我编写了编辑和删除视图,它们可以工作。但我很快意识到任何人都可以编辑和删除任何帖子。我希望只有用户谁创建的职位能够删除和编辑的职位。你知道吗
class PostUpdateView(UpdateView):
model = Post
form_class = PostForm
template_name = 'main/edit.html'
def form_valid(self, form):
self.object = form.save(commit=False)
self.object.save()
return HttpResponseRedirect(self.object.get_absolute_url())
@method_decorator(login_required)
def dispatch(self, request, *args, **kwargs):
return super(PostUpdateView, self).dispatch(request, *args, **kwargs)
class PostDeleteView(DeleteView):
model = Post
def get_success_url(self):
return "/"
@method_decorator(login_required)
def dispatch(self, request, *args, **kwargs):
return super(PostDeleteView, self).dispatch(request, *args, **kwargs)
您可以重写视图的
get_queryset
方法,并过滤queryset,以便只包含属于该用户的对象。例如,对于更新视图,您可以执行以下操作:相关问题 更多 >
编程相关推荐