#15716: in authoriation backends, has_perm() should return None if it doesn't
know
about a pemission
-----------------------------------------+----------------------
Reporter: Kronuz | Owner: nobody
Status: reopened | Milestone:
Component: Uncategorized | Version: 1.2
Resolution: | Keywords:
Triage Stage: Unreviewed | Has patch: 0
Needs documentation: 0 | Needs tests: 0
Patch needs improvement: 0 |
-----------------------------------------+----------------------
Changes (by Kronuz):
* status: closed => reopened
* resolution: duplicate =>
Comment:
I reopened the ticket since #15716 is not entirely a duplicate of #2550,
since ticket #15716 is about authorization, and #2550 is about
authentication... they are both related nonetheless.
I would suggest, in my opinion, for the case of authorization in this
ticket, to use an irrevocable False for permission denied, True for
permission granted and either None or an Exception (or both) for
"Permission Unknown" or "Don't care".
In case of has_perm() returning None or raising a PermissionUnkown
Exception, django would keep on looking for the permission in other
backends, otherwise return the permission from the backend.
--
Ticket URL: <http://code.djangoproject.com/ticket/15716#comment:2>
Django <http://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
--
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/django-updates?hl=en.
