On Wednesday 05 July 2017 10:02:59 Denis Cosmin wrote: > I need to create an journal like application, where users can submit > papers and those papers can be reviewed. My code is publicly > available on github and the app is about ~50 done. > > The reviewers should also be users of the same app and they should be > able to comment and perhaps give a rating. (I will create a model for > this later) > > How can I achieve that? > > How do I restrict the Paper model only to the Author (the user who > submitted it), the Admins and the Reviewers?
Two possibilities: - Per object permissions: example Django Guardian[1] (model level) - View permissions: UserPassesTest[2] (view level) Maybe a third using limit_choices_to on ForeignKey fields, but don't see an easy way to implement it and the two above should be sufficient plus deal with authorization/authentication rather then data model. -- Melvyn Sopacua -------- [1] https://djangopackages.org/packages/p/django-guardian/ [2] https://docs.djangoproject.com/en/1.11/topics/auth/default/#django.contrib.auth.mixins.UserPass esTestMixin -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/django-users. To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/3472052.G0AmT4Asni%40devstation. For more options, visit https://groups.google.com/d/optout.
