Add owner to prompt models and make migrations

Author: nayaba

prompt/migrations/0002_prompt_owner.py

@@ -0,0 +1,22 @@
+# Generated by Django 3.0 on 2021-07-28 16:14
+
+from django.conf import settings
+from django.db import migrations, models
+import django.db.models.deletion
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        migrations.swappable_dependency(settings.AUTH_USER_MODEL),
+        ('prompt', '0001_initial'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='prompt',
+            name='owner',
+            field=models.ForeignKey(default=1, on_delete=django.db.models.deletion.CASCADE, to=settings.AUTH_USER_MODEL),
+            preserve_default=False,
+        ),
+    ]

prompt/models.py

@@ -1,10 +1,15 @@
 from django.db import models
+from django.contrib.auth import get_user_model
 
 class Prompt(models.Model):
   """Prompt model"""
   content = models.CharField(max_length=100)
   created_at = models.DateTimeField(auto_now_add=True)
   updated_at = models.DateTimeField(auto_now=True)
+  owner = models.ForeignKey(
+      get_user_model(),
+      on_delete=models.CASCADE
+  )
 
   def __str__(self):
       """Return a string representation of a prompt"""

prompt/views.py

@@ -6,6 +6,9 @@
 from .serializers import PromptSerializer
 # from .serializers import PromptReadSerializer
 
+from rest_framework.permissions import IsAuthenticated
+from rest_framework.exceptions import PermissionDenied
+
 
 # from django.http import JsonResponse
 
@@ -31,11 +34,14 @@ def post(self, request):
 
 
 class PromptDetail(APIView):
-    permission_classes=()
+    permission_classes=(IsAuthenticated,)
     def get(self, request, pk):
         """Show one Prompt"""
         prompt = get_object_or_404(Prompt, pk=pk)
 
+        if not request.user.id == prompt.owner.id:
+            raise PermissionDenied('Unauthorized, you do not own this prompt')
+
         data = PromptSerializer(prompt).data
         return Response({ 'prompt': data })