Is there is best practice to forbid access to other user’s objects in django? Let’s say i can access to object by PK in path (some/path/to/object/PK/edit). What best way to forbid access User1 to User2 objects by pk in path?
Share
Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
Is there is best practice to forbid access to other user’s objects in django? Let’s say i can access to object by PK in path (some/path/to/object/PK/edit). What best way to forbid access User1 to User2 objects by pk in path?
I usually create a
@owner_requireddecorator to wrap elements with such requirements, how the logic works depends on usecase