#8060: Admin Inlines do not respect user permissions -------------------------------------+------------------------------------- Reporter: | Owner: dgouldin p.patruno@… | Milestone: Status: new | Version: SVN Component: | Keywords: inlines User django.contrib.admin | authentication Resolution: | Has patch: 0 Triage Stage: Design | Needs tests: 0 decision needed | Needs documentation: 0 | Patch needs improvement: 0 | -------------------------------------+-------------------------------------
Comment (by anonymous): I've just been bitten by this too, and have had to write a series of separate views to reimplement this part of the admin. In a way I'mg glad though because I realise my assumptions about how model-based permissions work were wrong. I had thought that adding permissions actually altered the model save() and delete() methods in some way – introducing the authentication check there. Is there a reason why that isn't a more appropriate place to do this kind of permission checking? Otherwise it feels like one is always dependent on the admin not to have bugs which mean the permissions aren't respected properly. -- Ticket URL: <http://code.djangoproject.com/ticket/8060#comment:10> Django <http://code.djangoproject.com/> The Web framework for perfectionists with deadlines. -- You received this message because you are subscribed to the Google Groups "Django updates" group. To post to this group, send email to django-updates@googlegroups.com. To unsubscribe from this group, send email to django-updates+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-updates?hl=en.