On Wednesday 05 July 2017 10:02:59 Denis Cosmin wrote:
> I need to create an journal like application, where users can submit
> papers and those papers can be reviewed. My code is publicly
> available on github and the app is about ~50 done.
>
> The reviewers should also be users of the same app and they should be
> able to comment and perhaps give a rating. (I will create a model for
> this later)
>
> How can I achieve that?
>
> How do I restrict the Paper model only to the Author (the user who
> submitted it), the Admins and the Reviewers?
Two possibilities:
- Per object permissions: example Django Guardian (model level)
- View permissions: UserPassesTest (view level)
Maybe a third using limit_choices_to on ForeignKey fields, but don't see an easy way to implement it and the two above should be sufficient plus deal with authorization/authentication rather then data model.
--
Melvyn Sopacua
No comments:
Post a Comment