So I've got my permissions set up and my views are working and
everything is great.
Now I'm trying to make it so that within a view, if the user is logged
in, the user can see Orders (a model) they've created, but not see
orders they haven't created. As such, my view is this:
@user_passes_test(lambda u: not u.is_anonymous() , login_url='login/')
def customer_area(request):
user = User()
customer_order_list =
Order.objects.filter(customer.number==user.username)
return render_to_response(...)
Now, I know I'm probably not making proper use of the User object, so
any suggestions in that regard would be helpful, as well as tied to the
main problem I'm having.
When an Order is created, there's a foreign key in there for a
Customer. When the Customer is created, I'm creating a new User by
overriding the save method of the Customer object, like so:
def save(self):
if self.id is None:
self.user = User.objects.create_user(self.number,
self.email, self.password)
self.user.first_name = self.name
self.user.email = self.email
self.user.save()
else:
try:
self.user = User.objects.get(username=self.number)
except:
self.user = User.objects.create_user(self.number,
self.email, self.password)
self.user.set_password(self.password)
self.user.first_name = self.name
self.user.email = self.email
self.user.save()
super(Customer, self).save()
I know I can also set User permissions at the same time, and here we
finally come to my question:
How can I set up the User permissions such that the logged in User can
only access Orders they've created?
I've read the authentication docs, and no clear answer is forthcoming.
I'll go read them again whilst I wait in hope of an answer to this
post!
- Dave Worley
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/django-users
-~----------~----~----~----~------~----~------~--~---
