I have a patch for #14249 [1], but I ran into a problem with inactive superusers.
Right now the active check is done before the superuser check. If we move the inactive check to the authentication backend, the superuser check get's executed before the is_active check, resulting in in_active superusers having all permissions while before they had none. I could fix this one of two ways: 1. Add an extra check in the user class where I check for is_active and is_superuser before returning True. 2. Move the superuser check to the backend too The first is a quick fix that will make everything work as it should. The second is a much more consistent option, as you can then also make it so get_all_permissions and get_module_permissions return the right permissions for the superuser. On the other hand, this changes the way the system works for a superuser. What are your thoughts? [1] http://code.djangoproject.com/ticket/14249 -- You received this message because you are subscribed to the Google Groups "Django developers" group. To post to this group, send email to django-develop...@googlegroups.com. To unsubscribe from this group, send email to django-developers+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-developers?hl=en.