I found an answer to this yesterday (and had some trouble finding the link again today). The link I saw resolved the problem of how to limit access to a Google App Engine's model instance by overloading db.UserProperty, like-so:
class CurrentUserProperty(db.UserProperty):
def checkCurrentUser(self, value):
if value != users.get_current_user():
raise db.BadValueError(
'Property %s must be the current user' % self.name)
return value
def __init__(self, verbose_name=None, name=None):
super(CurrentUserProperty, self).__init__(
verbose_name, name, required=True,
validator=self.checkCurrentUser)
# then, in the model to have limited access:
def MyModel(db.Model):
owner = CurrentUserProperty()
As I had quite a bit of difficulty finding this link, I'm going to leave this question open (even though the question answers itself). However, the general problem is how to create a permissions system on Google App Engine so that only certain users (e.g. the "owner") may access a particular instance of a Model. If you have suggestions for that generally, I'd quite enjoy your thoughts.
Thank you for reading.
Brian p.s. Why does one always get "The question you're asking appears subjective and is likely to be closed." whenever one asks a question nowadays? Shouldn't that warning point to some objective criteria that indicates why the warning is there?