On 09/25/2017 08:56 PM, Dan Watson wrote:
Seems like maybe it would be more helpful if has_perm logged a note about the permission not existing (probably only in debug), rather than just returning False. In fact, I'd argue it should still return True -- if the permission did exist, the superuser would have it. And there's a backwards-compatibility argument. Think of superusers more as "permissions don't apply to me" than "I have all permissions".

I agree with the logging... however, I think has_perm should always return False for non-existent permissions. This will mean any half-decent level of testing will uncover a typo in a permission name, since you will never trigger the True state.

This would also be an argument for is_superuser to equate to "has all the perms" instead of "has_perm always says true".



You received this message because you are subscribed to the Google Groups "Django 
developers  (Contributions to Django itself)" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-developers+unsubscr...@googlegroups.com.
To post to this group, send email to django-developers@googlegroups.com.
Visit this group at https://groups.google.com/group/django-developers.
To view this discussion on the web visit 
For more options, visit https://groups.google.com/d/optout.

Reply via email to