Hey, I am building an app where a user needs to create Bundle models. I am providing a Bundle detail view with options for the user to add components or edit the components in their Bundle model. I currently have it where any signed in user can access these bundles. I would like to restrict access to this detail page to only the user who created the Bundle model (and the admins as well if possible). What is the best way to go about this?
models.py class Bundle(models.Model): user = models.ForeignKey(User, on_delete=models.CASCADE) urls.py from . import views urlpatterns=[ url(r'^(?P<pk>\d+)/$', views.BundleDetail.as_view(), name= 'bundle_detail'), ] views.py from django.contrib.auth.decorators import login_required from django.contrib.auth.mixins import LoginRequiredMixin from django.utils.decorators import method_decorator from django.views import generic from .models import Bundle @method_decorator(login_required, name='dispatch') class BundleDetail(LoginRequiredMixin, generic.DetailView): model = Bundle -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscr...@googlegroups.com. To post to this group, send email to django-users@googlegroups.com. Visit this group at https://groups.google.com/group/django-users. To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/940c11dc-7d91-4041-ad4b-076dcfc85e9c%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.