Thanks @KenWhitesell for your thoughts and feedback.
The beautiful thing about Django is there is multiple ways to achieve something.
What I want to know is, is there an “industry standard” way of doing the above.
When I constructed the models & forms for example, I was careful to mind data normalization rules/guidelines.
What I’m currently doing is having a primary CBV that facilitates most of the requirements, namely (Rendering the HTML template, “get” the relative forms and data from the models and “post” saving the updated record data whilst still having the ability to initiate any FBV’s relative to the main pk.
By doing most of the work in the CBV, I avoid having to constantly call the pk via urls and pass them to the FBV.
Would this be an acceptable and “more” secure approach?
Example of my get portion of the CBV:
def get(self, request, RecordID):
Record = get_object_or_404(RecordT, pk=RecordID)
Stock = StockT.objects.filter(RecordID=Record)
Record_form = RecordForm(instance=Record)
Stock_form = AddStockForm()
context = {
'Record': Record,
'Record_form': Record_form,
'Stock': Stock,
'Stock_form': Stock_form,
}
return render(request, 'Records/View_Record.html', context)
def post(self, request, RecordID):
Record = get_object_or_404(RecordT, pk=RecordID)
action = request.POST.get('action', '')
action_map = {
'Process_Record_To_Invoice': 'Process_Invoice',
}
if action in action_map:
return redirect(reverse(f'Record:{action_map[action]}', kwargs={'RecordID': RecordID}))
elif 'Record_form_submit' in request.POST:
Record_form = RecordForm(request.POST, instance=Record)
if Record_form.is_valid():
Record_form.save()
messages.success(request, "Record Updated")
else:
messages.error(request, "Record form has errors")
return redirect(reverse('Records:View_Record', kwargs={'RecordID': RecordID}))
elif 'Stock_form_submit' in request.POST:
Stock_form = AddStockForm(request.POST)
if Stock_form.is_valid():
new_stock = Stock_form.save(commit=False)
new_stock.RecordID = Record
new_stock.save()
messages.success(request, "Stock Added")
else:
context = {
'Record': Record,
'Record_form': RecordForm(instance=Record),
'Stock': StockT.objects.filter(RecordID=Record),
'Stock_form': Stock_form, # Include the form with errors
}
return render(request, 'Records/View_Record.html', context)
else:
messages.error(request, "Invalid form submission")
return redirect(reverse('Records:View_Record', kwargs={'RecordID': RecordID}))