Re: Adding view permission by default to auth_permission

2016-11-10 Thread Luis Zárate 
Great I have been waiting this functionality for years :).

Please let me know when your PR is merge.



El sábado, 29 de octubre de 2016, Olivier Dalang 
escribió:
> Indeed I just have to squash the commits then it can be merged. I'm out
of office until next week but will do so when back.
>
> Bests
>
> On 27 Oct 2016 23:23, "Luis Zárate"  wrote:
>>
>> This is alive in
>>
>> https://github.com/django/django/pull/6734
>>
>> The other PR was close because this have not merge conflict.
>>
>> I think this functionality is needed an will be included soon.
>>
>>
>>
>>
>> El jueves, 27 de octubre de 2016, mmatt  escribió:
>> > On another note, I believe django dev team needs to understand life is
rarely boolean. That is, even the staff that you trust, you don't always
trust 100% :) actually almost never trust 100% so good to have options.
>> > Mehmet
>> >
>> > On Wednesday, June 1, 2016 at 4:59:47 AM UTC-5, Derek wrote:
>> >>
>> >> My own observation, from years on this mailing list, is that the dev
team do not consider this a must-have for Django; their view (as far as I
understand it!) is that the admin is designed for trusted users, so simply
do not let them have access at all.  Having said that, there is a pull
request underway for a feature that seems similar to what you want:
>> >>
>> >> https://github.com/django/django/pull/5297
>> >>
>> >> (P.S. Also bear in mind that Django, like most FOSS projects, is not
actually a democracy - so something 'the people want" does not necessarily
get done; not understanding this trips many people up...)
>> >>
>> >> On Monday, 30 May 2016 20:13:18 UTC+2, Ander Ustarroz wrote:
>> >>>
>> >>> I am surprised this feature is not implemented yet, at the moment
when we create a new model  three permissions are created automatically:
>> >>>
>> >>> add_permission
>> >>> change_permission
>> >>> delete_permission
>> >>>
>> >>> We really missing the view_permission here, when we want staff to be
able to see the content but not being able to modify it. Searching a bit,
 you can find many different implementations to achieve this, but all of
them are extending django.contrib.admin.ModelAdmin. Having so many people
rewriting these methods in my opinion is a clear sign that this feature
should be part of the core.
>> >>>
>> >>> Regards,
>> >>>
>> > --
>> > You received this message because you are subscribed to the Google
Groups "Django users" group.
>> > To unsubscribe from this group and stop receiving emails from it, send
an email to django-users+unsubscr...@googlegroups.com.
>> > To post to this group, send email to django-users@googlegroups.com.
>> > Visit this group at https://groups.google.com/group/django-users.
>> > To view this discussion on the web visit
https://groups.google.com/d/msgid/django-users/3c4931c3-453f-4a80-a62d-16bc9873817b%40googlegroups.com
.
>> > For more options, visit https://groups.google.com/d/optout.
>> >
>>
>> --
>> "La utopía sirve para caminar" Fernando Birri
>>
>> <
https://ci3.googleusercontent.com/proxy/pleYFBjRTaqPzwl0QWV68XGbm9_iKE548G9HnZip6o7gk46Dni4svLKWIxqanv21wf4L-oDTIVyWUviHHYQOxYJ_VR-E2QHnDRBqrtZefM09Bgx09obS9PzSCP77HVIAehvKQVoH7RXKVRwJcXB8ZhPlAlEmO_2MsbjN1bH8rF0L8O0qa_FTVnBaZA84NQjOjE3lH9ACs5sERtY=s0-d-e1-ft#https://docs.google.com/uc?export=download&id=0B4-s_Bgz_-NSN0V3b24zU25fMW8&revid=0B4-s_Bgz_-NSdy9OTkYzcDN6RGZITWl5amdqT3JxVnNVVSswPQ
>
>>
>> --
>> You received this message because you are subscribed to the Google
Groups "Django users" group.
>> To unsubscribe from this group and stop receiving emails from it, send
an email to django-users+unsubscr...@googlegroups.com.
>> To post to this group, send email to django-users@googlegroups.com.
>> Visit this group at https://groups.google.com/group/django-users.
>> To view this discussion on the web visit
https://groups.google.com/d/msgid/django-users/CAG%2B5VyNvMr6Ch5zdDz%2Bb%3DWX5%3D0-pnmnj%3DTykkU3N_KXQibHgiw%40mail.gmail.com
.
>> For more options, visit https://groups.google.com/d/optout.
>
> --
> You received this message because you are subscribed to the Google Groups
"Django users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
email to django-users+unsubscr...@googlegroups.com.
> To post to this group, send email to django-users@googlegroups.com.
> Visit this group at https://groups.google.com/group/django-users.
> To view this discussion on the web visit
https://groups.google.com/d/msgid/django-users/CAExk7p3S0p7qO-9CDUPgDc9tyt%3DR%2Bd2XPeJkMxt8QSP13XRCFQ%40mail.gmail.com
.
> For more options, visit https://groups.google.com/d/optout.
>

