[Fixed]-Disallow linking objects based on a rule


The problem here is that the Django Rest Framework and Django itself (via admin) are interacting only at the level of the models. In order to achieve your goal I would implement the following design:

  • Make the models aware of their owners and users. For that I would use django-audit-log.
  • Overwrite the default model Manager and build your logic in the create method, where I will query the user’s attributes and throw appropriate exceptions.

Such a design shifts some of the business logic from the controller to the data model – there are some debates out there about the benefits and pitfalls of such an approach. But with the underlined constraints (Django admin and API) is the only common place where you could put it.

Is this what you are aiming for ?


Leave a comment