Clarify the contract regarding is_active on custom users
|Reported by:||Russell Keith-Magee||Owned by:||nobody|
|Has patch:||yes||Needs documentation:||no|
|Needs tests:||no||Patch needs improvement:||no|
The is_active flag isn't strictly needed for custom users to work, but it is relied upon by many login mechanisms.
To that end, it would be good to clarify the exact status of the is_active flag in the User contract.
Suggested contract is:
- is_active is an optional attribute on a User object
- It may be a database attribute, but doesn't have to be. (similar to is_staff for admin access)
- If it exists, is_active is used to indicate whether the user is allowed access to the system at all. If it doesn't exist, the user is assumed to have access, pending any other permission checks that need to be performed.
Documenting the User contract is essential before 1.5 is finalised, so marking this as a release blocker.