> The reason for this is to ensure a consistent API: an unauthenticated
> user is represented by an object with all the same methods and
> attributes as an authenticated user, but set up to fail all
> authentication and permission checks, as if the unauthenticated user
> is simply a user who has no permissions or auth info whatsoever.
Ok. Than, it is completely regular and secure for me just to put following:
@permission_required('add_author')
def veryImportantViewOnlySuperUser(request)
very important code
This is fine?
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/django-users?hl=en
-~----------~----~----~----~------~----~------~--~---