-- 
"La utopía sirve para caminar" Fernando Birri

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at https://groups.google.com/group/django-users.
To v

Re: Adding view permission by default to auth_permission

2016-10-29 Thread Olivier Dalang 
Indeed I just have to squash the commits then it can be merged. I'm out of
office until next week but will do so when back.

Bests

On 27 Oct 2016 23:23, "Luis Zárate"  wrote:

> This is alive in
>
> https://github.com/django/django/pull/6734
>
> The other PR was close because this have not merge conflict.
>
> I think this functionality is needed an will be included soon.
>
>
>
>
> El jueves, 27 de octubre de 2016, mmatt  escribió:
> > On another note, I believe django dev team needs to understand life is
> rarely boolean. That is, even the staff that you trust, you don't always
> trust 100% :) actually almost never trust 100% so good to have options.
> > Mehmet
> >
> > On Wednesday, June 1, 2016 at 4:59:47 AM UTC-5, Derek wrote:
> >>
> >> My own observation, from years on this mailing list, is that the dev
> team do not consider this a must-have for Django; their view (as far as I
> understand it!) is that the admin is designed for trusted users, so simply
> do not let them have access at all.  Having said that, there is a pull
> request underway for a feature that seems similar to what you want:
> >>
> >> https://github.com/django/django/pull/5297
> >>
> >> (P.S. Also bear in mind that Django, like most FOSS projects, is not
> actually a democracy - so something 'the people want" does not necessarily
> get done; not understanding this trips many people up...)
> >>
> >> On Monday, 30 May 2016 20:13:18 UTC+2, Ander Ustarroz wrote:
> >>>
> >>> I am surprised this feature is not implemented yet, at the moment when
> we create a new model  three permissions are created automatically:
> >>>
> >>> add_permission
> >>> change_permission
> >>> delete_permission
> >>>
> >>> We really missing the view_permission here, when we want staff to be
> able to see the content but not being able to modify it. Searching a bit,
>  you can find many different implementations to achieve this, but all of
> them are extending django.contrib.admin.ModelAdmin. Having so many people
> rewriting these methods in my opinion is a clear sign that this feature
> should be part of the core.
> >>>
> >>> Regards,
> >>>
> > --
> > You received this message because you are subscribed to the Google
> Groups "Django users" group.
> > To unsubscribe from this group and stop receiving emails from it, send
> an email to django-users+unsubscr...@googlegroups.com.
> > To post to this group, send email to django-users@googlegroups.com.
> > Visit this group at https://groups.google.com/group/django-users.
> > To view this discussion on the web visit https://groups.google.com/d/
> msgid/django-users/3c4931c3-453f-4a80-a62d-16bc9873817b%40googlegroups.com
> .
> > For more options, visit https://groups.google.com/d/optout.
> >
>
> --
> "La utopía sirve para caminar" Fernando Birri
>
>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Django users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to django-users+unsubscr...@googlegroups.com.
> To post to this group, send email to django-users@googlegroups.com.
> Visit this group at https://groups.google.com/group/django-users.
> To view this discussion on the web visit https://groups.google.com/d/
> msgid/django-users/CAG%2B5VyNvMr6Ch5zdDz%2Bb%3DWX5%
> 3D0-pnmnj%3DTykkU3N_KXQibHgiw%40mail.gmail.com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at https://groups.google.com/group/django-users.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-users/CAExk7p3S0p7qO-9CDUPgDc9tyt%3DR%2Bd2XPeJkMxt8QSP13XRCFQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: Adding view permission by default to auth_permission

2016-10-27 Thread Luis Zárate 
This is alive in

https://github.com/django/django/pull/6734

The other PR was close because this have not merge conflict.

I think this functionality is needed an will be included soon.




