#11154: Inconsistency with permissions for proxy models
------------------------------+------------------------------------
Reporter: etianen | Owner: nobody
Type: Bug | Status: new
Component: contrib.auth | Version: SVN
Severity: Normal | Resolution:
Keywords: | Triage Stage: Accepted
Has patch: 0 | Needs documentation: 1
Needs tests: 1 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
------------------------------+------------------------------------
Comment (by charettes):
Replying to [comment:36 danny.adair@…]:
> follow_proxy, traverse_proxy? (or even _proxies)
>
> The default behaviour would still be "broken" - !ModelBase and
!ContentManager would still be giving different stories regarding
app_label
Defaulting {{{ follow_proxy }}} (like that one :) to `False` would unify
both API but would break backward compatibility.
I ran the test with {{{ follow_proxy=False }}} as default and only
[http://dpaste.com/hold/697615/ two tests breaks]. However apps relying on
`contrib.ContentType` in the wild could break badly.
i.e. ([https://github.com/alex/django-taggit django-taggit]) If you
defined a `TaggableManager()` (uses `GenericForeignKey` internally) on a
proxy model then all tags will be associated with the concrete model
`ContentType` in the db. If we release `follow_proxy=False` as default
then the generic relation between the proxy model and the tags will be
broken since they were never associated with the proxy's ct.
We can either break the API to unite them or offer the user to ''opt-in''
in order to maintain backward compatibility. But this whole issue is
bigger then the ticket itself. We should maybe open another issue to fix
the `ContentType` proxy issue that blocks this one and then, once it's
fixed, use the new hooks to fix this one with:
{{{
diff --git a/django/contrib/auth/management/__init__.py
b/django/contrib/auth/management/__init__.py
index 78a51cf..a1d2d9e 100644
--- a/django/contrib/auth/management/__init__.py
+++ b/django/contrib/auth/management/__init__.py
@@ -31,7 +31,8 @@ def create_permissions(app, created_models, verbosity,
**kwargs):
searched_perms = list()
# The codenames and ctypes that should exist.
ctypes = set()
- ctypes_for_models = ContentType.objects.get_for_models(*app_models)
+ ctypes_for_models = ContentType.objects.get_for_models(*app_models,
+
follow_proxy=False)
for klass, ctype in ctypes_for_models.iteritems():
ctypes.add(ctype)
for perm in _get_all_permissions(klass._meta):
}}}
--
Ticket URL: <https://code.djangoproject.com/ticket/11154#comment:37>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
--
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/django-updates?hl=en.
