overriding __init__() and save() on BookmarkForm seems unnecessary

Create issue
Issue #86 resolved
Reindert-Jan Ekker created an issue

Since the owner field is excluded from the form, the default save method will not take it from the submitted data, not even if an attacker adds it to the POST data. So overriding init and save() is not necessary. Instead, the documentation lists another way to add data to this field (see Note under https://docs.djangoproject.com/en/1.5/topics/forms/modelforms/#using-a-subset-of-fields-on-the-form). This code would be in the view:

bookmark = Bookmark(owner=request.user)
form = BookmarkModel(instance=bookmark, data=request.POST)
form.save()

Please let me know if you agree that this code is simpler and cleaner.

Comments (4)

  1. Markus Zapke-Gründemann repo owner

    Sorry for letting you wait so long for an answer!

    Your proposal is in fact the best solution. Added it to the next release.

    Thanks!

  2. Log in to comment