I have built a Django REST app for a client that allows users to join communities. The Community model has 20+ models that link back to it in some way (things like events, event dates, meetings, messages etc). I need a way to restrict users to only being able to perform CRUD operations on elements belonging to communities they are a part of. For example if user “John Smith” is a member of the “Animal Rescue Volunteers” community, he should only be able to read messages for that community and should not be able to create/edit messages in other communities.