#9444 closed (wontfix)
[1.1 Pony] AnonymousUser that you can set specific permissions for
Reported by: | Digitalxero | Owned by: | nobody |
---|---|---|---|
Component: | contrib.auth | Version: | 1.0 |
Severity: | Keywords: | Feature Request, Version 1.1 | |
Cc: | digitalxero@… | Triage Stage: | Unreviewed |
Has patch: | yes | Needs documentation: | no |
Needs tests: | no | Patch needs improvement: | no |
Easy pickings: | no | UI/UX: | no |
Description
The reason for this patch is because I do not like having to special case permissions for the AnonymousUser for every model I wish to allow them access to.
I am working on an ACL that has no concept of User per say, it is using a generic relationship to maintain a list of subjects and objects that it controls, so subject and object can be any Model. In the ACL you will primarily use it for Users and Groups as subject and other models as objects, but you could potentially restrict one Models access to another (why I dont know but you can).
The fact that the AnonymousUser has no model makes it impossible for me to add them as a subject to my ACL, or for any other permissions system to manage them other then special casing. Special casing is all well and good when you are not doing Row level permissions, as there are not going to be that many special cases, but once you start getting into row level permissions there could potentially be hundreds (or thousands) of cases when I would need to do special casing just for the AnonymousUser, which is very un-DRY (IMHO)
This patch allows the creation of a user with the username BuiltinDjangoAnonymousUser, and will return an instance of that User (if it exists) instead of the AnonymousUser class. I added checking in the actual user model for this special user so that it will still return the proper values for is_authenticated, and is_anonymous, and so that noone could login as the special anonymous user. I also added a management command to create the new Anonymous User, and a signal listener to ask if you want to create one when you first install the Auth app.
Attachments (3)
Change History (5)
by , 16 years ago
Attachment: | anonuser.models.patch added |
---|
by , 16 years ago
Attachment: | anonuser.management.__init__.patch added |
---|
Add the Signal Listener to ask if they wish to create an Anon User
comment:1 by , 16 years ago
Resolution: | → wontfix |
---|---|
Status: | new → closed |
None of the core maintainers were in favour of this feature when we discussed 1.1 features (it ended up with eight -1 votes and one -0 out of nine voters).
django.contrib.auth.model Patch to include the new Special Anon user