django阻止在提交之前定义访问变量

时间:2018-05-30 16:26:58

标签: django

我有以下django视图效果很好,除非在上一个视图中点击提交的按钮,我发送POST信息。

def submitted(request):
# sets the employeentname to the username from the POST of results
    owner = ADMirror.objects.get (employeentname=request.POST.get('userpost'))
# sets the firstname of owner
    firstname = owner.employeefirstname
# sets the lastname of owner
    lastname = owner.employeelastname
# gets the POST list for the report_id values in the checkboxes for application names
    checkedlist = request.POST.getlist('report_id')
    reportdetail = QvReportList.objects.filter(report_id__in = checkedlist).values_list('report_name_sc', flat = True).distinct()



# gets the timestamp from the system clock when the submit button is pressed
    access_request_date = timezone.now()
####  Unused at this time, but we can pull the division CFO and facility CFO based on the tables Gregg created in the SQL server database.  We'll let the workflow tool handle this part.
#    facilitycfo =  QvDatareducecfo.objects.filter(dr_code__exact = '34222', active = 1, cfo_type = 1).values_list('cfo_ntname', flat = True)
#    divisioncfo =  QvDatareducecfo.objects.filter(dr_code__exact = '34222', active = 1, cfo_type = 2).values_list('cfo_ntname', flat = True)
    #print (facilitycfo)
    #print (divisioncfo)
# gets the access level ie facility, division, market, group, corporate from the results.html POST request sent to submitted.html
    selectedaccesslevel = request.POST.get('accesslevelid')
# sets access level name and organization level name for the submitted page
    if request.method == 'POST' and selectedaccesslevel == '3':
        accesslevel = 'company-wide access'
        orglevelname = ''
    if request.method == 'POST' and selectedaccesslevel == '4':
        accesslevel = 'group level access'
        accesslevelname = request.POST.getlist('blevel')
        orglevelname = FacilityDimension.objects.filter(b_level__in = accesslevelname).values_list('group_name', flat = True).distinct()
    if request.method == 'POST' and selectedaccesslevel == '5':
        accesslevel = 'division level access'
        accesslevelname = request.POST.getlist('rlevel')
        orglevelname = FacilityDimension.objects.filter(r_level__in = accesslevelname).values_list('division_name', flat = True).distinct()
    if request.method == 'POST' and selectedaccesslevel == '6':
        accesslevel = 'market level access'
        accesslevelname = request.POST.getlist('dlevel')
        orglevelname = FacilityDimension.objects.filter(d_level__in = accesslevelname).values_list('market_name', flat = True).distinct()

    if request.method == 'POST' and selectedaccesslevel == '7':
        accesslevel = 'facility level access'
        accesslevelname = request.POST.getlist('zcoid')
        orglevelname = FacilityDimension.objects.filter(coid__in = accesslevelname).values_list('coid_name', flat = True).distinct()




# gets the PHI boolean flag from the results.html POST request sent to submitted.html
    selectedphi = request.POST.get('phi')

# if statements to define hte datarduce code based on the selected access level sent from the results.html POST
## corporate
    if request.method == 'POST' and selectedaccesslevel == '3':
        selectlist = "S00001"
# group
    if request.method == 'POST' and selectedaccesslevel == '4':
        selectlist = request.POST.getlist('blevel')
# division
    if request.method == 'POST' and selectedaccesslevel == '5':
        selectlist = request.POST.getlist('rlevel')
# market
    if request.method == 'POST' and selectedaccesslevel == '6':
        selectlist = request.POST.getlist('dlevel')
# facility
    if request.method == 'POST' and selectedaccesslevel == '7':
        selectlist = request.POST.getlist('zcoid')
        selectlist = [f'Z{value}' for value in selectlist]

# nested if/for statement which writes to the [QlikView].[dbo].[QV_FormAccessRequest] table if a corporate access level is selected the datareduce code is set to S00001
    if request.method == 'POST':
        for i in checkedlist:
            if selectedaccesslevel == '3':
                    requestsave = QVFormAccessRequest(ntname = 'HCA\\'+owner.employeentname, first_name = owner.employeefirstname, last_name = owner.employeelastname, coid = owner.coid, title = owner.title
                                                    ,report_id = i, accesslevel_id = selectedaccesslevel, phi = selectedphi , access_beg_date = access_request_date, previousdatareducecode = '',  datareducecode = 'S00001', facility = owner.facilityname, requestid = '0', requesttype = 'New')# = list(facilitycfo)[0], division_cfo = list(divisioncfo)[0] )
                    requestsave.save()
# part of the nested if/for statement above which writes to [QlikView].[dbo].[QV_FormAccessRequest] if anything other than corporate user is selected it will chose the correct data reduce code based on the select list if statements above.
            else:
                for j in selectlist:
                    requestsave = QVFormAccessRequest(ntname = 'HCA\\'+owner.employeentname, first_name = owner.employeefirstname, last_name = owner.employeelastname, coid = owner.coid, title = owner.title
                                            ,report_id = i, accesslevel_id = selectedaccesslevel, phi = selectedphi , access_beg_date = access_request_date,previousdatareducecode = '', datareducecode = j, facility = owner.facilityname,requestid = '0', requesttype = 'New' )# = list(facilitycfo)[0], division_cfo = list(divisioncfo)[0] )
                    requestsave.save()

    args = {'firstname' : firstname, 'lastname' : lastname, 'owner' : owner, 'accesslevel':accesslevel, 'reportdetail':reportdetail, 'orglevelname':orglevelname}
    return render(request, 'submitted.html', args)

我的表单上有多个按钮,所以我无法使用,因为它会干扰另一个按钮的操作,所以我使用了以下的javascript验证。

function submitFormSub(action) {
  var form = document.getElementById('form1');
  form.action = action;
  var accesslevelid = document.getElementById('accesslevelid');
  if (form.action == 'submitted')
  {
    if ($('#accesslevelid').val() == "")
  {
      alert('Please select an access level');
      return false;
    }

    form.submit();
  }

}

上面的验证工作很精彩,因为我看到警报,但表单仍然尝试提交,并且我遇到了以下错误。

local variable 'accesslevel' referenced before assignment

1 个答案:

答案 0 :(得分:1)

一些选择:

1)将表单转换为Django $method = $_POST["method"] ?? : ""; if(!empty($method)) { $allowed_methods = array( "signup_ajax", "signin_ajax", "add_ad_ajax", "upload_ad_image", "send_message", "get_message", "get_cnv", "del_add_to_fav", "delete_ajax", "un_block_ad_ajax", ); if(in_array($method,$allowed_methods)) { if(call_user_func($method) === false) { exit(http_response_code("400")); } }else{ exit(http_response_code("404")); } }else{ exit(http_response_code("404")); } ,以便您可以覆盖验证方法,从而在调用Form方法时失败。这几乎可以肯定是最干净的。您还可以使用字段上的is_valid关键字定义不同的选项,并清理大量不必要的代码。

2)调用choices并在selectedaccesslevel = request.POST.get('accesslevelid', None)上跳过以呈现返回,而没有尝试设置访问级别而不处理表单以创建None实例的逻辑。

解释:

QVFormAccessRequest