Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
K
K
Kirill Pisarev2015-08-21 16:15:59
Django
Kirill Pisarev, 2015-08-21 16:15:59

How to limit the ability to go to a specific url?

Good afternoon.
The bottom line is that there is a CBV for updating an existing record in the database:

class ResumeUpdate(UpdateView):
    model = UserResume
    form_class = ResumeForm
    template_name = 'InteractiveProfile/update_resume.html'

url:
url(r'(?P<pk>[0-9])_resume/update/$',
                           ResumeUpdate.as_view(success_url=('/profiles/')),
                           name='user_resume_update'),

pk in this case is the user id.
Actually, the problem is that any user can enter any value in the url and go to edit another user's page. How can I prevent him from doing this?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
U
un1t, 2015-08-21
@un1t

Something like this

from django.core.exceptions import PermissionDenied

if resume.user_id != self.request.user.id:
    raise PermissionDenied

Similar questions
U
Uncle Seryozha2017-09-05 03:28:07
How to find out all the owner's domains for free? 6Reply
S
S__S2019-10-01 14:30:52
How to manage money in Django? 1Reply
M
Maxim Yakovenko2019-10-01 20:50:38
Is it possible to use one django library inside another? 1Reply
A
anton1121222017-05-03 00:11:08
Practice on django? 1Reply
Y
Yatupoi1232021-04-11 14:16:59
How to export content from cms and import it in django? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question