#15139: Admin delete_view don't use per object permissions backends -------------------------------------------+-------------------------------- Reporter: msaelices | Owner: msaelices Status: new | Milestone: Component: django.contrib.admin | Version: 1.2 Resolution: | Keywords: Stage: Accepted | Has_patch: 1 Needs_docs: 0 | Needs_tests: 1 Needs_better_patch: 1 | -------------------------------------------+-------------------------------- Changes (by russellm):
* needs_better_patch: 0 => 1 * has_patch: 0 => 1 * needs_tests: 0 => 1 * stage: Unreviewed => Accepted Comment: The admin needs to undergo a broad permission audit; I'm not convinced that per-object permissions are being honored everywhere that they should be. This is one example of the problem. -- Ticket URL: <http://code.djangoproject.com/ticket/15139#comment:2> Django <http://code.djangoproject.com/> The Web framework for perfectionists with deadlines. -- You received this message because you are subscribed to the Google Groups "Django updates" group. To post to this group, send email to django-updates@googlegroups.com. To unsubscribe from this group, send email to django-updates+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-updates?hl=en.