I have a database table Articles and many users can login to my site.
Now I would like to explicitely define which users can read which article.
This means for each row in Articles table there must be list of users who can read it.
How to achieve this ?
Whenever I’m looking for a package to help me do something, the djangopackages.org web site is one of the first places I look.
In this specific case, there’s a whole grid of options to choose from. See Django Packages : Authorization
I know that the first one in the list, Django-guardian, is highly thought-of, although I’ve never personally used it.
1 Like
If you are keeping it very simple, only care about the specific view and will always remember to do the filtering, you can add viewable_by = ManyToManyField to Article and do something like:
Article.objects.filter(viewable_by__in=[request.user,])
2 Likes