CUCC Expedition Handbook

Django and Troggle

Django Versions and troggle

Troggle is built on top of the django framework. In 2019 we had let ourselves get rather behind in keeping up to date with the current django version and this held us back from upgrading the operating system - which we needed to do. Troggle uses several community-contributed django plugins and each of these had their own version dependencies. We also got caught up with out of date and deprecated python language features.

A ridiculous amount of work was required to get to a situation where troggle was running on relatively recent and nearly security-in-date versions of python, django, plugins and linux by Summer 2020. We don't want that to happen again.

Three sentence intro to Django for python programmers

Django versions and deprecation

This may seem overly pedantic and heavyweight, but this is exactly what we need when we are supporting software over decades. When we use software in troggle which is not so well organised, we really feel the pain.

Django plugins

We do not just use our own code and django. We also use django plugins (known as "apps") too. These can do such things as image re-sizing, user authentication with captchas, PayPal processing or mailing list integration. Unfortunately django plugins are volunteer efforts and do not have the same defined update management process as django itself, so release schedules are rather random. They cause merry hell when upgrading troggle to use a new version of django.

Every extra plugin increases the "vulnerability surface" of troggle with respect to django upgrade problems so we now only install a new plugin if it is really, really necessary and we have removed as many as we could. For example, when django-staticfiles broke during one upgrade we discovered that we weren't really using it and could work around it, so we are not planning on reinstalling staticfiles.

Why we still use django

Well we might not use django indefinitely, but unlike many frameworks the necessary functions are separately replaceable. So this gives us an evolution path. We can incrementally reduce the amount of django we use, replacing it with our own simpler python that does only what we need.

The separate functions within the framework form a "stack". These functions exist in all web application frameworks but in Django they are loosely coupled.

The stack is:

  1. SQL database: mapping to/from python objects and indexing/access routines for all the entries (sqlite, MySQL, MariaDB, postgres all work). This is where the multi-user synchronisation happens too.
  2. request/response (http GET/POST) including access control and security middleware. We could never keep up with web security if we didn't use a well-supported system for this.
  3. URL mapping/dispatch which matches a requested URL with a chunk of python code, and vice versa (declarative and bidrectional). "Cool URIs don't change."
  4. templates which format the results of data queries into HTML pages or JSON data exports

See the django design philosophy on 'loose coupling and tight cohesion'. Note that having a URL dispatcher that supports reverse resolution is important: it is a key reason why we need a framework and not just a mess of javascript. We have nearly 100 URL patterns. We should try to reduce the number of distinct URLs perhaps, but they help document the structure too.

Other Cambridge student societies use Django

CUYC, the yacht sailing club, has a website system 3-4x bigger than troggle which is used for booking weekly sailing trips and handles all their money and certification records. It is plugged (live) into PayPal. They have a turnover of over £50,000 a year. We don't know of other societies in this league (yet), but Django skills are not rare in Cambridge.

More django coding tricks

[This section, and the 3-sentence intro, to go to another page ?]

Much of our coding is still stuck in the early Django v1 era, before 2011. So many idioms in the code are not the best way of doing things these days. In particular there are powerful query optimisations now available that none of our code uses (yet):

and also much more about the manipulation of QuerySets:

More refactoring still to do

Some of the more bizarre data model structures are probably fossils from Django v0.6, e.g. the separate classes that join Entrances to Caves. We haven't got to the bottom of all these yet.

Django Forms

TLDR: Just don't. Django has several generations of quite different clever mechanisms to make creating HTML forms "easier". Yes, making them might be easier, but maintaining this opinionated stuff is a nightmare. Really don't.

OK a form is broken or inadequate, so are you feeling confident? Are you adequately caffinated? Then a new adventure begins... Troggle and HTML forms.


Go on to: Troggle: updating Django
Return to: Troggle intro
Troggle index: Index of all troggle documents