Thank you Anssi. It’s very useful to have your perspective as you’ve done a
lot of oversight work on this specific feature before and have lots of
experience working with the ORM internals.
So it seems like the consensus at this point is to use Michal’s original
work as a basis. I like the way
Hi Thomas,
"If the user should have all permissions, then why not give him all these
permissions at database level?" - I have some use cases where there are
only 3-5 people that need to log into the admin. I don't really need to set
different levels of access for different people. I also don't
Am Freitag, 24. März 2017 13:41:10 UTC+1 schrieb Tim Graham:
>
> I don't think the current fields are so bad or nonsensical that it
> warrants a change. Also, consider that every Django user would have to
> learn how to use a new permissions setup.
>
> If you don't like the default permissions
Am Freitag, 24. März 2017 12:42:03 UTC+1 schrieb Andrew Ingram:
>
> I've always felt that `is_staff` should be changed to a permission such as
> `can_access_admin` provided by the Admin app itself.
>
> However, `is_superuser` is slightly different, in that it's not a
> permission, but
I don't think the current fields are so bad or nonsensical that it warrants
a change. Also, consider that every Django user would have to learn how to
use a new permissions setup.
If you don't like the default permissions structure, use a custom user
model.
On Friday, March 24, 2017 at
I've always felt that `is_staff` should be changed to a permission such as
`can_access_admin` provided by the Admin app itself. However,
`is_superuser` is slightly different, in that it's not a permission, but
rather a flag that says "this user has EVERY permission". It's also
potentially
I know this is a crazy idea, and it will get the "won't fix" tag very soon.
Nevertheless I want to speak it out.
My use case: Get a queryset of users who have a given permission.
I would like to get this with a simple SQL statement.
At the moment this query is complex and results in