#32255: User.has_perm should forward **kwargs to allow more flexibility in
authentication backends
-------------------------------------+-------------------------------------
Reporter: Matteo Parrucci | Owner: Matteo
| Parrucci
Type: New feature | Status: assigned
Component: contrib.auth | Version: 3.1
Severity: Normal | Resolution:
Keywords: auth, | Triage Stage: Accepted
django.contrib.auth, |
authentication, request, |
has_perm, has_perms, sites, |
django.contrib.sites |
Has patch: 1 | Needs documentation: 0
Needs tests: 1 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
-------------------------------------+-------------------------------------
Comment (by Florian Apolloner):
> Adding `**kwargs` to has_perm and has_perms signatures would allow
greater flexibility for the custom authentication backends leaving intact
what we have now.
But how would a 3rd party application that uses `has_perm` know which
`**kwargs` to pass in? This is all nice and well if you control the code,
but as soon as 3rd party apps (like the admin, even though there you can
probably manually override the check) come into play you no longer get
anything passed. What would you fall back to then?
What we really need would be to pass in some context (or make available)
that can be populate from elsewhere (maybe already from a middleware). But
to pass that down to the auth backends we would most likely need to use
thread locals :/
--
Ticket URL: <https://code.djangoproject.com/ticket/32255#comment:9>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
--
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/django-updates/064.671955028e6dcf71091b7dc1184141c2%40djangoproject.com.
