Hi Mehmet
On Tuesday, 23 January 2018 15:05:06 UTC+1, Mehmet Dogan wrote:
>
> Do you think what Florian or I sent is a good example to include in the
> docs for the way #1?
>
Yes.
I was just looking for where. Candidates:
*
Thanks for the response. Do you think what Florian or I sent is a good example
to include in the docs for the way #1?
From: Carlton Gibson
Sent: Monday, January 22, 2018 2:13 AM
To: Django developers (Contributions to Django itself)
Subject: Re: Default Authorization BackEnd Denying Permissions
ango-developers@googlegroups.com
Subject: Re: Default Authorization BackEnd Denying Permissions if ObjectProvided
Hey Mehmet,
If a backend relies on PermissionAuthorizationBackend, and another require the
ModelOnlyPermissionAuthorizationBackend
So I think this is the point that confuses me. Why you wou
Yea :) I just figured that after a few emails. I am learning a lot!
On Wed, Jan 17, 2018 at 3:39 PM Florian Apolloner
wrote:
>
>
> On Wednesday, January 17, 2018 at 9:04:30 PM UTC+1, Mehmet Dogan wrote:
>>
>> Although I found it very interesting at first, this looks
On Wednesday, January 17, 2018 at 9:04:30 PM UTC+1, Mehmet Dogan wrote:
>
> Although I found it very interesting at first, this looks dangerous since
> it changes how the API work for all apps installed. Example, guardian makes
> calls to user.has_perm(perm) in several places to check model
Hi.
@Andrew: I'll look at your post anon, as it's longer.
On Wednesday, 17 January 2018 20:46:27 UTC+1, Mehmet Dogan wrote:
>
> Can you give an example of what you mean by option 3.
>
Well, I don't a concrete suggestion in mind, but the general idea would be
to have ModelBackend proxy to
Apolloner
Sent: Wednesday, January 17, 2018 12:45 PM
To: Django developers (Contributions to Django itself)
Subject: Re: Default Authorization BackEnd Denying Permissions if ObjectProvided
On Wednesday, January 17, 2018 at 5:48:03 PM UTC+1, Mehmet Dogan wrote:
Florian,
Can you clarify this part, I am
: Default Authorization BackEnd Denying Permissions if ObjectProvided
Hi Mehmet,
Due to the BC issues, this is fairly in-depth.
Having looked at the history, here are my initial thoughts.
The initial issue here is this behaviour from `ModelBackend`:
```
user.has_perm('foo.change_bar', obj