Hi Harro, Just create a special "AnonymousUser" as User with id=0, and set it up with backend/middleware. You'll have your permissions.
On Sun, Jan 17, 2010 at 2:45 PM, Harro <hvdkl...@gmail.com> wrote: > Why wouldn't a AnonymousUser have permissions? > > Imagine a site where can create photo albums. > > User A creates two photo albums, one to share with a specific set of > users and one that's public. > So Album A has no guest permissions, Album B has viewing permissions. > Now let's say you can also comment on and rate a photo. Which are two > separate things. For some photo's you might want to disable rating and/ > or commenting. > Now you could go an add can_comment, can_rate booleans on the photo, > but thats not needed with row level permissions. > > I really don't care how or where to store the permissions for > AnonymousUsers, that's up to the person implementing a backend for it, > I do care however about that fact that the current implementation is > limiting the system. > > > > On Jan 15, 5:27 pm, Anton Bessonov <exe...@googlemail.com> wrote: >> No. You need row based permissions if You will limit User(!) rights. For >> example user can edit entries with FK 2. >> Seehttp://code.djangoproject.com/wiki/RowLevelPermissions >> >> But AnonymousUser (Guest) don't have any permissions. It's a special and >> that the guest can - it's not a permission - it's a setting. >> >> Gert Van Gool schrieb: >> >> >> >> > Isn't the idea of row based permission that you don't need a special >> > model for that? -- Best regards, Yuri V. Baburov, ICQ# 99934676, Skype: yuri.baburov, MSN: bu...@live.com
-- You received this message because you are subscribed to the Google Groups "Django developers" group. To post to this group, send email to django-develop...@googlegroups.com. To unsubscribe from this group, send email to django-developers+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-developers?hl=en.
