Home > Net >  Restrict access per customer in django
Restrict access per customer in django

Time:11-15

I an trying to restrict access to records based on each customer so users cant access each others data through URL. I have added this but its restricting everything. Please help.

if request.user.customer != Infringement.customer: return HttpResponse('Your are not allowed here!!')"

views.py

   @login_required(login_url='login') 
   def infringement(request, pk):   
      if request.user.customer != Infringement.customer:
       return HttpResponse('Your are not allowed here!!')
   infringement = Infringement.objects.get(id=pk)    
   notes = infringement.note_set.all().order_by('-created')
     if request.method == "POST":
      note = Note.objects.create(
      customer=request.user.customer,
      user = request.user,
      infringement = infringement,
      body=request.POST.get('body')
  )    
  return redirect('infringement', pk=infringement.id)

context= {'infringement': infringement, 'notes': notes}    return
render(request, 'base/infringements.html', context)

CodePudding user response:

Try:

@login_required(login_url='login') 
def infringement(request, pk):   
      infringement = Infringement.objects.get(id=pk)
      if request.user.customer.id != infringement.customer.id:
          return HttpResponse('Your are not allowed here!!')

Page link:https//www.codepudding.com/net/610212.html

Prev:How to Concrete a 2D Python List to 1D
Next:how to query the user customer in user model to do a query and add record in django
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding