Opened 9 years ago

Closed 8 years ago

Last modified 8 years ago

#25169 closed Cleanup/optimization (fixed)

Document "stacking" of login_required and permission_required

Reported by: aithusa Owned by: Bryan Marty
Component: Documentation Version: 1.8
Severity: Normal Keywords:
Cc: Triage Stage: Accepted
Has patch: yes Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: no UI/UX: no

Description

Related to #4617
As suggested by hvdklauw here, it would be better if the permission_required decorator does not redirect users to 403 immediately without letting them log in as the user may be confused and not know that they were required to log in. I think it would be useful and less confusion for both developer and users.

Change History (9)

comment:1 by aithusa, 9 years ago

Summary: permission_required decorator should only redirect to 403 if user is not logged inpermission_required decorator should only redirect to 403 if user is logged in

comment:2 by Tim Graham, 9 years ago

That makes some sense, however, backwards compatibility could be an issue. What about stacking @login_required before @permission_required if you need this behavior?

comment:3 by aithusa, 9 years ago

That's what I did eventually after some googling. If this is not possible to add/fix, would it be possible to putting this on the documentation as I expect quite a few people would like to have such behaviour. Cheers.

comment:4 by Tim Graham, 9 years ago

Component: UncategorizedDocumentation
Summary: permission_required decorator should only redirect to 403 if user is logged inDocument "stacking" of login_required and permission_required
Triage Stage: UnreviewedAccepted
Type: UncategorizedCleanup/optimization

Sure, care to offer a patch?

comment:5 by Bryan Marty, 8 years ago

Owner: changed from nobody to Bryan Marty
Status: newassigned

comment:6 by Bryan Marty, 8 years ago

Has patch: set

I found the wording of the description rather confusing. I think I understand what the original author was commenting on, and I created a pull request based on my understanding. If I understood the ticket wrong, please let me know.

Pull Request:
https://github.com/django/django/pull/5522

comment:7 by Tim Graham <timograham@…>, 8 years ago

Resolution: fixed
Status: assignedclosed

In 9788625:

Fixed #25169 -- Documented stacking of permission_required and login_required.

comment:8 by Tim Graham <timograham@…>, 8 years ago

In 16c1075:

[1.8.x] Fixed #25169 -- Documented stacking of permission_required and login_required.

Backport of 9788625277b85596302bbf2c39cf829b7a766a4f from master

comment:9 by Tim Graham <timograham@…>, 8 years ago

In 8e23527:

[1.9.x] Fixed #25169 -- Documented stacking of permission_required and login_required.

Backport of 9788625277b85596302bbf2c39cf829b7a766a4f from master

Note: See TracTickets for help on using tickets.
Back to Top