Here is a simple example of a django view with a potential race condition:
# myapp/views.py
from django.contrib.auth.models import User
from my_libs import calculate_points
def add_points(request):
user = request.user
user.points += calculate_points(user)
user.save()
The race condition should be fairly obvious: A user can make this request twice, and the application could potentially execute user = request.user
simultaneously, causing one of the requests to override the other.
Suppose the function calculate_points
is relatively complicated, and makes calculations based on all kinds of weird stuff that cannot be placed in a single update
and would be difficult to put in a stored procedure.
So here is my question: What kind of locking mechanisms are available to django, to deal with situations similar to this?
@transaction.commit_on_success
+QuerySet.select_for_update()
– Kevenkeverian