Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon

Django 2.1 released with new model view permission and more

Save for later
  • 3 min read
  • 06 Aug 2018

article-image

Django 2.1 has been released with changes to Model view permissions, Database backend API, and additional new features. Django 2.1 supports Python 3.5, 3.6, and 3.7. Django 2.1 is a time-based release. The schedule followed was:







May 14, 2018 Django 2.1 alpha; feature freeze.
June 18 Django 2.1 beta; non-release blocking bug fix freeze.
July 16 Django 2.1 RC 1; translation string freeze.
~August 1 Django 2.1 final


Here is the list of all new features:

Model view permission


Django 2.1 adds a view permission to the model Meta.default_permissions. This new permission will allow users read-only access to models in the admin. The permission will be created automatically when running migrate.

Considerations for the new model view permission


With the new “view” permission, existing custom admin forms may raise errors when a user doesn’t have the change permission because the form might access nonexistent fields.

If users have a custom permission with a codename of the form can_view_<modelname>, the new view permission handling in the admin will allow view access to the changelist and detail pages for those models.

Unlock access to the largest independent learning library in Tech for FREE!
Get unlimited access to 7500+ expert-authored eBooks and video courses covering every tech area you can think of.
Renews at €18.99/month. Cancel anytime

Changes to Database backend API

  • To adhere to PEP 249, exceptions where a database doesn’t support a feature are changed from NotImplementedError to django.db.NotSupportedError.
  • The allow_sliced_subqueries database feature flag is renamed to allow_sliced_subqueries_with_in.
  • The DatabaseOperations.distinct_sql() now requires an additional params argument and returns a tuple of SQL and parameters instead of a SQL string.
  • The DatabaseFeatures.introspected_boolean_field_type is changed from a method to a property.

Dropped support for MySQL 5.5 and PostgreSQL 9.3


Django 2.1 marks the end of upstream support for MySQL 5.5. It now supports MySQL 5.6 and higher. Similarly, it ends the support for PostgreSQL 9.3. Django 2.1 supports PostgreSQL 9.4 and higher.

SameSite cookies


The cookies used for django.contrib.sessions, django.contrib.messages, and Django’s CSRF protection now set the SameSite flag to Lax by default. Browsers that respect this flag won’t send these cookies on cross-origin requests.

Other Features

  • It removes BCryptPasswordHasher from the default PASSWORD_HASHERS setting.
  • The minimum supported version of mysqlclient is increased from 1.3.3 to 1.3.7.
  • Support for SQLite < 3.7.15 is removed.
  • The multiple attribute rendered by the SelectMultiple widget now uses HTML5 boolean syntax rather than XHTML’s multiple="multiple".
  • The local-memory cache backend now uses a least-recently-used (LRU) culling strategy rather than a pseudo-random one.
  • The new json_script filter safely outputs a Python object as JSON, wrapped in a <script> tag, ready for use with JavaScript.


These are just a select few updates in available in Django 2.1. The release notes cover all the new features in detail.

Getting started with Django RESTful Web Services
Getting started with Django and Django REST frameworks to build a RESTful app
Python web development: Django vs Flask in 2018