Opened 9 years ago

Closed 8 years ago

Last modified 8 years ago

#7011 closed (fixed)

Authentication documentation doesn't describe is_active very well.

Reported by: Malcolm Tredinnick Owned by: nobody
Component: Documentation Version: master
Severity: Keywords:
Cc: Triage Stage: Accepted
Has patch: no Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: UI/UX:

Description

The documentation for the User class in the authentication docs doesn't describe the effect of the is_active flag. It could easily lead people to suspect that the flag enforces whether the person can log in, however it is just a flag and the user's code needs to check it when determining whether to grant the user access to things. Nothing in the User model or login path enforces is_active (which is a good thing), although permission checking does respect it (useful for things doing model-level permission checking).

I'm not going to fix this now, since the documentation directory is undergoing churn at the moment whilst Jacob refactors it. This should wait until after that is finished.

Change History (5)

comment:1 Changed 9 years ago by Malcolm Tredinnick

(In [7414]) Updated the inline help text for User.is_active.

Fixed #6881. Refs #7011.

comment:2 Changed 8 years ago by Simon Greenhill

Has patch: set
Triage Stage: UnreviewedReady for checkin

comment:3 Changed 8 years ago by Marc Fargas

Has patch: unset
Triage Stage: Ready for checkinAccepted

Why Ready for checkin? There's no patch attached and even malcolm said he's not going to fix this now.

comment:4 Changed 8 years ago by Malcolm Tredinnick

Resolution: fixed
Status: newclosed

(In [9176]) Fixed #7011 -- Clarified what User.is_active really means in the documentation.

comment:5 Changed 8 years ago by Malcolm Tredinnick

(In [9179]) [1.0.X] Fixed #7011 -- Clarified what User.is_active really means in the documentation.

Backport of r9176 from trunk.

Note: See TracTickets for help on using tickets.
Back to Top