Opened 15 years ago

Closed 15 years ago

Last modified 13 years ago

#12557 closed (fixed)

AnonymousUser has_perm should check backends has_perm

Reported by: Harro Owned by: nobody
Component: contrib.auth Version: dev
Severity: Keywords: has_perm AnonymousUser
Cc: Jannis Leidel, Florian Apolloner, Dan Fairs, Jari Pennanen Triage Stage: Unreviewed
Has patch: yes Needs documentation: yes
Needs tests: yes Patch needs improvement: yes
Easy pickings: no UI/UX: no

Description

Right now a non logged in user isn't allowed to do anything at all.
Which is weird, there might be cases where you want to have a backend that stores guest permissions.

I implemented everything for it, only to discover that the anonymous user doesn't even check the backends.

I think it's a small thing to add which will make the possibilities of custom backends even greater !

The default backend would get an extra check in the has_perm function that checks if the passed user_obj.

Attachments (3)

anonymous_permissions.2.diff (2.4 KB ) - added by Harro 15 years ago.
AnonymousUser also checks backend for permissions
anonymous_permissions.diff (2.5 KB ) - added by Harro 15 years ago.
supports_anonymous_users.diff (1.8 KB ) - added by Harro 15 years ago.
Patch for supports_anonymous_users flag on backends

Download all attachments as: .zip

Change History (11)

by Harro, 15 years ago

AnonymousUser also checks backend for permissions

comment:1 by Harro, 15 years ago

Bleg.. now without errors.. (or so says pyflakes :))

by Harro, 15 years ago

Attachment: anonymous_permissions.diff added

comment:2 by Harro, 15 years ago

Needs documentation: set
Needs tests: set
Patch needs improvement: set

Finally got the diff correct (stupid bug in svn :S)

Anyway.. I think this will make the whole permission system even more powerful, it will allow backends to implement anonymous permissions.

The documentation should reflect this change too, because custom backends shouldn't assume the user is a valid logged in user.

comment:3 by Jannis Leidel, 15 years ago

Cc: Jannis Leidel added

comment:5 by Dan Fairs, 15 years ago

Cc: Dan Fairs added

comment:6 by Jari Pennanen, 15 years ago

Cc: Jari Pennanen added

by Harro, 15 years ago

Patch for supports_anonymous_users flag on backends

comment:7 by Luke Plant, 15 years ago

Resolution: fixed
Status: newclosed

(In [12316]) Fixed #12557 - AnonymousUser should check auth backends for permissions

Thanks to hvdklauw for the idea and work on the patch.

comment:8 by Jacob, 13 years ago

milestone: 1.2

Milestone 1.2 deleted

Note: See TracTickets for help on using tickets.
Back to Top