Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Prevent users who are not granted updated privileges through roles for a table from updating that table #77

Closed
2 tasks
fyliu opened this issue May 30, 2024 · 0 comments
Closed
2 tasks

Prevent users who are not granted updated privileges through roles for a table from updating that table #77

fyliu opened this issue May 30, 2024 · 0 comments

Comments

@fyliu
Copy link
Owner

fyliu commented May 30, 2024

Overview

As a user I want only authorized users to update information so that the information is accurate.

Solution

  • Sample code for preventing unauthorized updates
    if not request.user.has_perm('core.change_practice_area'):
        # If the user doesn't have permission, return forbidden response
       return HttpResponseForbidden("You don't have permission to update practice area.")

Similar code can be written for creating and deleting.

Action Items

  • Implement code
  • Write tests
@fyliu fyliu mentioned this issue May 30, 2024
Closed
17 tasks
@fyliu fyliu moved this to Prioritized Backlog in PD(fyliu): Project Board May 30, 2024
This was referenced May 30, 2024
Closed
Closed
@fyliu fyliu closed this as completed May 31, 2024
@github-project-automation github-project-automation bot moved this from Prioritized Backlog to Done in PD(fyliu): Project Board May 31, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
PD(fyliu): Project Board
Status: Done
Milestone
No milestone
Development

No branches or pull requests
1 participant
@fyliu