Skip to main content

Django Pattern for Reporting Errors/Messages in Views

I've tried tried to find a decent way to design my Django views so that I can smoothly report errors to users.  The errors that I am concerned about are errors that users encounter if they are preforming actions that are typically NOT normally encountered through normal use of the user interface.  For example, if users try to directly access a URL of an object that doesn't exist, if they post incorrect values to a URL, or a required value doesn't exist in the user's session.

In a utility module, I create a message class that I to store message information.  While view processing is taking place, if an error takes place, this class will be used to store the error title, text, and "back" url link.

core/utils.py
class UserMessage():
    def __init__(self, title="", text=[], url=None):
        self.title = title
        self.text = text if hasattr(text, '__iter__') else [text]
        self.url = url 

The view continually checks for the existance of a UserMessage instance.  (In the example below, "message" variable is an instance of UserMessage)  If an error condition occurs, part of the handing will be to create a new UserMessage, and the view renders an error page using the template defined by message_template_name and the variables set in the UserMessage instance.

myapp/views.py
def  detail_view(request, myobject_slug, template_name="", 
                 message_template_name="core/message.html"):
    context = {}
    message = None
    if not message: 
        # call custom manager method; pass in message for error handling
        myobject, message = MyObject.objects.get_myobject(myobject_slug, message)
    if not message:
        if not myobject.is_authroized(...):   # do come check here 
            message = utils.UserMessage("Permission Denied",  
                     "You are not authorized to view this.") 
    if not message:
        if myobject.is_wrong_type(...):   # do some check here
            message = utils.UserMessage("Invalid Type",   
                    "This is the wrong type")
            message.url = reverse('index')
    if not message:
        # normal view stuff here  
        form = forms.MyForm(....)
        if request.method == "POST":
            form = forms.MyForm(data=request.POST, ....)
            if form.is_valid():
                form.save() 
                # do other stuff here as needed
                return HttpResponseRedirect(reverse('success_page'))
    else:
        template_name=message_template_name
        context.update({'message':message})
    return render_to_response(template_name, context,
                              context_instance=RequestContext(request))

Create a message template to display the errors.

templates/message.html
{% extends "base.html" %}

{% block title %}{{ block.super }}{{ message.title }}{% endblock title %} 

{% block content %} 
<div>
  <div>{{ message.title }}</div>
  {% for text in message.text %}
  <div>{{ text }}</div>
  {% endfor %}
  <div><a href="{{ message.url }}">Back</a></div>
</div>
{% endblock content %} 

With some modifications, this method can be used with ajax requests.  Note that I do not recommend using the system for catching Django form errors.  Django handles that nicely as it is.

There are probably better approaches for this sort of thing, but this approach seems to work for me in many cases.  Hope it's useful.  Comments welcome.
Joe

Comments

  1. No one is so too perfect to make a perfect and that is the reason that there is always some room for error which is again covered by the seniors of the team. This is a team of Cute Writers Reliable Writing which keeps all the parameters according to the demand and the need of the consumers to make a system user friendly.

    ReplyDelete

Post a Comment

Popular posts from this blog

Django: Using Caching to Track Online Users

Recently I wanted a simple solution to track whether a user is online on a given Django site.  The definition of "online" on a site is kind of ambiguous, so I'll define that a user is considered to be online if they have made any request to the site in the last five minutes. I found that one approach is to use Django's caching framework to track when a user last accessed the site.  For example, upon each request, I can have a middleware set the current time as a cache value associated with a given user.  This allows us to store some basic information about logged-in user's online state without having to hit the database on each request and easily retrieve it by accessing the cache. My approach below.  Comments welcome. In settings.py: # add the middleware that you are about to create to settings MIDDLEWARE_CLASSES = ( .... 'middleware.activeuser_middleware.ActiveUserMiddleware' , .... ) # Setup caching per Django docs. In actuality, you

Django Models Mixins

One thing I've been experimenting with is model Mixins.  For example, the aim is to create small abstract classes that are each focused around a particular function.  These abstract classes can then be added to arbitrary models to apply those functions to models as desired. For example, say I define a RatingsFields abstract class and a TrackingFields abstract class.  These abstract classes can be mixed into any other model that we wish to add rating or tracking functionality to. core/mixins.py from djangoratings.fields import RatingField # 3rd party module class RatingFields(models.Model): rating = RatingField( range =5) # 5 possible rating values, 1-5 class Meta: abstract = True class TrackingFields(models.Model): deleted_on = models.DateTimeField(blank= True , null= True ) created = models.DateTimeField(auto_now_add= True ) modified = models.DateTimeField(auto_now= True ) class Meta: abstract = True

Docker: Run as non root user

It's good practice to run processes within a container as a non-root user with restricted permissions.  Even though containers are isolated from the host operating system, they do share the same kernel as the host. Also, processes within a container should be prevented from writing to where they shouldn't be allowed to as extra protection against exploitation. Running a Docker process as a non-root user has been a Docker feature as of version 1.10. To run a Docker process as a non-root user, permissions need to be accounted for meticulously.  This permission adjustment needs to be done when building a Dockerfile. You need to be aware of where in the filesystem your app might write to, and adjust the permissions accordingly.  Since everything in a container is considered disposable, the container process really shouldn't be writing to too many locations once build. Here is an annotated example of how you might create a Dockerfile where the process that runs within runs a