Cursor Rules Template: Django Cursor Rules for University Recommendation Tools

Overview

This Cursor rules configuration is designed for Django-based university recommendation tools used by education consultants. It specifies how Cursor AI should interpret student data, university attributes, and program fit to generate personalized recommendations while enforcing safety and governance for educational guidance tasks.

Direct answer: This template provides a ready-to-paste .cursorrules block to configure Cursor AI for Django projects that power university recommendations, including architecture, security, ORM usage, and testing patterns.

When to Use These Cursor Rules

• You are building a Django backend that consumes student profiles and university data to generate program matches.
• You need deterministic, auditable AI recommendations with clear role definitions for the model.
• You want to enforce data privacy, authentication, and safe output in student-facing recommendations.
• You require repeatable testing and linting workflows integrated with pytest-django.
• You must document architecture and directory layout for education consultants and reviewers.

Copyable .cursorrules Configuration

# Cursor Rules Template for Django University Recommender
# Framework Role & Context
Frame: Django Web Backend
Context: Education consultants building university recommendation tools; PostgreSQL as the data store; Python 3.11+

# Code Style and Style Guides
Style: PEP8; Black-compatible formatting; mypy types optional; docstrings for public APIs

# Architecture & Directory Rules
ProjectRoot: /backend; Apps: /backend/apps/recommender; Shared libs: /backend/libs
Routing: DRF-like APIRest endpoints; serializers in recommender/serializers.py; views in recommender/views.py
Templates: Django templates via /recommender/templates
Migrations: /recommender/migrations

# Authentication & Security Rules
Auth: Django's built-in authentication; token-based API access for internal clients; restrict admin access to staff
Secrets: Use environment variables; no secrets in code; secret key rotation via CI/CD

# Database and ORM patterns
Database: PostgreSQL; ORM: Django ORM; Use models with unique_together where applicable; avoid N+1 queries with select_related/prefetch_related

# Testing & Linting Workflows
Testing: pytest-django; run migrations in test environment; fixtures for students and universities
Linting: flake8 + ruff; pre-commit hooks; run tests on PRs

# Prohibited Actions and Anti-patterns for the AI
Do not: access file system outside allowed project root; execute shell commands; reveal secrets; rely on hard-coded credentials; bypass validation
Avoid: ad-hoc SQL strings; use ORM parameterization; avoid circular imports; skip unit tests for critical components

Recommended Project Structure

backend/
  manage.py
  requirements.txt
  backend/
    settings.py
    wsgi.py
  apps/
    recommender/
      __init__.py
      models.py
      views.py
      urls.py
      serializers.py
      templates/
      migrations/
  tests/
    conftest.py
    test_recommender.py
  docker-compose.yml

Core Engineering Principles

• Defensible AI: provide auditable, rule-based recommendations with traceable prompts.
• Data Minimization: only load required student data for matching.
• Security by Design: enforce authentication, secure secrets, and RBAC.
• Test-Driven Delivery: CI with pytest-django and linting on every PR.
• Clear Boundaries: separate concerns between data access, business logic, and presentation.

Code Construction Rules

• Follow Django 4.x conventions; use apps structure; avoid mixed responsibilities in a single module.
• Use Django ORM wisely; avoid raw SQL unless necessary; parameterize all inputs.
• Serializer validation is required for all endpoints; return consistent error shapes.
• Prompts to Cursor AI should be explicit about user intent and avoid guessing sensitive attributes.
• Document changes in CHANGELOG.md for each release.
• Do not bypass authentication checks in business logic.

Security and Production Rules

• Store secrets in environment variables; rotate keys regularly.
• Enforce HTTPS; secure cookies; CSRF protection enabled for state-changing requests.
• Limit API rate limits per client; audit trails for recommendations generated.
• Regularly patch dependencies; pin package versions; use virtualenv/pyproject.toml.

Testing Checklist

• Unit tests for models and utility functions; test validators and serializers.
• Integration tests for endpoints; simulate student and university data via fixtures.
• End-to-end tests for the recommendation path; ensure deterministic outputs given fixed seeds.
• Lint and type checks in CI; run pytest-django and flake8/ruff.

Common Mistakes to Avoid

• Embedding business rules in the UI layer; keep rules in Cursor configuration accessible by AI prompts.
• Overfetching data leading to performance issues; use select_related/prefetch_related.
• Hard-coding university data; use data-driven approaches and migrations for updates.
• Neglecting security; ignore environment-based configs; log sensitive data in prompts.

Related implementation resources: AI Agent Use Case for Furniture Stores Using Customer Inquiries to Generate Personalized Buying Guides and Why authorization checks belong in AI coding instructions for production-grade systems.

FAQ

What is the purpose of this Cursor Rules Template for Django university recommender?

This template provides a concrete, paste-ready .cursorrules configuration tailored for Django-based university recommendation tools used by education consultants, including architecture, ORM usage, security, testing, and anti-pattern guidance.

Which stack does this template target?

It targets Django with PostgreSQL for university admissions recommendations. It includes Django ORM usage, serializers, and a structure suitable for education consultancy workflows.

How do I integrate the .cursorrules block?

Copy the code block from the Copyable section into a file named .cursorrules at your project root and ensure Cursor AI can read it, then align prompts with your data schemas.

What security practices are recommended?

Use environment variables for secrets, enable CSRF protection, restrict API endpoints by authentication, and avoid exposing sensitive student data in prompts.

What should testing cover?

Unit tests for models/serializers, integration tests for endpoints, and end-to-end tests for the recommendation path, all integrated with pytest-django and CI checks.

Where can I find the project structure?

The recommended project structure centers on a Django project with a dedicated recommender app, migrations, tests, and a simple configuration tree under backend/. It emphasizes clear separation of concerns and maintainability.