El jueves, 27 de octubre de 2016, mmatt  escribió:
> On another note, I believe django dev team needs to understand life is
rarely boolean. That is, even the staff that you trust, you don't always
trust 100% :) actually almost never trust 100% so good to have options.
> Mehmet
>
> On Wednesday, June 1, 2016 at 4:59:47 AM UTC-5, Derek wrote:
>>
>> My own observation, from years on this mailing list, is that the dev
team do not consider this a must-have for Django; their view (as far as I
understand it!) is that the admin is designed for trusted users, so simply
do not let them have access at all.  Having said that, there is a pull
request underway for a feature that seems similar to what you want:
>>
>> https://github.com/django/django/pull/5297
>>
>> (P.S. Also bear in mind that Django, like most FOSS projects, is not
actually a democracy - so something 'the people want" does not necessarily
get done; not understanding this trips many people up...)
>>
>> On Monday, 30 May 2016 20:13:18 UTC+2, Ander Ustarroz wrote:
>>>
>>> I am surprised this feature is not implemented yet, at the moment when
we create a new model  three permissions are created automatically:
>>>
>>> add_permission
>>> change_permission
>>> delete_permission
>>>
>>> We really missing the view_permission here, when we want staff to be
able to see the content but not being able to modify it. Searching a bit,
 you can find many different implementations to achieve this, but all of
them are extending django.contrib.admin.ModelAdmin. Having so many people
rewriting these methods in my opinion is a clear sign that this feature
should be part of the core.
>>>
>>> Regards,
>>>
> --
> You received this message because you are subscribed to the Google Groups
"Django users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
email to django-users+unsubscr...@googlegroups.com.
> To post to this group, send email to django-users@googlegroups.com.
> Visit this group at https://groups.google.com/group/django-users.
> To view this discussion on the web visit
https://groups.google.com/d/msgid/django-users/3c4931c3-453f-4a80-a62d-16bc9873817b%40googlegroups.com
.
> For more options, visit https://groups.google.com/d/optout.
>

-- 
"La utopía sirve para caminar" Fernando Birri

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at https://groups.google.com/group/django-users.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-users/CAG%2B5VyNvMr6Ch5zdDz%2Bb%3DWX5%3D0-pnmnj%3DTykkU3N_KXQibHgiw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: Adding view permission by default to auth_permission

2016-10-27 Thread mmatt 
On another note, I believe django dev team needs to understand life is 
rarely boolean. That is, even the staff that you trust, you don't always 
trust 100% :) actually almost never trust 100% so good to have options. 

Mehmet

On Wednesday, June 1, 2016 at 4:59:47 AM UTC-5, Derek wrote:
>
> My own observation, from years on this mailing list, is that the dev team 
> do not consider this a must-have for Django; their view (as far as I 
> understand it!) is that the admin is designed for trusted users, so simply 
> do not let them have access at all.  Having said that, there is a pull 
> request underway for a feature that seems similar to what you want:
>
> https://github.com/django/django/pull/5297
>
> (P.S. Also bear in mind that Django, like most FOSS projects, is not 
> actually a democracy - so something 'the people want" does not necessarily 
> get done; not understanding this trips many people up...)
>
> On Monday, 30 May 2016 20:13:18 UTC+2, Ander Ustarroz wrote:
>>
>> I am surprised this feature is not implemented yet, at the moment when we 
>> create a new model  three permissions are created automatically:
>>
>>- 
>>- *add_permission*
>>- *change_permission*
>>- 
>> *delete_permission *
>>
>> We really missing the *view_permission* here, when we want staff to be 
>> able to see the content but not being able to modify it. Searching a bit, 
>>  you can find many different implementations to achieve this, but all of 
>> them are extending django.contrib.*admin.**ModelAdmin*. Having so many 
>> people rewriting these methods in my opinion is a clear sign that this 
>> feature should be part of the core. 
>>
>> Regards,
>>
>>

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at https://groups.google.com/group/django-users.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-users/3c4931c3-453f-4a80-a62d-16bc9873817b%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: Adding view permission by default to auth_permission

2016-10-27 Thread mmatt 
Derek,

On almost every context where view permission is discussed, that admin does 
not need is brought up as a reason. This a little confuses me. The 
permissions are not for the admin only, and they may be used for the actual 
application, right? So, is it assumed that people would add it, if needed? 
when I first came across it, I thought maybe it is not needed because via 
use of custom managers, non-view-able objects get filtered out and there is 
no need for permission testing. 

