Opened 7 years ago

Closed 7 years ago

Last modified 6 years ago

#9444 closed (wontfix)

[1.1 Pony] AnonymousUser that you can set specific permissions for

Reported by: Digitalxero Owned by: nobody
Component: contrib.auth Version: 1.0
Severity: Keywords: Feature Request, Version 1.1
Cc: digitalxero@… Triage Stage: Unreviewed
Has patch: yes Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: UI/UX:

Description

The reason for this patch is because I do not like having to special case permissions for the AnonymousUser for every model I wish to allow them access to.

I am working on an ACL that has no concept of User per say, it is using a generic relationship to maintain a list of subjects and objects that it controls, so subject and object can be any Model. In the ACL you will primarily use it for Users and Groups as subject and other models as objects, but you could potentially restrict one Models access to another (why I dont know but you can).

The fact that the AnonymousUser has no model makes it impossible for me to add them as a subject to my ACL, or for any other permissions system to manage them other then special casing. Special casing is all well and good when you are not doing Row level permissions, as there are not going to be that many special cases, but once you start getting into row level permissions there could potentially be hundreds (or thousands) of cases when I would need to do special casing just for the AnonymousUser, which is very un-DRY (IMHO)

This patch allows the creation of a user with the username BuiltinDjangoAnonymousUser, and will return an instance of that User (if it exists) instead of the AnonymousUser class. I added checking in the actual user model for this special user so that it will still return the proper values for is_authenticated, and is_anonymous, and so that noone could login as the special anonymous user. I also added a management command to create the new Anonymous User, and a signal listener to ask if you want to create one when you first install the Auth app.

Attachments (3)

anonuser.models.patch (5.6 KB) - added by Digitalxero 7 years ago.
django.contrib.auth.model Patch to include the new Special Anon user
anonuser.management.__init__.patch (1.5 KB) - added by Digitalxero 7 years ago.
Add the Signal Listener to ask if they wish to create an Anon User
createanonuser.py (1002 bytes) - added by Digitalxero 7 years ago.
The actual createanonuser Management command

Download all attachments as: .zip

Change History (5)

Changed 7 years ago by Digitalxero

django.contrib.auth.model Patch to include the new Special Anon user

Changed 7 years ago by Digitalxero

Add the Signal Listener to ask if they wish to create an Anon User

Changed 7 years ago by Digitalxero

The actual createanonuser Management command

comment:1 Changed 7 years ago by mtredinnick

  • Needs documentation unset
  • Needs tests unset
  • Patch needs improvement unset
  • Resolution set to wontfix
  • Status changed from new to closed

None of the core maintainers were in favour of this feature when we discussed 1.1 features (it ended up with eight -1 votes and one -0 out of nine voters).

comment:2 Changed 6 years ago by anonymous

  • milestone post-1.0 deleted

Milestone post-1.0 deleted

Note: See TracTickets for help on using tickets.
Back to Top