From 0546794397130b1574a667d57667bd032bff78d3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Markus=20Zapke-Gr=C3=BCndemann?= Date: Sat, 3 Nov 2012 17:04:53 +0100 Subject: [PATCH] Fixed #19230 -- Extended the handler403 documentation. Added a paragraph on how to use the PermissionDenied exception to create a 403 response and use handler403. --- docs/topics/http/views.txt | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/docs/topics/http/views.txt b/docs/topics/http/views.txt index 7c4d1bbb6e..caa2882f37 100644 --- a/docs/topics/http/views.txt +++ b/docs/topics/http/views.txt @@ -209,6 +209,17 @@ This view loads and renders the template ``403.html`` in your root template directory, or if this file does not exist, instead serves the text "403 Forbidden", as per :rfc:`2616` (the HTTP 1.1 Specification). +``django.views.defaults.permission_denied`` is triggered by a +:exc:`~django.core.exceptions.PermissionDenied` exception. To deny access in a +view you can use code like this:: + + from django.core.exceptions import PermissionDenied + + def edit(request, pk): + if not request.user.is_staff: + raise PermissionDenied + # ... + It is possible to override ``django.views.defaults.permission_denied`` in the same way you can for the 404 and 500 views by specifying a ``handler403`` in your URLconf::