You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
The reason will be displayed to describe this comment to others. Learn more.
Hi, I am wondering why this should be changed like this. should we use user.has_perm(p, self) for p in perms?
As in docs and code of Django, it is the auth backend should be responsible for this, and for obj permission, IMO should use user.has_perm(p, self)
The reason will be displayed to describe this comment to others. Learn more.
Hey @RainshawGao .
The use case here is for global permissions. For example, when you define a model like this:
classFoo(GuardedModel):
classMeta:
permissions= [
("can_edit", "Can edit this object"),
]
You can use guardian to give foo.can_edit permission to a single user to a single object.
But, you can also give the user global permission to foo.can_edit, which should translate that that user has foo.can_edit to all objects regardless.
This is also to make sure that this works like the for_user query because, in there, the get_objects_for_user will respect that global permission and this function wasn't.
There is a documented issue here regarding that: django-guardian/django-guardian#380 . Probably there'll be an easier way to do this because, right now, the checker isn't respecting the global permissions
a96ff32
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hi, I am wondering why this should be changed like this. should we use
user.has_perm(p, self) for p in perms
?As in docs and code of Django, it is the auth backend should be responsible for this, and for obj permission, IMO should use
user.has_perm(p, self)
a96ff32
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hey @RainshawGao .
The use case here is for global permissions. For example, when you define a model like this:
You can use guardian to give
foo.can_edit
permission to a single user to a single object.But, you can also give the user global permission to
foo.can_edit
, which should translate that that user hasfoo.can_edit
to all objects regardless.This is also to make sure that this works like the
for_user
query because, in there, theget_objects_for_user
will respect that global permission and this function wasn't.There is a documented issue here regarding that: django-guardian/django-guardian#380 . Probably there'll be an easier way to do this because, right now, the checker isn't respecting the global permissions
a96ff32
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ok, got it, thank you! 😊