I am building a Django web application which will contain articles that will only be shared with specific users that the author chooses. It is trivial to give the author the rights to edit the article, however I am trying to find the best way to limit the users that can view the article. I am considering creating a group per article and adding users to that group, however as there will be thousands of articles this will mean making thousands of groups. Also I would have to write code that would programmatically generate the group name and associate it with the specific article.
The alternative approach would be to associate the articles that a user has permission to view with the users profile.
Is there a best practice way to do this? I have researched extensively users and roles but I have been unable to find any articles that discuss this specific situation.
Thank you.
Aucun commentaire:
Enregistrer un commentaire