From 6a30f5a2ea120d143b457a612ab9f1d1236256b6 Mon Sep 17 00:00:00 2001 From: Malcolm Tredinnick Date: Mon, 6 Oct 2008 11:26:59 +0000 Subject: [PATCH] [1.0.X] Fixed #7011 -- Clarified what User.is_active really means in the documentation. Backport of r9176 from trunk. git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.0.X@9179 bcc190cf-cafb-0310-a4f2-bffc1f526a37 --- docs/topics/auth.txt | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/docs/topics/auth.txt b/docs/topics/auth.txt index b6e9a9d5dd..4c95adee6c 100644 --- a/docs/topics/auth.txt +++ b/docs/topics/auth.txt @@ -89,8 +89,15 @@ Fields .. attribute:: models.User.is_active - Boolean. Designates whether this account can be used to log in. Set this - flag to ``False`` instead of deleting accounts. + Boolean. Designates whether this user account should be considered + active. Set this flag to ``False`` instead of deleting accounts. + + This doesn't control whether or not the user can log in. Nothing in + the authentication path checks the ``is_active`` flag, so if you want + to reject a login based on ``is_active`` being ``False``, it is up to + you to check that in your own login view. However, permission checking + using the methods like :meth:`~models.User.has_perm` does check this + flag and will always return ``False`` for inactive users. .. attribute:: models.User.is_superuser