Research
Recent Trends in Malicious Packages Targeting Discord
The Socket research team breaks down a sampling of malicious packages that download and execute files, among other suspicious behaviors, targeting the popular Discord platform.
django-dynamic-admin-forms
Add simple dynamic interaction to the otherwise static django admin.
Readme
Add simple interactions to the otherwise static django admin.
Add simple interactions to the otherwise static django admin.
Install the package via pip:
pip install django-dynamic-admin-forms
or via pipenv:
pipenv install django-dynamic-admin-forms
Add the module to INSTALLED_APPS
:
INSTALLED_APPS = (
...,
'django_dynamic_admin_forms',
'django.contrib.admin'
...
)
Ensure that the dynamic_admin_forms
comes before the
default django.contrib.admin
in the list of installed apps,
because otherwise the templates, which are overwritten by dynamic_admin_forms
won't be found.
Ensure that the dynamic_admin_forms
templates are found via using APP_DIRS
setting:
TEMPLATES = [
{
'BACKEND': 'django.template.backends.django.DjangoTemplates',
'APP_DIRS': True,
...
},
]
Run python manage.py collectstatic
to include this apps Javascript code in your settings.STATIC_ROOT
directory
Add the django_dynamic_admin_forms.DynamicModelAdminMixin
to your admin classes
Add the django_dynamic_admin_forms.urls
to your urls
from django.contrib import admin
from django.urls import path, include
urlpatterns = [
path("admin/", admin.site.urls),
path("dynamic-admin-form/", include("django_dynamic_admin_forms.urls")),
]
In addition to the standard fields
declaration, specify a list of dynamic_fields
For each dynamic field, add a method get_dynamic_{field_name}_field
to the admin
data: Dict[str, Any]
- the cleaned form dataqueryset: Optional[Queryset]
- The values to select fromvalue: Any
- The value, the field should have (must be compatible to the field type)hidden: Bool
- True, if field should be hiddenA rather non-sensical example:
from django.contrib import admin
from .models import MyModel
from django_dynamic_admin_forms.admin import DynamicModelAdminMixin
@admin.register(MyModel)
class MyModelAdmin(DynamicModelAdminMixin, admin.ModelAdmin):
fields = ("name", "city")
dynamic_fields = ("city",)
def get_dynamic_city_field(self, data):
# automatically choose first city that matches first letter of name
name = data.get("name")
if not name:
queryset = City.objects.all()
value = data.get("city")
else:
queryset = City.objects.filter(name__startswith=name[0])
value = queryset.first()
hidden = not queryset.exists()
return queryset, value, hidden
Whenever a dynamic form changes, an event handler makes a request to a special endpoint, which returns new HTML to swap
into the existing form. This new HTML is directly generated by django.contrib.admin
, so we only have to set the
outerHTML of the correct HTML elements to update the form.
Model.clean()
methods to guard against thatFor local development, create a virtual environment
in the testproj
folder:
$ cd testproj
$ python3 -m venv .venv
$ source .venv/bin/activate
$ cd ..
$ flit install --symlink
Now the package should be available in your virtual environment and any changes should be directly visible.
Alternatively, copy the directory dynamic_admin_forms
into any normal django project, so that the python interpreter
finds the local version instead of the installed (old) version.
To run end-to-end tests locally:
$ cd testproj
$ python manage.py runserver 0.0.0.0:8000 & # start server
$ python manage.py loaddata fixtures/fixtures-dev.json
$ cd ../e2e
$ yarn install # or npm install (only needed first time)
$ yarn cypress # or npm run cypress
Install the package via pip:
pip install django-dynamic-admin-forms
or via pipenv:
pipenv install django-dynamic-admin-forms
Add the module to INSTALLED_APPS
:
INSTALLED_APPS = (
...,
'django_dynamic_admin_forms',
'django.contrib.admin'
...
)
Ensure that the dynamic_admin_forms
comes before the
default django.contrib.admin
in the list of installed apps,
because otherwise the templates, which are overwritten by dynamic_admin_forms
won't be found.
Ensure that the dynamic_admin_forms
templates are found via using APP_DIRS
setting:
TEMPLATES = [
{
'BACKEND': 'django.template.backends.django.DjangoTemplates',
'APP_DIRS': True,
...
},
]
Run python manage.py collectstatic
to include this apps Javascript code in your settings.STATIC_ROOT
directory
pip install -U pip-tools
pip-compile --extra dev, -o requirements.txt pyproject.toml --resolver=backtracking
pip-sync
-e /Users/workspace/django-dynamic-admin-forms
or via pip pip install -e /Users/workspace/django-dynamic-admin-forms
Run tests
pytest --ds settings tests
Check coverage
coverage run -m pytest --ds settings tests
coverage report -m
We use pre-push hooks to ensure that only linted code reaches our remote repository and pipelines aren't triggered in vain.
To enable the configured pre-push hooks, you need to install pre-commit and run once:
pre-commit install -t pre-push -t pre-commit --install-hooks
This will permanently install the git hooks for both, frontend and backend, in your local
.git/hooks
folder.
The hooks are configured in the .pre-commit-config.yaml
.
You can check whether hooks work as intended using the run command:
pre-commit run [hook-id] [options]
Example: run single hook
pre-commit run ruff --all-files --hook-stage push
Example: run all hooks of pre-push stage
pre-commit run --all-files --hook-stage push
sphinx-build docs/ docs/_build/html/
.docs/_build/html/index.html
to see the documentation.If you have added custom text, make sure to wrap it in _()
where _
is
gettext_lazy (from django.utils.translation import gettext_lazy as _
).
How to create translation file:
django-dynamic-admin-forms
python manage.py makemessages -l de
django_dynamic_admin_forms/locale
How to compile translation files:
django-dynamic-admin-forms
python manage.py compilemessages
django_dynamic_admin_forms/locale
Update documentation about new/changed functionality
Update the Changelog
Increment version in main __init__.py
Create pull request / merge to master
This project uses the flit package to publish to PyPI. Thus publishing should be as easy as running:
flit publish
To publish to TestPyPI use the following ensure that you have set up your .pypirc as shown here and use the following command:
flit publish --repository testpypi
Please note that this package supports the ambient-package-update.
So you don't have to worry about the maintenance of this package. All important configuration and setup files are
being rendered by this updater. It works similar to well-known updaters like pyupgrade
or django-upgrade
.
To run an update, refer to the documentation page of the "ambient-package-update".
FAQs
Add simple dynamic interaction to the otherwise static django admin.
We found that django-dynamic-admin-forms demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
The Socket research team breaks down a sampling of malicious packages that download and execute files, among other suspicious behaviors, targeting the popular Discord platform.
Security News
Socket CEO Feross Aboukhadijeh joins a16z partners to discuss how modern, sophisticated supply chain attacks require AI-driven defenses and explore the challenges and solutions in leveraging AI for threat detection early in the development life cycle.
Security News
NIST's new AI Risk Management Framework aims to enhance the security and reliability of generative AI systems and address the unique challenges of malicious AI exploits.