Re: [Django] #17430: Clearly document the permissions model for the Django admin interface

Sat, 17 Dec 2011 18:25:59 -0800 

#17430: Clearly document the permissions model for the Django admin interface
-------------------------------+--------------------------------------
     Reporter:  ncoghlan@…     |                    Owner:  nobody
         Type:  Uncategorized  |                   Status:  new
    Component:  Uncategorized  |                  Version:  1.3
     Severity:  Normal         |               Resolution:
     Keywords:                 |             Triage Stage:  Unreviewed
    Has patch:  0              |      Needs documentation:  0
  Needs tests:  0              |  Patch needs improvement:  0
Easy pickings:  0              |                    UI/UX:  0
-------------------------------+--------------------------------------

Comment (by ncoghlan@…):

 The problem is that they're scattered, so it's hard to be sure you've
 covered everything. What happened to me was that I had a bug in my auth
 backend, such that "is_staff" and "is_superuser" weren't being set
 correctly (they were always False). Initially I assumed I had missed
 something, so I was scouring the docs trying to work out what I had
 missed. It was only after convincing myself that I had actually found all
 the relevant pieces that I took a closer look at my own code and uncovered
 the bug.

 A simple list of bullet points in the Custom Auth Backend section would
 have steered me in the right direction straight away (because I would have
 known I had covered everything, and hence I simply had a bug in the code I
 had already written rather than missing a step). With appropriate links to
 the specific sections, something like the following would make it crystal
 clear what you need to do to link the two together:

 "To use the Django admin system with a custom authentication backend, the
 custom backend must do at least the following:
 - create Django User objects for any users that need to access the Django
 admin system
 - ensure "is_active" is set for each of those users
 - ensure that either "is_superuser" (for full access) or "is_staff" and
 the appropriate permissions (for limited access) are set for each of those
 users"

 (That would probably replace the current sentence on the topic, since the
 two cover the same ground)

-- 
Ticket URL: <https://code.djangoproject.com/ticket/17430#comment:2>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.

-- 
You received this message because you are subscribed to the Google Groups 
"Django updates" group.
To post to this group, send email to django-updates@googlegroups.com.
To unsubscribe from this group, send email to 
django-updates+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-updates?hl=en.

Reply via email to