Carl Meyer:

Sanity-checking the length sounds reasonable to me - do you mind opening
a ticket for this and attaching your patch?


Done ;)

Ticked:
https://code.djangoproject.com/ticket/16827

Patch:
https://github.com/django/django/pull/45


--

Mfg.

Jens Diemer



http://www.jensdiemer.de

--
You received this message because you are subscribed to the Google Groups "Django 
developers" group.
To post to this group, send email to django-developers@googlegroups.com.
To unsubscribe from this group, send email to 
django-developers+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-developers?hl=en.

CSRF token not validated?

2011-09-12 Thread Jens Diemer 


I wonder that the CSRF token send from the client didn't be validated.

Don't know if a DOS attack is possible by sending many request with very long 
CSRF tokens?


IMHO it's a good idea to check the length before do anything with it.

e.g.:
--
diff --git a/django/middleware/csrf.py b/django/middleware/csrf.py
index b5a8579..8e03635 100644
--- a/django/middleware/csrf.py
+++ b/django/middleware/csrf.py
@@ -72,7 +72,10 @@ def get_token(request):
 def _sanitize_token(token):
 # Allow only alphanum, and ensure we return a 'str' for the sake of the 
post
 # processing middleware.
-token = re.sub('[^a-zA-Z0-9]', '', str(token.decode('ascii', 'ignore')))
+if len(token) != 32:
+token = ""
+else:
+token = re.sub('[^a-zA-Z0-9]', '', str(token.decode('ascii', 
'ignore')))
 if token == "":
 # In case the cookie has been truncated to nothing at some point.
 return _get_new_csrf_key()
------


--

Mfg.

Jens Diemer



http://www.jensdiemer.de

--
You received this message because you are subscribed to the Google Groups "Django 
developers" group.
To post to this group, send email to django-developers@googlegroups.com.
To unsubscribe from this group, send email to 
django-developers+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-developers?hl=en.

Re: PHP-inspired user-friendly in-browser DJango install

2011-09-09 Thread Jens Diemer 

Am 09.09.2011 08:23, schrieb Aymeric Augustin:

Nothing prevents you from altering the settings file dynamically and telling 
the user to restart the webserver. You can run wih an in-memory SQLite database 
until this is done.

So your question isn't related to the development of Django itself; it would be 
more appropriate on django-users.

Note that deploying a Django project is a bit more complicated than a PHP 
project (just throw the files in WWW_ROOT). IMO setting up the database isn't 
the most difficult step. I don't know any projects that provide this feature.



For PyLucid CMS i created a "standalone package" with a Web-GUI installation. 
You need not shell to install it.


Here some screenshots:

http://www.pylucid.org/permalink/340/pylucid-screenshots/PyLucid-standalone/

The Web-GUI install is a simple CGI script for running syncdb, south migrate and 
create a first superuser etc.


The script is here:
<https://github.com/jedie/PyLucid/blob/master/scripts/standalone/install_pylucid.cgi>


The install procedure is really simple:
* Upload all files via FTP to webserver
* request http://www.my_server.tld/install_pylucid.cgi
* run "syncdb", "migrate", "create superuser", "loaddata"

Complete instruction here:
http://www.pylucid.org/permalink/331/1b-install-pylucid-standalone-package



But the prefered way to install PyLucid is a bootscript which creates a 
virtualenv:
<http://www.pylucid.org/permalink/333/1a1-create-a-pylucid-environment-with-pylucid-boot>


--

Mfg.

Jens Diemer



http://www.jensdiemer.de

--
You received this message because you are subscribed to the Google Groups "Django 
developers" group.
To post to this group, send email to django-developers@googlegroups.com.
To unsubscribe from this group, send email to 
django-developers+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-developers?hl=en.

Re: Suppressed template errors in admin

2011-09-06 Thread Jens Diemer 

Am 25.08.2011 06:19, schrieb h3:

But this would have side effects on the non-admin templates too.. so
it's not ideal.

Maybe something like this:

TEMPLATE_STRING_IF_INVALID = {'default: '!! Invalid var !!',
'django.contrib.admin': ''}


I do a hack in my admin.py:
-

# some django admin stuff is broken if TEMPLATE_STRING_IF_INVALID != ""
# http://code.djangoproject.com/ticket/3579
if settings.TEMPLATE_STRING_IF_INVALID != "":
# Patch the render_to_response function ;)
from django.contrib.auth import admin as auth_admin
from django.contrib.admin import options

def patched_render_to_response(*args, **kwargs):
old = settings.TEMPLATE_STRING_IF_INVALID
settings.TEMPLATE_STRING_IF_INVALID = ""
result = render_to_response(*args, **kwargs)
settings.TEMPLATE_STRING_IF_INVALID = old
return result

options.render_to_response = patched_render_to_response
auth_admin.render_to_response = patched_render_to_response
-

So you can use TEMPLATE_STRING_IF_INVALID, but it's excluded from django admin 
;)


--

Mfg.

Jens Diemer



http://www.jensdiemer.de

--
You received this message because you are subscribed to the Google Groups "Django 
developers" group.
To post to this group, send email to django-developers@googlegroups.com.
To unsubscribe from this group, send email to 
django-developers+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-developers?hl=en.