The vetting deployment will live on the public internet, but we only want to allow certain users to vet the recording files. We need to add some sort of mechanism to support this.
One suggestions was an intermediate model with a foreign key to User and a boolean column approved. Authorization flow should check the approved column for each user.