The issue that I have a group named Driver, and I want that users of that group to be able to visit only one special page with the url '/driver/' and no others. How do I implement such a thing?
Asked
Active
Viewed 95 times
0
Carl Norum
- 219,201
- 40
- 422
- 469
Andrew
- 423
- 1
- 6
- 16
1 Answers
1
You can use Django's permission system to create any permission you want and then use the permission_required decorator to enforce your new permission. Or you could use the user_passess_test decorator to check if they're in the group and reject them from disallowed urls.
You could also create a middleware that checks if the user is in the Driver group and returns a HttpResponseForbidden if they request a disallowed url, but middlewares can slow down every request to your app. You should be wary of doing too much there.
Tim Saylor
- 1,054
- 2
- 12
- 19