Allow data insertion only after time duration threshold in django-CodePudding

I have a model in Django with a DateTimeField attribute. I want to forbid insertion of new data in the database if the duration between the datetime field of the new data and the latest datetime field in the database is less than some duration threshold.

class MyModel(models.Model):

time_stamp = models.DateTimeField(default=timezone.now, null=True)

When I want to insert a datapoint say today, and the latest time stamp in my database is yesterday, and the duration threshold is one month (this operation should not be possible).

CodePudding user response：

You can define this logic in your views like so:

from django.shortcuts import get_object_or_404
import datetime

def CreateNew(request, id):
    obj = get_object_or_404(MyModel, id = id) #Get the object from your database
    form = YourForm(request.POST or None, instance = obj) #create form instance to be rendered inside template

    diff = (timezone.now() - obj.time_stamp).total_seconds()
    threshold = datetime.timedelta(days=30).total_seconds()

    if diff < threshold: # Compare dates to check condition
        return HttpResponse('<h1>Not Allowed</h1>')
    elif form.is_valid(): # If condition is passed save form as you normally would
        form.instance.time_stamp = timezone.now() # Update time_stamp to current time
        form.save()
        return HttpResponseRedirect("/")

context = {
    'form': form
}
return render(request, "Your_template", context)

CodePudding user response：

If you are determined that this is prevented in a more hard manner than putting protection logic in view(s), then instead of checking in the view you can check in the model's save method.

def save( self, *args, **kwargs):

    diff = (timezone.now() - self.time_stamp).total_seconds()
    threshold = datetime.timedelta(days=30).total_seconds()

    if diff < threshold: # Compare dates to check condition

        # not certain ValueError is the best choice of exception
        raise ValueError( 
            f"Can't save because {diff} seconds since the previous save, the minimum is {theshold}"
        )
    super().save( *args, **kwargs)

This check can still be bypassed, by Django bulk_update for example, and by raw SQL. Some databases may let you put the check into the database itself.

The downside is that fixing mistakes using (for example) the Django Admin may become difficult. In this case you can programmatically bypass the check by resetting the timestamp first.