tags:

views:

136

answers:

2
Q: 

django get_current_user() middleware - strange error message which goes away if source code is "changed" , which leads to an automatic server restart

Hi,

I'm using a middleware to get the currently logged in user in my views and models. This helps me to for example return only the objects created or assigned to the logged-in user. Please follow this link to see which middleware that I use.

I call this middleware with:

get_current_user()

This worked fine till now. But now I experienced some strange behaviour and only for one special use-case.

I'm using this get_current_user() in a custom manager to return only projects for which the currently logged in user is a member. Membership is defined through the model "ProjectMembership". This model looks like this:

class ProjectMembership(models.Model):
    project = models.ForeignKey(Project)
    member = models.ForeignKey(User, related_name='project_membership_member_set')
    day_rate = models.PositiveIntegerField(max_length=11)

In the project model I have set a custom manager called user_objects. The project model looks like this (simplified):

class Project(models.Model):
    name = models.CharField(max_length=100)

    #Managers
    objects = models.Manager()
    user_objects=UserProjectManager()

The UserProjectManager() is now my point of concern. The manager looks like this:

class UserProjectManager(models.Manager):
    def get_query_set(self):
        print "current user is" + str(get_current_user())
        return super(UserProjectManager, self).get_query_set().filter(projectmembership__member=get_current_user())

I added print "current user is" + str(get_current_user()) in order to debug it. This print statement always! prints out the currently logged in user. When I created this function the server (manage.py runserver) was running and I did not restarted the server and the method runs as I would have expected.

But if I restart the server with manage.py runserver the UserProjectManager() crashes with this error:

caught an exception while rendering: Incorrect integer value: 'AnonymousUser' for column 'member_id' at row 1

I uploaded the error page: link

Interestingly enough is that when I let the server running (after the error was thrown) and then change something in my source-code (add a sign and remove it) and save it (somewhere in my project, it does not matter where!!), click again on the link that has thrown the error, it works! More interesting is that the 

print "current user is" + str(get_current_user())

in front of the line that throws the error, always returns the logged-in user correctly!

This does not make a lot of sense to me. Especially since it works if I just resave ( which leads to an automatic restart of the server!) my source.

I'm 100% sure that the error is created in the above outlined source line, since I changed this:

return super(UserProjectManager, self).get_query_set().filter(projectmembership__member=get_current_user())

to this:

return super(UserProjectManager, self).get_query_set())

and then it works perfectly fine. I just say this since the above posted error is maybe a bid misleading.

Probably tough to help me out here. Would appreciate any help!

Edit:

The first answer below from "whrde" stated that the middleware approach is probably a bad idea, whereas the people in the other thread link said that the approach is fine.

Therefore I wanted to state another example where such a middleware is really convenient to use. I use it all over my application. I would just be interested if I really should remove this middleware from my app. since probably I will get more errors than the one that I posted or that the approach is fine. For example overwriting the save method for a model and setting the current_user is really easy in using this middleware. It saves me to write the same three lines in each view afer save().

class ProjectMembership(models.Model):
    project = models.ForeignKey(Project)
    member = models.ForeignKey(User, related_name='project_membership_member_set')
    day_rate = models.PositiveIntegerField(max_length=11)

    created_by = models.ForeignKey(User, editable=False, related_name='project_membership_creator')
    created = models.DateTimeField(auto_now_add=True, editable=False, verbose_name='creation date')
    modified_by = models.ForeignKey(User, editable=False, related_name='project_membership_modifier')
    modified = models.DateTimeField(auto_now=True, editable=False)

    #Managers
    objects = models.Manager()
    user_objects=UserProjectMembershipManager()

    class Meta:
        unique_together = (("project", "member"),)

    def __unicode__(self):
        return u'%s in project: %s' % (self.member, self.project)

    def save(self):
        if not self.id:
            self.created_by = get_current_user()
        self.modified_by = get_current_user()
        super(ProjectMembership, self).save()

Edit: Conclusio: Do not use the get_current_user() middleware since there is absolutely no need to use it. Pass the request object to your forms, object managers, overwritten object save methods etc.. and everything will be fine ;-)

+2  A: 

This looks like a bad approach: you need to pass the request object around to provide a function/class/method with access to the current user. Don't mess with a global state.

