On Thu, Sep 11, 2008 at 5:22 PM, ek_wals <[EMAIL PROTECTED]> wrote: > > > And I can see exactly how to do it -- > copy contrib/admin/views/decorators.py:staff_member _required and > change > 'request.user.is_staff' to 'request.user.is_superuser' > > Sure seems repetitive (non-DRY) (wet?) > Its seems so easy that I can't help but think that I'm overlooking > something. Why would Django provide both 'is_staff' and 'is_superuser' > but only provide a decorator for one of them?? Assuming that its just > an oversight seems dangerous. > > Any thoughts would be welcome
Well, normally it is interesting if a user has certain permissions (is he allowed to log into the admin interface, does he have add permission on a certain model). It is seldom interesting to know if she has ALL permissions. Matthias --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~----------~----~----~----~------~----~------~--~---
