We will associate a game with a creator or owner. Only the authenticated users will be able to create new games. Only the creator of a game will be able to update it or delete it. All the requests that aren't authenticated will only have read-only access to games.

Open the games/models.py file and replace the code that declares the Game class with the following code. The line that changes is highlighted in the code listing. The code file for the sample is included in the restful_python_chapter_03_04 folder.

class Game(models.Model): 
    owner = models.ForeignKey( 
        'auth.User',  
        related_name='games', 
        on_delete=models.CASCADE) created = models.DateTimeField(auto_now_add=True) name = models.CharField(max_length=200, ...