Opened 17 years ago
Closed 13 years ago
#6056 closed New feature (wontfix)
another auth decorator permission_required_or_message propose
Reported by: | Owned by: | nobody | |
---|---|---|---|
Component: | contrib.auth | Version: | dev |
Severity: | Normal | Keywords: | auth decorator permission_required |
Cc: | Triage Stage: | Design decision needed | |
Has patch: | yes | Needs documentation: | yes |
Needs tests: | yes | Patch needs improvement: | no |
Easy pickings: | no | UI/UX: | no |
Description
Decorator "permission_required" is very useful, but when the user is authenticated and do not have the permission, it redirect him to login_url. It seems to be unfamiliar.
I think authenticated user have to see "has no permission" message and redirect to referer url, so I propose permission_required_or_message decorator like as attachment.
Attachments (2)
Change History (7)
by , 17 years ago
Attachment: | contrib_auth_decorators.py.diff added |
---|
by , 17 years ago
Attachment: | contrib_auth_decorators.py.2.diff added |
---|
comment:1 by , 17 years ago
Keywords: | auth added |
---|---|
Needs documentation: | set |
Needs tests: | set |
comment:2 by , 17 years ago
Triage Stage: | Unreviewed → Design decision needed |
---|
I suggest a different solution: You should be able to pass a message to the login page via HTTP GET.
This does not need a new decorator and could be used for other things, too.
Example for different usage: After Log-Out you could be redirected to the login page and display
there: 'You have been logged out. You can log in again.'.
comment:3 by , 14 years ago
Component: | Contrib apps → contrib.auth |
---|
comment:4 by , 14 years ago
Severity: | → Normal |
---|---|
Type: | → New feature |
comment:5 by , 13 years ago
Easy pickings: | unset |
---|---|
Resolution: | → wontfix |
Status: | new → closed |
UI/UX: | unset |
After discussion with Carl: we're wontfixing this, because the desired behavior on a permission failure is project specific, and thus cannot live in Django, and this decorator can easily live outside of Django.
sorry, some typo fixed