├── LICENSE └── readme.md /LICENSE: -------------------------------------------------------------------------------- 1 | Copyright (c) 2022, Şuayip Üzülmez 2 | All rights reserved. 3 | 4 | Redistribution and use in source and binary forms, with or without 5 | modification, are permitted provided that the following conditions are met: 6 | 7 | 1. Redistributions of source code must retain the above copyright notice, this 8 | list of conditions and the following disclaimer. 9 | 10 | 2. Redistributions in binary form must reproduce the above copyright notice, 11 | this list of conditions and the following disclaimer in the documentation 12 | and/or other materials provided with the distribution. 13 | 14 | 3. Neither the name of the copyright holder nor the names of its 15 | contributors may be used to endorse or promote products derived from 16 | this software without specific prior written permission. 17 | 18 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 19 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 20 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 21 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE 22 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 23 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 24 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER 25 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 26 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 27 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -------------------------------------------------------------------------------- /readme.md: -------------------------------------------------------------------------------- 1 | # Django Questions 2 | 3 | Here are some questions (of my taste) related to Django that I think are useful 4 | to ponder upon. They are not interview questions per se, but I think it could 5 | be a measure to reason your competence by checking yourself with each question. 6 | Some of them constitute a bigger problem and therefore require a little 7 | thinking where others could be answered immediately or dwell upon some 8 | implementation details. 9 | 10 | If you have any suggestions, feel free to add your question via a PR, however I 11 | would only accept questions that follow the *theme* and are a bit *qualified*. 12 | 13 | --- 14 | 15 | 1. To improve update queries in the application, the project manager creates a 16 | task which entails replacing model `save()` calls with 17 | `save(update_fields=[...])`. After the task is completed, the client starts 18 | to complain about outdated content (i.e., seeing the same content all the 19 | time) on various endpoints. What could be the issue? 20 | 21 | 2. Two developers are working on the same model in separate branches. Developer 22 | A finishes his work and his branch is merged to main. After some time, 23 | developer B finishes his work, and to make sure there were no conflicts with 24 | B, he rebases their branch from main; there appears to be no conflicts and 25 | branch of B is merged. The main branch is then submitted to development 26 | server, where the auto migrate commands fails due to conflicting migrations. 27 | What happened? 28 | 29 | 3. How would you add a unique field (say UUID) to a model, in a backwards 30 | compatible manner? 31 | 32 | 4. In the following code, what might be the reason for the usage of 33 | `transaction.atomic`? 34 | ```python 35 | @transaction.atomic 36 | def commit(instance, data): 37 | for attr, value in data.items(): 38 | setattr(instance, attr, value) 39 | instance.save(update_fields=data.keys()) 40 | ``` 41 | 42 | 5. A developer uses a many-to-many field with `"self"` to hold "following 43 | users" of a user. After using `add` method on the field, they realize that 44 | the target user's following list is also populated. What might have caused 45 | this? 46 | 47 | 6. Could you describe a scenario in which a recursion error is propagated 48 | through signals? Assume that a signal does not directly invoke itself. 49 | 50 | 7. What is the difference between psycopg2 and psycopg2-binary? Which one 51 | should be used in which case? 52 | 53 | 8. Which library do you need to install to use `models.ImageField`? 54 | 55 | 9. What is 'gunicorn'? 56 | 57 | 10. The code below produces incorrect counts for specified fields. What could 58 | be the reason? 59 | ```python 60 | User.objects.annotate(Count("following"), Count("followers")) 61 | ``` 62 | 63 | 11. Explain the distinction between `FieldFile` and `FileField`. 64 | 65 | 12. Why do some developers advocate the use of `default=timezone.now` over 66 | `auto_now_add=True`? 67 | 68 | 13. How does `manage.py` determine the settings module of your application? 