make_option(
'--file',
action='store',
dest='in_file',
help="File to process"),
make_option(
'--filter',
action='store',
dest='filter',
help="Filter by a store object")
def run(self, *args, **kwargs):
with open(kwargs['in_file']) as csvfile:
reader = csv.reader(csvfile, delimiter=',')
for row in reader:
filter_store = row[0] #123123
update_store = row[1]
Store.objects.filter(**kwargs['filter'] = filter_store).update(**kwargs['update'] = update_store)
This doesn't include the complete code^
I am trying to filter the database with store ID I passed via stored kwargs but getting a syntax error.
Store.objects.filter(**kwargs['filter'] = filter_store)
basically **kwargs['filter'] here has "id" value and filter_store has the store IDs. It should perform the following with **kwargs:
Store.objects.filter(id = 4334225)
That is not how **kwargs work. In that case the kwargs should be a dictionary that maps parameters on the value.
But we can construct such dictionary, with:
some_dict = { kwargs['filter']: filter_store }
and then:
Store.objects.filter(**some_dict)
Or we can combine the two in a one liner:
Store.objects.filter(**{kwargs['filter']: filter_store })
Mind however that if kwargs contains data that is passed by the user, this can imply a security threat, since it could - at least in theory - allow a hacker to filter on sensitive data, and thus obtain data out of the database that you want to hide. Say for example that you want to hide bank account information of a store, then a hacker could use a sequence of iban__lts to perform binary search on the IBAN number of the store.