Inconsistency with permissions for proxy models
|Reported by:||etianen||Owned by:|
|Severity:||Normal||Keywords:||proxy contenttype permission|
|Cc:||omat@…, david@…, walter+django@…, DrMeers, Ciantic, etianen, thepapermen, kmike84@…, danny.adair@…, omer.drow@…, Kronuz, danols@…, charette.s@…, saxix.rome@…, 4glitch@…, maa@…, kegan@…, hv@…, charettes||Triage Stage:||Accepted|
|Has patch:||yes||Needs documentation:||yes|
|Needs tests:||no||Patch needs improvement:||yes|
Summary: The content type framework treats proxy models and their parent as the same model. The permissions framework treats them as separate models.
This is complicated, and best explained by example. First of all, create this model:
class UserProxy(User): class Meta: proxy = True app_label = "foo"
This will result in three new permission objects being created: "auth.add_userproxy", "auth.change_userproxy", "auth.delete_userproxy"
However, when the admin site checks for permissions for this model, it will be looking for permissions called: "foo.add_userproxy", "foo.change_userproxy", "foo.delete_userproxy"
The inconsistency lies in that permissions are created using the ContentType of the proxy model's parent class. However, permissions are checked using the app_label of the proxy model itself.
In order to reconcile this, there appear to be two options:
- Allow each proxy model to have it's own ContentType.
- Make ProxyModel._meta.app_label return the app label of the parent model.
Personally, it makes sense to me that each proxy model has its own ContentType. Since proxy models can represent subsets of the parent model, they require different admin permissions. In order to have different admin permissions, they need to have their own content types.
The current situation is a horrible mess of both approaches. The content type framework treats proxy models as being the same as their parent model. The permissions framework treats them as different.
I realise that this is something of a design decision for the framework. I leave it up to greater minds than mine to come up with a solution!
Change History (54)
comment:1 Changed 5 years ago by etianen
- Cc david@… added
- Needs documentation unset
- Needs tests unset
- Patch needs improvement unset
comment:2 Changed 5 years ago by jacob
- milestone changed from 1.1 to 1.2
- Triage Stage changed from Unreviewed to Design decision needed
Changed 4 years ago by wdoekes
comment:11 Changed 4 years ago by mtredinnick
- Triage Stage changed from Design decision needed to Accepted
comment:18 Changed 3 years ago by etianen
- Cc etianen added
- Severity set to Normal
- Type set to Uncategorized
comment:30 Changed 3 years ago by danols
- Cc danols@… added
comment:35 Changed 2 years ago by charettes
- Needs documentation set
- Needs tests set
comment:37 in reply to: ↑ 36 ; follow-up: ↓ 38 Changed 2 years ago by charettes
comment:42 Changed 2 years ago by charettes
- Has patch set
- Keywords proxy contenttype permission added
- Needs tests unset
comment:46 Changed 16 months ago by charettes
- Owner changed from nobody to charettes
- Status changed from new to assigned
comment:49 Changed 7 months ago by kegan
- Cc kegan@… added