Hello Michael! Thanks for replying.
The point is that I want to give the user access to some objects, not all. For example, a user can edit his own blog posts, but he can't edit all the blog posts. It's almost like row-level permissions. For this to be consistent, I can't give him "blog.change_post" permission, he would be able to edit posts of other bloggers and this would be a security flaw. If the admin application allows me to customize permissions, the admin index page should use the customized permissions, regardless of the auth system permissions. Please forgive if I'm not making myself clear. Best regards, Enrico --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/django-developers?hl=en -~----------~----~----~----~------~----~------~--~---
