ChatGPT解决这个技术问题 Extra ChatGPT

Django model fields validation

Where should the validation of model fields go in django?

I could name at least two possible choices: in the overloaded .save() method of the model or in the .to_python() method of the models.Field subclass (obviously for that to work you must write custom fields).

Possible use cases:

when it is absolutely neccessary to ensure, that an empty string doesn't get written into the database (blank=False keyword argument doesn't work here, it is for form validation only)

when it is neccessary to ensure, that "choices" keyword argument gets respected on a db-level and not only in admin interface (kind of emulating a enum datatype)

There is also a class-level attribute empty_strings_allowed in the models.Field base class definition and derived classes happily override it, however it doesn't seem to produce any effect on the database level, meaning I can still construct a model with empty-string fields and save it to the database. Which I want to avoid (yes, it is neccessary).

Possible implementations are

on the field level: 

class CustomField(models.CharField):
    __metaclass__ = models.SubfieldBase
    def to_python(self, value):
        if not value:
            raise IntegrityError(_('Empty string not allowed'))
        return models.CharField.to_python(self, value)

on the model level: 

class MyModel(models.Model)
    FIELD1_CHOICES = ['foo', 'bar', 'baz']
    field1 = models.CharField(max_length=255, 
               choices=[(item,item) for item in FIELD1_CHOICES])

    def save(self, force_insert=False, force_update=False):
        if self.field1 not in MyModel.FIELD1_CHOICES:
            raise IntegrityError(_('Invalid value of field1'))
        # this can, of course, be made more generic
        models.Model.save(self, force_insert, force_update)

Perhaps, I am missing something and this can be done easier (and cleaner)?

C
Carl Meyer

Django has a model validation system in place since version 1.2.

In comments sebpiq says "Ok, now there is a place to put model validation ... except that it is run only when using a ModelForm! So the question remains, when it is necessary to ensure that validation is respected at the db-level, what should you do? Where to call full_clean?"

It's not possible via Python-level validation to ensure that validation is respected on the db level. The closest is probably to call full_clean in an overridden save method. This isn't done by default, because it means everybody who calls that save method had now better be prepared to catch and handle ValidationError.

But even if you do this, someone can still update model instances in bulk using queryset.update(), which will bypass this validation. There is no way Django could implement a reasonably-efficient queryset.update() that could still perform Python-level validation on every updated object.

The only way to really guarantee db-level integrity is through db-level constraints; any validation you do through the ORM requires the writer of app code to be aware of when validation is enforced (and handle validation failures).

This is why model validation is by default only enforced in ModelForm - because in a ModelForm there is already an obvious way to handle a ValidationError.

Great, great, this is just great! I've skimmed through the source (by the way, is there any way to access the documentation as it can be done with trunk?) and it seems like just the thing I need. I mean, I am all for rolling my own, but django is excellent at providing a uniform way of doing things (well, IMO, anyway).
Checkout that branch, make sure you have docutils and Sphinx installed, then go into the docs/ directory and run "make html". That should build the docs in HTML form just like they are on the Django website, and you can access them locally.
Ok, I am back from reading the source (in particular models/fields/__init__.py, models/base.py and core/validators.py), since the documentation as of now says nothing about model validation. One should note, however, that it works almost the same as forms validation (at least, the general logic is more or less the same). Anyway, this is something I was looking for. I just hope my apps won't break horribly if I just switch from the trunk to this branch.
I'd certainly love to help out django. And, because of the lack of docs, I had to resort to code-diving, which, in the case of django, is not an unpleasant experience at all and it gave me a solid understanding of how things work (even though it took some time). By the way, nothing really broke, and the validation part certainly does work.
It still doesn't answer the question ... ok, now there is a place to put model validation ... except that it is run only when using a ModelForm !!! So the question remains "when it is neccessary to ensure that [any validation] gets respected on a db-level" what should you do ? Where to call "full_clean" ?
D
Darius

I think you want this -> 

from django.db.models.signals import pre_save

def validate_model(sender, **kwargs):
    if 'raw' in kwargs and not kwargs['raw']:
        kwargs['instance'].full_clean()

pre_save.connect(validate_model, dispatch_uid='validate_models')

(Copied from http://djangosnippets.org/snippets/2319/)

No, not really. model validation is in django stable at the moment, so the point of the original question is kind of moot
I don't think so, because validators don't get run when you save so it will let you add stuff that doesn't validate. From docs.djangoproject.com/en/dev/releases/1.2/#model-validation "Simply invoking a model instance’s save() method will not perform any validation of the instance’s data." Although maybe I misunderstand what OP wants, however I would certainly like a way to have save() validate things :)
r
rrauenza

The root issue for this, is that the validation should happen on models. This has been discussed for quite some time in django (search form model aware validation on the dev mailing list). It leads to either duplication or things escaping validation before hitting the db.

While that doesn't hit trunk, Malcolm's "poor man's model validation solution" is probably the cleanest solution to avoid repeating yourself.

I've read the contents of it in the google cache. It does make sense, yes. It is not very helpful if I am not going to to use forms (don't need forms to input data, right?), however it is, certainly, a way to avoid repeating myself.
O
Oduvan

If I understand you "clearly" - you must override function get_db_prep_save instead of to_python

That's actually a good idea. However, I've specifically mentioned .to_python(), because it gets fired once the field is initialized (if you specify metaclass = models.SubfieldBase) so the validation happens early, meaning you can't even initialize a model if you are passing bad values for the fields. Perhaps, your way is the right way, though. At least it makes some sense to me.

关注公众号,不定期副业成功案例分享
Follow WeChat

Success story sharing

Want to stay one step ahead of the latest teleworks?

Subscribe Now

HuntsBot,a one-stop outsourcing task, remote job, product ideas sharing and subscription platform, which supports DingTalk, Lark, WeCom, Email and Telegram robot subscription. The platform will push outsourcing task requirements, remote work opportunities, product ideas to every subscribed user with timely, stable and reliable.

简体中文 English

Platform

Support

Contact US

Any questions or suggestions during use, you can contact us in the following ways:

Email: huntsbot@xinbeitime.com

Copyright© 2022-2023 www.huntsbot.com 浙ICP备2022000860号-4 All Rights Reserved.