On Wednesday 05 July 2017 10:02:59 Denis Cosmin wrote: > I need to create an journal like application, where users can submit > papers and those papers can be reviewed. My code is publicly > available on github and the app is about ~50 done. > > The reviewers should also be users of the same app and they should be > able to comment and perhaps give a rating. (I will create a model for > this later) > > How can I achieve that? > > How do I restrict the Paper model only to the Author (the user who > submitted it), the Admins and the Reviewers?
Two possibilities: - Per object permissions: example Django Guardian[1] (model level) - View permissions: UserPassesTest[2] (view level) Maybe a third using limit_choices_to on ForeignKey fields, but don't see an easy way to implement it and the two above should be sufficient plus deal with authorization/authentication rather then data model. -- Melvyn Sopacua -------- [1] https://djangopackages.org/packages/p/django-guardian/ [2] https://docs.djangoproject.com/en/1.11/topics/auth/default/#django.contrib.auth.mixins.UserPass esTestMixin -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscr...@googlegroups.com. To post to this group, send email to django-users@googlegroups.com. Visit this group at https://groups.google.com/group/django-users. To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/3472052.G0AmT4Asni%40devstation. For more options, visit https://groups.google.com/d/optout.
