限制用户仅阅读自己的文章

时间:2018-09-19 03:22:15

标签: django python-3.x

我具有以下article_detail视图,该视图限制只有登录的用户才能阅读详细信息。

@login_required(login_url="/user/login/")
def article_detail(request, pk):
    article = get_object_or_404(Article, pk=pk)
    total_views = r.incr("article:{}:views".format(article.id))
    page_number = request.GET.get('page_number', 1)
    #mimic SO's 100 per-page
    per_page = request.GET.get("per_page", 30)
    ....

如何设置每个用户只能阅读自己发布的内容?

文章模型

class Article(models.Model):
    STATUS = (
        (1,  'normal'),
        (0, 'deleted'),
    )
    tags = models.ManyToManyField(Tag, blank=True)
    owner = models.ForeignKey(User, on_delete=models.CASCADE)
    block = models.ForeignKey(Block, on_delete=models.CASCADE)
    title = models.CharField(max_length=100)
    content = models.TextField() # set the widget
    status = models.IntegerField(choices=STATUS, default=1)
    date_created = models.DateTimeField(auto_now_add=True)
    date_updated = models.DateTimeField(auto_now=True)

    class Meta:
        ordering = ("-date_created",)

    def __str__(self):
        return self.title

1 个答案:

答案 0 :(得分:2)

只需在查询中再添加一个条件(所有者)即可

% copy objects to other figures
copyobj(tmptrans,Stimsubfigures{2})
copyobj(tmptrans,Stimsubfigures{3})

property_names = {'XData', 'YData', 'ZData'};

for aa = 1:10
    linked_objects = [tmptrans(aa).Children(1),...
                      Stimsubfigures{2}.Children(aa).Children(1),...
                      Stimsubfigures{3}.Children(aa).Children(1)];

    hlink{aa} = linkprop(linked_objects,trans_names);
end

如果请求用户不是文章所有者,则返回article = get_object_or_404(Article, pk=pk, owner=request.user)

您还可以通过以下代码返回404拒绝权限错误,这对客户端更有意义:

403