From fd9ddb2dc10d962709f5f2de72addc702a1884b9 Mon Sep 17 00:00:00 2001 From: Adrian Holovaty Date: Fri, 26 Dec 2008 06:02:44 +0000 Subject: [1.0.X] Merged [9682], [9683] and [9684] from trunk. These were changes dealing with documenting and adding a helpful error message for the quirk of admin users needing 'change user' permission to add users. Refs #9866 git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.0.X@9685 bcc190cf-cafb-0310-a4f2-bffc1f526a37 --- docs/topics/auth.txt | 15 +++++++++++++++ 1 file changed, 15 insertions(+) (limited to 'docs') diff --git a/docs/topics/auth.txt b/docs/topics/auth.txt index e979997590..6de6a3bc61 100644 --- a/docs/topics/auth.txt +++ b/docs/topics/auth.txt @@ -292,6 +292,21 @@ that comes with Django:: >>> user.is_staff = True >>> user.save() +You can also create users using the Django admin site. Assuming you've enabled +the admin site and hooked it to the URL ``/admin/``, the "Add user" page is at +``/admin/auth/user/add/``. You should also see a link to "Users" in the "Auth" +section of the main admin index page. The "Add user" admin page is different +than standard admin pages in that it requires you to choose a username and +password before allowing you to edit the rest of the user's fields. + +Also note: if you want your own user account to be able to create users using +the Django admin site, you'll need to give yourself permission to add users +*and* change users (i.e., the "Add user" and "Change user" permissions). If +your account has permission to add users but not to change them, you won't be +able to add users. Why? Because if you have permission to add users, you have +the power to create superusers, which can then, in turn, change other users. So +Django requires add *and* change permissions as a slight security measure. + Changing passwords ~~~~~~~~~~~~~~~~~~ -- cgit v1.3