#15716: The has_perm() method of authorization backends should be able to
explicitly deny permission
------------------------------+------------------------------------------
Reporter: Kronuz | Owner: jorgecarleitao
Type: New feature | Status: closed
Component: contrib.auth | Version:
Severity: Normal | Resolution: fixed
Keywords: | Triage Stage: Accepted
Has patch: 1 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
------------------------------+------------------------------------------
Changes (by Tim Graham <timograham@…>):
* status: assigned => closed
* resolution: => fixed
Comment:
In [changeset:"2e364a0aacb49a5160896b1ca5a2619baa3f4d9b"]:
{{{
#!CommitTicketReference repository=""
revision="2e364a0aacb49a5160896b1ca5a2619baa3f4d9b"
Fixed #15716 - Authentication backends can short-circuit authorization.
Authorization backends can now raise PermissionDenied in "has_perm"
and "has_module_perms" to short-circuit authorization process.
}}}
--
Ticket URL: <https://code.djangoproject.com/ticket/15716#comment:13>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
--
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/django-updates/064.722b9a2be104a54ba847ceda945fbad7%40djangoproject.com.
For more options, visit https://groups.google.com/d/optout.
