AnonymousUser has_perm should check backends has_perm
|Reported by:||hvdklauw||Owned by:||nobody|
|Cc:||jezdez, apollo13, danfairs, Ciantic||Triage Stage:||Unreviewed|
|Has patch:||yes||Needs documentation:||yes|
|Needs tests:||yes||Patch needs improvement:||yes|
Right now a non logged in user isn't allowed to do anything at all.
Which is weird, there might be cases where you want to have a backend that stores guest permissions.
I implemented everything for it, only to discover that the anonymous user doesn't even check the backends.
I think it's a small thing to add which will make the possibilities of custom backends even greater !
The default backend would get an extra check in the has_perm function that checks if the passed user_obj.
Change History (11)
comment:1 Changed 5 years ago by hvdklauw
- Needs documentation unset
- Needs tests unset
- Patch needs improvement unset
comment:2 Changed 5 years ago by hvdklauw
- Needs documentation set
- Needs tests set
- Patch needs improvement set
comment:7 Changed 5 years ago by lukeplant
- Resolution set to fixed
- Status changed from new to closed