I have a typical django view setup for adding a new or editing a

Question

0

Asked: June 13, 20262026-06-13T01:01:09+00:00 2026-06-13T01:01:09+00:00

I have a typical django view setup for adding a new or editing a

0

I have a typical django view setup for adding a new or editing a current ‘book’ model (through forms). This is of the nature:

def bookedit(request, bookid=None):
    if bookid:
        book = get_object_or_404(Book, pk=bookid)
    else: 
        book = Book()

    if request.method == 'POST':
        <form handling code.....>

I now want to put a decorator on this to limit editing to the user who created the Book. Using django-guardian I have the following decorator to wrap the above code:

@permission_required_or_403('myapp.edit_book', (Book, 'id', 'bookid'))

This works okay in the scenario of editing Books already created, i.e. a 403 will be thrown if the user is not the creator. However, in adding a new book the bookid is empty and crashes the decorator code. Is there a good way to handle this scenario (without separating out the edit and add functions)?

Thanks,
Gerry

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-06-13T01:01:10+00:00

Editorial Team

2026-06-13T01:01:10+00:00Added an answer on June 13, 2026 at 1:01 am

I’m sorry but that’s not possible. django-guardian is not build for that request. Anyways I recommend to create all CRUD-views (create, read, update, delete) on their own.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I have a typical django view setup for adding a new or editing a

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply