Opened 17 years ago

Closed 13 years ago

#6056 closed New feature (wontfix)

another auth decorator permission_required_or_message propose

Reported by: yong27@… Owned by: nobody
Component: contrib.auth Version: dev
Severity: Normal Keywords: auth decorator permission_required
Cc: Triage Stage: Design decision needed
Has patch: yes Needs documentation: yes
Needs tests: yes Patch needs improvement: no
Easy pickings: no UI/UX: no

Description

Decorator "permission_required" is very useful, but when the user is authenticated and do not have the permission, it redirect him to login_url. It seems to be unfamiliar.

I think authenticated user have to see "has no permission" message and redirect to referer url, so I propose permission_required_or_message decorator like as attachment.

Attachments (2)

contrib_auth_decorators.py.diff (1.9 KB ) - added by yong27@… 17 years ago.
contrib_auth_decorators.py.2.diff (1.9 KB ) - added by yong27@… 17 years ago.
sorry, some typo fixed

Download all attachments as: .zip

Change History (7)

by yong27@…, 17 years ago

by yong27@…, 17 years ago

sorry, some typo fixed

comment:1 by Pete Crosier, 17 years ago

Keywords: auth added
Needs documentation: set
Needs tests: set

comment:2 by Thomas Güttler, 17 years ago

Triage Stage: UnreviewedDesign decision needed

I suggest a different solution: You should be able to pass a message to the login page via HTTP GET.
This does not need a new decorator and could be used for other things, too.

Example for different usage: After Log-Out you could be redirected to the login page and display
there: 'You have been logged out. You can log in again.'.

comment:3 by Gabriel Hurley, 14 years ago

Component: Contrib appscontrib.auth

comment:4 by Gabriel Hurley, 14 years ago

Severity: Normal
Type: New feature

comment:5 by Alex Gaynor, 13 years ago

Easy pickings: unset
Resolution: wontfix
Status: newclosed
UI/UX: unset

After discussion with Carl: we're wontfixing this, because the desired behavior on a permission failure is project specific, and thus cannot live in Django, and this decorator can easily live outside of Django.

Note: See TracTickets for help on using tickets.
Back to Top