Home/ Questions/Q 7825857
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-02T09:11:00+00:00

I am creating a very simple to-do list application. Each user should have an

  • 0

I am creating a very simple to-do list application. Each user should have an associated to-do list page with basic CRUD functionality. That means User A should have different data than User B.

As of right now there is no distinction about who owns the to-do list. Anyone who is logged in can add, remove, display, delete tasks.

I have a gut feeling that I might need an extra something in my model and my template. I should mention that I use Pinax 0.9a2. If it does what I need it to do, I would prefer to use that solution instead.

Here’s my models.py

class Task(models.Model):
    name = models.CharField(max_length=100)
    added_at = models.DateTimeField(auto_now_add=True)
    last_update = models.DateTimeField(auto_now=True)

    def __unicode__(self):
        return self.name

Here’s one of my forms in views.py

def task_create(request):
    return create_object(request,
        model=Task,
        template_name='task_create.html',
        post_save_redirect=reverse("todo_list")
    )

Here’s 2 of my templates:

To-Do Create

 <form action="" method="post">{% csrf_token %}
        {{ form.name }}
        <button type="submit" class="btn primary">Create &rarr;</button>
    </form>

To-Do List

{% if task_list %}
    <p><a href="{% url task_create %}">Create a task</a></p>
    <ul>
    {% for task in task_list %}
        <li><a href="{% url task_detail task.id %}">{{ task.name }}</a></li>
    {% endfor %}
    </ul>
    {% else %}
        <p>No tasks to display, click to <a href="{% url task_create %}">create new</a>.</p>
    {% endif %}
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    So you just want to add access control to it?

    1. Add ForeignKey to auth.User to your ToDos model
    2. Rewrite your list and create views to make their work manually (you can achieve your goal with new class based views but you need to understand how do they work first)
    3. Add filter for queryset in list view
    4. Provide commit=False to your form’s save(), set up user for retrieved object and save it manually

    Code:

    class Task(models.Model):
    user = models.ForeignKey('auth.User')
    name = models.CharField(max_length=100)
    added_at = models.DateTimeField(auto_now_add=True)
    last_update = models.DateTimeField(auto_now=True)

class TaskForm(forms.ModelForm):
    class Meta:
        model = Task
        exclude = ['user', ]

def task_create(request):
    form = TaskForm(data=request.POST or None)
    if request.method == 'POST' and form.is_valid():
        task = form.save(commit=False)
        task.user = request.user
        task.save()
        return reverse("todo_list")
    return render(request,
        'task_create.html',
        {'form': form}
    )

    Also, add filtering by request.user in list view and I’d recommend @login_required decorator to avoid adding tasks by non-authorized users.

    • 0