Raise an error if a string is passed into has_perms() instead of a list
A colleague made this error recently doing a user.has_perms("foobar")
instead of the correct user.has_perms(["foobar"])
or user.has_perm("foobar")
. The code initially appeared to work fine since in Python, str
is an iterable that returned individual characters as string when iterated over.
We checked for str
in particular rather than enforcing it to be a list
, since perm_list
may actually be tuple, set, generators, or other iterables.
An alternative way this could be fixed is to just silently behave like has_perm()
if perm_list
is actually a string rather than raising an error, but that'll probably enforce a bad habit.
Pull request in Github (https://github.com/django/django/pull/14969).
Change History
(7)
Description: |
modified (diff)
|
Description: |
modified (diff)
|
Description: |
modified (diff)
|
Component: |
Uncategorized → contrib.auth
|
Owner: |
changed from nobody to lieryan
|
Patch needs improvement: |
set
|
Status: |
new → assigned
|
Triage Stage: |
Unreviewed → Accepted
|
Type: |
Uncategorized → Cleanup/optimization
|
Patch needs improvement: |
unset
|
Triage Stage: |
Accepted → Ready for checkin
|
Resolution: |
→ fixed
|
Status: |
assigned → closed
|
In 05cde47: