Opened 9 years ago

Closed 9 years ago

#13576 closed (duplicate)

Found a bug of checking permission rules in django.contrib.admin.actions.delete_selected

Reported by: pelid80@… Owned by: nobody
Component: contrib.admin Version: 1.2
Severity: Keywords: permissions actions
Cc: Triage Stage: Unreviewed
Has patch: yes Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: no UI/UX: no


In case of custom ModelAdmin.has_delete_permission method implementation we can use "obj=None" argument to make decision. But django.contrib.admin.actions.delete_selected method by some reason does not check permission rules for each of its queryset object.

Simple patch is added to this ticket.

Attachments (1)

django_contrib_admin_actions-fix-perms-check-bug.diff (662 bytes) - added by pelid80@… 9 years ago.

Download all attachments as: .zip

Change History (2)

comment:1 Changed 9 years ago by Russell Keith-Magee

Resolution: duplicate
Status: newclosed

Looks like a duplicate of #13539; the fix proposed there looks like a better approach to me.

Note: See TracTickets for help on using tickets.
Back to Top