Create a method on your manager that takes the user as an argument, and call this from your views:

# models.py
class ProjectMembership(models.Model):
    project = models.ForeignKey(Project)
    member = models.ForeignKey(User, related_name='project_membership_member_set')
    day_rate = models.PositiveIntegerField(max_length=11)

class ProjectManager(models.Manager):
    def for_user(self, user):
        return self.get_query_set().filter(projectmembership__member=user)

class Project(models.Model):
    name    = models.CharField(max_length=100)
    objects = ProjectManager()

# somewhere deep in views.py
if request.user.is_authenticated():
    Project.objects.for_user(request.user)
Will Hardy  2010-01-18 17:17:47
I do stuff like this all time. It is a much simpler and more explicit approach than messing around with middleware and thread local storage.
Brian Neal  2010-01-18 17:20:32
Ok, that looks like a neat approach. Thank you. I will implement it this way. It would have been great if somebody told me this a few weeks before ;-) I will leave the question as unanswered for some days, since I really want to know why this behaviour occurs.
Tom Tom  2010-01-18 18:36:55
Actually please see the edit of my question. Do you think using this kind of middleware in an overwritten model save() method is also not a good idea?
Tom Tom  2010-01-18 18:46:02
If you're only using django's admin, you can overload the `ModelAdmin.save_model(self, request, obj, form, change)` method, setting the `obj.user = request.user` before saving. Note that Django's approach here is not to use thread local (see eg http://www.b-list.org/weblog/2008/dec/24/admin/)You're free to use the threadlocal hack if you like, but there's a strong argument against it. It's not necessary. Passing the user object is more flexible, explicit, readable and less complicated than a threadlocal hack, and you're free to write methods and functions to make it easier/convenient.
Will Hardy  2010-01-18 20:28:29
Yes probably you are right. I already begun to remove the get_current_user() from all objects managers. Now I just check how to remove them from the object save() method. I'm searching for a solution outside the admin. I will try def save(self,request): ..
Tom Tom  2010-01-18 21:34:13
Ok that approach seems to do not work. Any suggestions how to pass the logged-in user to a object save method outside the admin?
Tom Tom  2010-01-18 22:02:26
@Tom Tom it does work. You'll need to post your code or ask another question to get more help.
Brian Neal  2010-01-18 22:07:35
Ok probably it's time for another question. ;-) Thanks for your help!
Tom Tom  2010-01-18 22:26:25
Ok my fault. I changed the save() method of the model to receive the request object. That was ok. But in the view I changed the save method call of the form instead of the object. This way it can not work. ;-) Ok you both were absolutely right, that there is no need for the get_current_user() middleware. I'm just wondering why nobody in the other thread told me this. I will remove now all occurences of this middleware. Thank you guys for your help!
Tom Tom  2010-01-18 22:34:44
+1  A: 

Ignoring the thread local sideshow, your problem is probably related to the fact that the AnonymousUser object is not really a User model instance. Querying the database with this object may not get you very far. You will want to check for authenticated users at some point, either in the view:

if request.user.is_authenticated():
    Project.objects.for_user(request.user)

Or in your manager method:

def for_user(self, user):
    if user.is_authenticated():
        return self.get_query_set().filter(projectmembership__member=user)
    else:
        return self.get_query_set().none()
Will Hardy  2010-01-18 20:44:53
That's not the problem, since I use the @login_required decorator and the view where the problem occurs can only be called if the user is logged in. And as I said, the print "current user is" + str(get_current_user()) does return the logged in user, which is really strange.
Tom Tom  2010-01-18 21:26:56

related questions

Django: Print url of view without hardcoding the url
Django Calendar Widget?
Can the HTTP version or headers affect the visual appearance of a web page?
Project design / FS layout for large django projects
Extending the User model with custom fields in Django
How to generate urls in django
Always including the user in the django template context
Screencasts for Django/Python?
Using Django time/date widgets in custom form
How do I add data to an existing model in Django?
Setup django with WSGI and apache
Altering database tables in Django
Django Templates and variable attributes.
Django ImageField core=False in newforms admin
How can I render a tree structure (recursive) using a django template?
Cleanest & Fastest server setup for Django
Unicode vs UTF-8 confusion in Python / Django?
Does Hostmonster support Django
Specifying a mySQL ENUM in a Django model
Represent Ordering in a Relational Database
updating an auto_now DateTimeField in a parent model w/ Django
Version track, automate DB schema changes with django
Learning Ruby on Rails any good for Grails?
What Hosting Service is best for Django applications?
Class views in Django