Why wouldn't a AnonymousUser have permissions? Imagine a site where can create photo albums.
User A creates two photo albums, one to share with a specific set of users and one that's public. So Album A has no guest permissions, Album B has viewing permissions. Now let's say you can also comment on and rate a photo. Which are two separate things. For some photo's you might want to disable rating and/ or commenting. Now you could go an add can_comment, can_rate booleans on the photo, but thats not needed with row level permissions. I really don't care how or where to store the permissions for AnonymousUsers, that's up to the person implementing a backend for it, I do care however about that fact that the current implementation is limiting the system. On Jan 15, 5:27 pm, Anton Bessonov <exe...@googlemail.com> wrote: > No. You need row based permissions if You will limit User(!) rights. For > example user can edit entries with FK 2. > Seehttp://code.djangoproject.com/wiki/RowLevelPermissions > > But AnonymousUser (Guest) don't have any permissions. It's a special and > that the guest can - it's not a permission - it's a setting. > > Gert Van Gool schrieb: > > > > > Isn't the idea of row based permission that you don't need a special > > model for that? > > > -- Gert > > > Mobile: +32 498725202 > > Web:http://gert.selentic.net
-- You received this message because you are subscribed to the Google Groups "Django developers" group. To post to this group, send email to django-develop...@googlegroups.com. To unsubscribe from this group, send email to django-developers+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-developers?hl=en.
