Opened 10 years ago

Closed 10 years ago

Last modified 10 years ago

#24032 closed New feature (duplicate)

use has_permission instead of explicit is_staff for AdminSite

Reported by: tanner Owned by: nobody
Component: contrib.admin Version: dev
Severity: Normal Keywords:
Cc: Triage Stage: Unreviewed
Has patch: yes Needs documentation: yes
Needs tests: no Patch needs improvement: no
Easy pickings: no UI/UX: no

Description (last modified by tanner)

AdminSite currently requires users to have is_staff explicitly set in order to login, i.e. only staff members can login.
The way it is hardcoded in AdminSite and its templates makes it difficult to create custom AdminSites which allow certain non-staff members (e.g. with special permissions) to login.

With this PR, custom AdminSites only need to override has_permission and login_form to change the login requirements.

PR: https://github.com/django/django/pull/3762

Change History (3)

comment:1 by tanner, 10 years ago

Description: modified (diff)
Needs documentation: set

comment:2 by Tim Graham, 10 years ago

Resolution: duplicate
Status: newclosed

Duplicate of #22295 which has a patch that I reviewed. It takes a slightly different approach. Maybe you could comment there about which you think is preferable.

comment:3 by tanner, 10 years ago

continued in #22295

Note: See TracTickets for help on using tickets.
Back to Top