On May 24, 9:54 pm, Brian Neal <[email protected]> wrote:
> On May 24, 6:50 pm, Continuation <[email protected]> wrote:
>
> > For example, I have a view edit_profile that edits a user's profile.
> > Obviously I want to make sure that each user can edit his own profile
> > only.
>
> > So before the profile of user A is being edited by edit_profile, I
> > want to make sure the current user is logged in as user A.
>
> > Is there a decorator that can do that?
>
> > Is there a decorator similar to @login_required that requires not only
> > the user to be logged in, but also that he needs to be logged in as a
> > specific user (user A in the above example)?
>
> Well, typically you don't worry about that. If a user is requesting to
> edit a profile, you simple pull up that user's profile.
But how do I stop user A from trying to edit the profile of user B?
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/django-users?hl=en
-~----------~----~----~----~------~----~------~--~---
