Hey,
I am building an app where a user needs to create Bundle models. I am
providing a Bundle detail view with options for the user to add components
or edit the components in their Bundle model. I currently have it where
any signed in user can access these bundles. I would like to restrict
access to this detail page to only the user who created the Bundle model
(and the admins as well if possible). What is the best way to go about
this?
models.py
class Bundle(models.Model):
user = models.ForeignKey(User, on_delete=models.CASCADE)
urls.py
from . import views
urlpatterns=[
url(r'^(?P<pk>\d+)/$', views.BundleDetail.as_view(), name=
'bundle_detail'),
]
views.py
from django.contrib.auth.decorators import login_required
from django.contrib.auth.mixins import LoginRequiredMixin
from django.utils.decorators import method_decorator
from django.views import generic
from .models import Bundle
@method_decorator(login_required, name='dispatch')
class BundleDetail(LoginRequiredMixin, generic.DetailView):
model = Bundle
--
You received this message because you are subscribed to the Google Groups
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at https://groups.google.com/group/django-users.
To view this discussion on the web visit
https://groups.google.com/d/msgid/django-users/940c11dc-7d91-4041-ad4b-076dcfc85e9c%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