Mehmet

On Wednesday, June 1, 2016 at 4:59:47 AM UTC-5, Derek wrote:
>
> My own observation, from years on this mailing list, is that the dev team 
> do not consider this a must-have for Django; their view (as far as I 
> understand it!) is that the admin is designed for trusted users, so simply 
> do not let them have access at all.  Having said that, there is a pull 
> request underway for a feature that seems similar to what you want:
>
> https://github.com/django/django/pull/5297
>
> (P.S. Also bear in mind that Django, like most FOSS projects, is not 
> actually a democracy - so something 'the people want" does not necessarily 
> get done; not understanding this trips many people up...)
>
> On Monday, 30 May 2016 20:13:18 UTC+2, Ander Ustarroz wrote:
>>
>> I am surprised this feature is not implemented yet, at the moment when we 
>> create a new model  three permissions are created automatically:
>>
>>- 
>>- *add_permission*
>>- *change_permission*
>>- 
>> *delete_permission *
>>
>> We really missing the *view_permission* here, when we want staff to be 
>> able to see the content but not being able to modify it. Searching a bit, 
>>  you can find many different implementations to achieve this, but all of 
>> them are extending django.contrib.*admin.**ModelAdmin*. Having so many 
>> people rewriting these methods in my opinion is a clear sign that this 
>> feature should be part of the core. 
>>
>> Regards,
>>
>>

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at https://groups.google.com/group/django-users.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-users/49c3f9a2-a885-4019-b8aa-09fe467ce501%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: Adding view permission by default to auth_permission

2016-06-01 Thread Derek 
My own observation, from years on this mailing list, is that the dev team 
do not consider this a must-have for Django; their view (as far as I 
understand it!) is that the admin is designed for trusted users, so simply 
do not let them have access at all.  Having said that, there is a pull 
request underway for a feature that seems similar to what you want:

https://github.com/django/django/pull/5297

(P.S. Also bear in mind that Django, like most FOSS projects, is not 
actually a democracy - so something 'the people want" does not necessarily 
get done; not understanding this trips many people up...)

On Monday, 30 May 2016 20:13:18 UTC+2, Ander Ustarroz wrote:
>
> I am surprised this feature is not implemented yet, at the moment when we 
> create a new model  three permissions are created automatically:
>
>- 
>- *add_permission*
>- *change_permission*
>- 
> *delete_permission *
>
> We really missing the *view_permission* here, when we want staff to be 
> able to see the content but not being able to modify it. Searching a bit, 
>  you can find many different implementations to achieve this, but all of 
> them are extending django.contrib.*admin.**ModelAdmin*. Having so many 
> people rewriting these methods in my opinion is a clear sign that this 
> feature should be part of the core. 
>
> Regards,
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at https://groups.google.com/group/django-users.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-users/078b25c1-1ee1-4c67-9870-d41ee0e884db%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: Adding view permission by default to auth_permission

2016-05-31 Thread Akhil Lawrence 
Ander,

Please add your suggestion as a ticket in django ticketing system.

https://code.djangoproject.com/newticket



On Monday, 30 May 2016 23:43:18 UTC+5:30, Ander Ustarroz wrote:
>
> I am surprised this feature is not implemented yet, at the moment when we 
> create a new model  three permissions are created automatically:
>
>- 
>- *add_permission*
>- *change_permission*
>- 
> *delete_permission *
>
> We really missing the *view_permission* here, when we want staff to be 
> able to see the content but not being able to modify it. Searching a bit, 
>  you can find many different implementations to achieve this, but all of 
> them are extending django.contrib.*admin.**ModelAdmin*. Having so many 
> people rewriting these methods in my opinion is a clear sign that this 
> feature should be part of the core. 
>
> Regards,
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at https://groups.google.com/group/django-users.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-users/cef6376c-4893-42d9-97c8-c09a59710751%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Adding view permission by default to auth_permission

2016-05-30 Thread Ander Ustarroz 
I am surprised this feature is not implemented yet, at the moment when we 
create a new model  three permissions are created automatically:

   - 
   - *add_permission*
   - *change_permission*
   - 
*delete_permission *

We really missing the *view_permission* here, when we want staff to be able 
to see the content but not being able to modify it. Searching a bit,  you 
can find many different implementations to achieve this, but all of them 
are extending django.contrib.*admin.**ModelAdmin*. Having so many people 
rewriting these methods in my opinion is a clear sign that this feature 
should be part of the core. 

Regards,

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at https://groups.google.com/group/django-users.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-users/ad0d967f-2efb-43e8-b9f6-4234fa886f81%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.