On Jan 26, 3:19 pm, Harro <[email protected]> wrote: > - If the default backend always returns false for anonymous users then > pluggable apps have to either expect some row level permission system > is installed and used or don't check permissions for things that an > anonymous user can access. Why do they have to expect a row level permission system to be installed? The ModelBackend would always return False for anonymous, so everything would stay as it is…
> I think the best solution is to add anonymous user permissions as > proposed by me a bit up, but only actually check them if a settings > flag is set to True (with a default on False). If it's not set it will > simply return False for anonymous users, otherwise it will check the > permissions. I am -1 on that, using `supports_anonymous_users` is way better and allows a cleaner upgrade path (as every backend will have to support anonymous users sooner or later) -- You received this message because you are subscribed to the Google Groups "Django developers" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/django-developers?hl=en.
