Django model-objects permission per logged user/owner?
I've got django model , that has creator field = logged user.
class MyModel(models.Model):
creator = models.ForeignKey(User, on_delete=models.SET_NULL )
It works fine. Then, in all my views (lists, create update, delete etc)... I would like to allow only the owner (creator) to be able to view and modify his objects. Do I need to check it manually in the beginning of every view, ie.. check the creator of the object to be deleted (for example) if equals logged user, or is there any more elegant way?