Relying on the front end is not a secure solution. On Mon, Jun 24, 2019 at 10:37 AM Brandon Rosenbloom < brandonrosenbl...@gmail.com> wrote:
> I’m kind of new to this as well but figured I would take a stab at this. > It seems to me that if you wanted to prevent users from deleting posts that > weren’t theirs, the appropriate course of action would be to simply remove > their ability to access the delete method in the first place. I would > recommend placing logic in the front end that only shows the delete option > to logged in users who are the original authors of the post. > > -- > You received this message because you are subscribed to the Google Groups > "Django users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to django-users+unsubscr...@googlegroups.com. > To post to this group, send email to django-users@googlegroups.com. > Visit this group at https://groups.google.com/group/django-users. > To view this discussion on the web visit > https://groups.google.com/d/msgid/django-users/25b558ad-9811-4705-84b4-93dce71d30fb%40googlegroups.com > . > For more options, visit https://groups.google.com/d/optout. > -- Jarret Minkler -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscr...@googlegroups.com. To post to this group, send email to django-users@googlegroups.com. Visit this group at https://groups.google.com/group/django-users. To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/CAB5FS97EAYNyBX%2BkJnV06LS65LG7iFwyeyc7fTPZbE03zi7aFg%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
