Changes between Version 12 and Version 13 of ContribAuthImprovements


Ignore:
Timestamp:
Mar 23, 2012, 12:16:37 PM (13 years ago)
Author:
Alex Ogier
Comment:

pointed out the difference in severity between an app-app and a models-settings circular dependency

Legend:

Unmodified
Added
Removed
Modified

  • ContribAuthImprovements

    v12 v13  
    121121 * Allows any user model, potentially independent of contrib.auth entirely.
    122122 * Existing projects require no migration if USER_MODEL isn't modified.
     123 * Avoids app-app circular dependencies, where apps that monkey-patch or plug into auth.User must be loaded before django.contrib.auth.models.User can be safely referenced
    123124 
    124125Optionally:
     
    170171 * Doesn't address the !EmailField length problem. (can be solved by schema migration tools?)
    171172 * !ModelForm must be more restrictive, otherwise, django will suffer security issues, just as the register_globals of PHP or the mass-assignment of Rails.
     173 * !ModelForm (and any other code that introspects auth.User) should be made lazy, or else circular dependencies can result. Introspecting auth.User and plugging into auth.User from the same app or an app loaded later is a potential circular dependency.
    172174
    173175== Solution 3: Leverage App Refactor ==
Back to Top