summaryrefslogtreecommitdiff
path: root/docs/topics
diff options
context:
space:
mode:
authorJannis Leidel <jannis@leidel.info>2010-12-21 19:18:12 +0000
committerJannis Leidel <jannis@leidel.info>2010-12-21 19:18:12 +0000
commit745c255a19df498d328b908fc3df326cdf0cf638 (patch)
treed6da7081dbb552d98a0f05c98baeba9348531a67 /docs/topics
parent5830477e467482edcdee7e9e65feed8c98dd0bc2 (diff)
Fixed #14249 -- Added support for inactive users to the auth backend system. Thanks, Harro van der Klauw.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15010 bcc190cf-cafb-0310-a4f2-bffc1f526a37
Diffstat (limited to 'docs/topics')
-rw-r--r--docs/topics/auth.txt27
1 files changed, 26 insertions, 1 deletions
diff --git a/docs/topics/auth.txt b/docs/topics/auth.txt
index 04b6d39964..641db3a8b2 100644
--- a/docs/topics/auth.txt
+++ b/docs/topics/auth.txt
@@ -741,7 +741,7 @@ The login_required decorator
@login_required
def my_view(request):
...
-
+
:func:`~django.contrib.auth.decorators.login_required` does the following:
* If the user isn't logged in, redirect to
@@ -1645,6 +1645,31 @@ loudly. Additionally ``supports_anonymous_user`` will be set to ``False``.
Django 1.4 will assume that every backend supports anonymous users being
passed to the authorization methods.
+Authorization for inactive users
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+.. versionadded:: 1.3
+
+An inactive user is a one that is authenticated but has its attribute
+``is_active`` set to ``False``. However this does not mean they are not
+authrozied to do anything. For example they are allowed to activate their
+account.
+
+The support for anonymous users in the permission system allows for
+anonymous users to have permissions to do something while inactive
+authenticated users do not.
+
+To enable this on your own backend, you must set the class attribute
+``supports_inactive_user`` to ``True``.
+
+A nonexisting ``supports_inactive_user`` attribute will raise a
+``PendingDeprecationWarning`` if used in Django 1.3. In Django 1.4, this
+warning will be updated to a ``DeprecationWarning`` which will be displayed
+loudly. Additionally ``supports_inactive_user`` will be set to ``False``.
+Django 1.5 will assume that every backend supports inactive users being
+passed to the authorization methods.
+
+
Handling object permissions
---------------------------