69 | 70 | 14. What is the difference between Django-provided `TestCase` and 71 | `TransactionTestCase`? 72 | 73 | 15. How would you handle a multi-language Django project? Which Django tools 74 | and 3rd party libraries would you use? 75 | 76 | 16. Could you tell of some built-in security measures taken by Django? Do you 77 | know of a common security consideration, in the context of the web, that 78 | Django does not provide? 79 | 80 | 17. Why adding `null=True` to a `CharField` is a bad idea? 81 | 82 | 18. You are asked to build a "soft-deletion" implementation that would 83 | encompass multiple models across multiple apps. In general terms, how would 84 | you do it? 85 | 86 | 19. Say you have a field which has a `RegexValidator`. How would you impose 87 | this validation at the database level as well, without using raw SQL? 88 | 89 | 20. Say you are coding in a context where it is not possible import 90 | the desired model class due to circular imports. How would you acquire this 91 | model class? 92 | 93 | 21. Other than omitting `prefetch_related` and `select_related`, what are some 94 | common mistakes developers make that slow down Django applications? 95 | 96 | 22. You are assigned to monitor a Django application in production; your aim is 97 | to find possible bottlenecks and optimize overall performance of the 98 | application. What tools are you going to use? By giving example cases, what 99 | type of solutions could you implement? 100 | 101 | 23. What is 'middleware'? Can you name some middleware classes that are 102 | provided by Django, with their purpose? Could you tell of an example where 103 | you needed to use a middleware? 104 | 105 | 24. Clients complain about the slowness of the Django admin site. What could be 106 | the reasons behind this issue, and how would you improve it? 107 | 108 | 25. Can you differentiate model methods and model manager methods? In what 109 | cases using one suits better than the other? 110 | 111 | 26. One could hook up the `post_save` signal to do processing after the model 112 | instance is saved, it is also possible to override `save()` model method to 113 | do the same work. Which method would you use in which case? 114 | 115 | 27. If you omit `related_name` on a `ForeignKey` field, what does Django set as 116 | default? 117 | 118 | 28. A developer converts `ForeignKey` with `unique=True` to `OneToOneField`, 119 | knowing these two correspond to the same structure in the database. Would 120 | this conversion break anything in the domain of Django? If so, how? 121 | 122 | 29. In QuerySets, what is the difference between using one filter with many 123 | arguments versus chaining multiple filters? 124 | 125 | 30. What does the phrase “QuerySets are lazy” mean? Give some instances where a 126 | QuerySet would get evaluated. 127 | 128 | 31. How would you ensure an email is sent only after an object is created in 129 | the database, and how would you test this functionality? 130 | 131 | 32. Do you know how Django development team manages its releases? Which version 132 | of Django would you use at any given time, and why? 133 | 134 | 33. What do you think about generic relations? Can you tell few pros and/or 135 | cons? 136 | 137 | 34. Django is often considered to have a monolithic architecture, what does 138 | this mean? 139 | 140 | 35. Give an instance from Django APIs where operator overriding is used. 141 | 142 | 36. What does `F` object do in Django? Give a couple of distinct cases where 143 | the usage of `F` object would be appropriate. 144 | 145 | 37. Explain Cross-site request forgery (CSRF) vulnerability and Django's 146 | secure implementation against it. 147 | 148 | 38. Explain BREACH attack. Does Django have any mitigation against it? How 149 | would such mitigation work? 150 | 151 | 39. Assume that you are adding a new setting, which should hold some sort of 152 | secret such as an API key. Security-wise, in what manner would you add that 153 | key so that it would be more secure i.e., not easily exposed to outside? 154 | 155 | 40. You are doing a security audit for a Django website, and by checking 156 | "Not found" page, you have realized that the website has not disabled the 157 | `DEBUG` mode. To make your point, you want to trigger a 500 error so that 158 | all the environment variables would be exposed; in which case you would 159 | send the exposed variables to the customer in joy. How would you trigger a 160 | 500 error easily, in this case? 161 | 162 | 41. What are some things that make apparent that a website uses Django as 163 | backend? 164 | 165 | 42. In the context of database backup, why is the usage of Django management 166 | commands`loaddata` and `dumpdata` are not desirable? What would a proper 167 | database backup setup entail? 