On Monday 18 January 2010 21:55:58 Jannis Leidel wrote: > > Anyone got a good reason reason why this *shouldn't* go in? I'm > > +1 on committing. > > Hm, I don't see a good argument to allow anonymous users to have a > permissions, to be honest. Anonymous users are by definition not > authenticated. Giving them more meaning by being able to grant > them permissions doesn't make them anonymous anymore, right?
As you say - anonymous users are by definition not *authenticated*, but that does not be that they are not *authorised*. Permissions is about authorisation, not authentication, and Harro had some good examples where you want to control authorisation for non-authenticated users in a fine-grained way. In fact, most websites assume a certain level of authorisation for non-authenticated users (ability to browse certain parts of the site etc.), so this distinction is already real, not just academic, and the patch would just make it easier to control. Luke -- "Pessimism: Every dark cloud has a silver lining, but lightning kills hundreds of people each year trying to find it." (despair.com) Luke Plant || http://lukeplant.me.uk/ -- You received this message because you are subscribed to the Google Groups "Django developers" group. To post to this group, send email to django-develop...@googlegroups.com. To unsubscribe from this group, send email to django-developers+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-developers?hl=en.
