The urlpattern is telling your view (I assume a subclass of UpdateView?)
which instance of your User model to edit, but that's all the urlpattern
gets you - there's nothing built in about permissions. You need to write
permission restrictions yourself.
There's a whole bunch of ways you can do this
for exemple, I have following url:
http://tenant.com:8000/accounts/test1/edit/
when my user right authenticated is test1, but if I change the url to
http://tenant.com:8000/accounts/admin/edit/, the data of user admin is
showing in profile form and if I change and save this form the admin's dat
2 matches
Mail list logo