Django Model-Owner

The option to make a model owned by a user is actually documented for the Django Admin app. However, for reference, here are the steps:

First, the model you want to have an owner needs to reference “User” as a foreign key: (in models.py)

class Website(models.Model):
    submitted_by = models.ForeignKey(User, on_delete=models.CASCADE)
    url = models.URLField()

Provided you want to use this model in Django-Admin, there is an explicit method the app provides when defining admin models: (in admin.py)

@admin.register(Website)
class WebsiteAdmin(ModelAdmin):
    model = Website
    list_display = ('url', )
    exclude = ('submitted_by', )

    def save_model(self, request, obj, form, change):
      if not change:
        # only add owner if not changed object
        obj.owner = request.user
      super().save_model(request, obj, form, change)

A heads-up: Django documentation is explicit that both save_model and delete_model have to call the corresponding super()-method in order to actually save the modified model. Reasoning here is these methods are meant to interact with the process and add extra steps, they are not meant to veto.

Additional thoughts: For a model having an owner is really convenient in plenty of situations, in particular when managing permission. The field can e.g. be matched when viewing details of an object.

There are other, potentially more flexible approaches to the problem. In particular when solving in custom views, the field has to be set manually. The same is true when using more complete solutions like “django-guardian”.

Auth0: Log in to BTP with your social accounts.

BTP Trial

The recent acquisition of Okta (Auth0) caught my attention. Until last week, I didn’t know Auth0 beyond the libraries they provide for JWT. Upon further investigation, I was pleasantly surprised to discover that they are a company that was born in Argentina in 2013 and that their founders are passionate developers (When was the last time you saw a CEO of a $6.5B company pushing his codes to Github and blogging about his hobbyist Arduino projects?

Source: Auth0: Log in to BTP with your social accounts.

Symantec will Sicherheitsanbieter Lifelock übernehmen

Digitalisierung verlagert vieles Alltägliche ins Internet, und die Unsicherheit um den Umgang mit dieser neuen Situation wird von Sicherheitsfirmen schon lange ausgenutzt. Nun will Symantec offenbar Schutz vor Identitätsdiebstahl anbieten und dazu einen umstrittenen Anbieter übernehmen:

2,3 Milliarden US-Dollar will Symantec zahlen, um sich mit einem Anbieter für Schutz vor Identitätsdiebstahl zu verstärken. Die Firma namens Lifelock musste aber schon zwei Millionenstrafen wegen nicht gehaltener Werbeversprechen zahlen.

via: Symantec will umstrittenen Sicherheitsanbieter Lifelock schlucken | heise online