168 | 169 | 43. In summary, how does Django migrations work? Why do we need migrations? Do 170 | you know what happens in the background? What does Django migrations entail 171 | in the actual database? 172 | 173 | 44. How do you scale a Django application? 174 | 175 | 45. What is WSGI; how about ASGI? 176 | 177 | 46. Using Django, how would you transfer some data via untrusted environments 178 | (e.g., email), making sure of the authenticity and integrity of the data 179 | while receiving it? 180 | 181 | 47. What do you know about system check framework, can you give an example 182 | of a built-in check? Is it possible to write your own checks? 183 | 184 | 48. What would you do if you wanted to associate users with sessions? 185 | 186 | 49. What is a swappable dependency? 187 | 188 | 50. How does the intermediate table in a many-to-many relationship is 189 | generated, and how would you add custom fields to that model? 190 | 191 | 51. What does `CONN_MAX_AGE` setting do? 192 | 193 | 52. What does `ATOMIC_REQUESTS` setting do? What might be the pros and cons for 194 | enabling atomic requests? 195 | 196 | 53. Sometimes, it is preferable to lock a row in the database during certain 197 | transactions. Can you give one situation where this would be helpful? And 198 | how would you do it? 199 | 200 | 54. How would you upgrade a Postgres deployment to the next major release? 201 | 202 | 55. How do JWT tokens work? What does the phrase "stateless authentication" 203 | mean? 204 | 205 | 56. What type of authentication mechanism does Django use by default? Have you 206 | ever used alternative authentication methods? 207 | 208 | 57. During error monitoring, you realize that workers frequently shut down with 209 | `SystemExit(1)`, what could be the cause? 210 | 211 | 58. What are the differences between class-based and function-based views? 212 | Which style do you use in which context? 213 | 214 | 59. How would you Dockerize a Django application? 215 | 216 | 60. What is Redis? What might be some reasons to use Redis? Do you have any 217 | concrete examples using Redis? 218 | 219 | 61. Why would one need multiple Celery workers? 220 | 221 | 62. What is the purpose of Celery beat? 222 | 223 | 63. In a Django application, the response times slows down during 3 a.m. every 224 | night, even though the traffic is roughly the same. What could be the 225 | cause? 226 | 227 | 64. How would one monitor Celery tasks? 228 | 229 | 65. Why, by default, is it not possible to pass a model instance to a Celery 230 | task? And how would you achieve this behavior? 231 | 232 | 66. What are some use cases for Celery? What types of Celery tasks did you 233 | write? Can you justify your use case? 234 | 235 | 67. Why is it not recommended to serve static files with Django? 236 | 237 | 68. How would you serve large amounts of JSON data (>5MB) via an API, in an 238 | efficient manner? 239 | 240 | 69. How would you serve a large CSV file (>5MB), in an efficient manner? 241 | 242 | 70. How do Django signals compare to database triggers? In which contexts 243 | would you prefer using triggers over signals? 244 | 245 | 71. What does `transaction.on_commit` do? Can you give an example use case for 246 | this functionality? 247 | 248 | 72. Why is a bad idea to use `functools.lru_cache` on model methods? 249 | 250 | 73. How would you separate development and production requirements for given 251 | Django project? (e.g., Python dependencies, settings etc.) 252 | 253 | 74. How would you adapt Django migrations for a project that went live and 254 | never had any migration files to begin with? 255 | 256 | 75. Django ORM is powerful, but it does not necessarily allow for translating 257 | every SQL statement. Can you give justified/useful SQL queries that could 258 | not be performed by only using the ORM? 259 | 260 | 76. What is your go-to route for documenting your Django project? How do you 261 | fragment your documentation, i.e., which topics do you include? 262 | 263 | 77. Which tools do you use for you project to ensure consistent code-style and 264 | formatting? How do you automate them? Any tools you use that checks for 265 | Django-specific constructs? 266 | 267 | 78. In your opinion, what is the worst part of developing a Django 268 | application? 269 | 270 | 79. What does `RunPython` migration operation do and in which cases would it 271 | be appropriate to use it? 272 | 273 | 80. What does `SeparateDatabaseAndState` migration operation do and in which 274 | cases would it be appropriate to use it? 275 | 276 | 81. What does `RunSQL` migration operation do and in which cases would it be 277 | appropriate to use it? 278 | --------------------------------------------------------------------------------