[BUG] Post and User very easily editable #2
Description
- No permission set for any level of user.
- Anyone can edit profile of any User as well as delete any Posts.
- /{username}/edit -> this url in user/urls.py can be user to edit profile of any user.
- /{post-id}/delete -> this url in post/urls.py can be used to delete any post.
This issue is no criticism, just pointing out some flaws. Great work by the way.
Do remember to follow on @subodhk01