Fabio,
Good point!
Browser-side security is VERY easy to bypass.
For example, just use Firebug or the built-in dev tools of Firefox,
Chrome, or Safari (or probably even IE by now), to edit the HTML
of the current page and then click the OK/Send/Submit button.
--Fred
I was working on it last couple of days. Basically I came up with what
Fabio's solution. Thanks Daniel for 'disabled' field comment as well.
On Saturday, March 26, 2016 at 8:49:17 AM UTC-4, Daniel Hepper wrote:
>
> Fabio,
>
> if you are using Django 1.9, you can use the newly introduced
Fabio,
if you are using Django 1.9, you can use the newly introduced disabled
attribute on forms.Field, see
https://docs.djangoproject.com/ja/1.9/ref/forms/fields/#disabled
On Tuesday, March 22, 2016 at 3:36:34 PM UTC+1, Fabio Caritas Barrionuevo
da Luz wrote:
>
>
>
Fabio,
I appreciate for your contribution. I understand the point that create a
separate form with only readonly fields. However, I have a form has a mix
of fields (readonly and editable) based on the user permission, not only
one type of field. Also, When readonly field is defined by
self.fields[name].widget.attrs['disabled'] = 'disabled'
self.fields[name].widget.attrs['readonly']=True
is not make real readonly to field, because if user can edit the html on
client side, and remove disabled="disabled" and readonly input atributtes
to problem of readonly fields, i currently
Actually I do to set permission to each field. A field in the form can be
viewable and editable, only viewable, or hidden. So if user has a
permission to see the form, but edit some fields in the form, it gets very
tricky especially for validation.
For example I used these statements to make
Maybe you already know this, but you can do a lot of form tinkering in
__init__, like so:
def __init__(self, permissions_parameter=None, *args, **kwargs):
super(FormName, self).__init__(*args, **kwargs)
if permissions_parameter:
#do a bunch of form tinkering
--
Thanks for your response. Currently I am dealing with a form with
individual field permissions. I guess it explains it gets difficult with
Django Form, which are made for only editing. I know a custom read-only
field can be created in the code below. I am still struggling with post
the form
Questions interspersed below:
On Friday, March 18, 2016 at 11:38:59 AM UTC-5, Gorkem Tolan wrote:
>
> I am a new comer to Django. Last four weeks I have been working on web
> application purely created with Django framework.
> I realized that Django forms are very cumbersome to use.
>
What is
I am a new comer to Django. Last four weeks I have been working on web
application purely created with Django framework.
I realized that Django forms are very cumbersome to use.
I'd rather have DRF (rest framework) and just angularjs form. I am sure
alot users will bombard me tons of
10 matches
Mail list logo
