[1.5.X] Fixed #19230 -- Extended the handler403 documentation.

Backport of 0546794397 from master. Added a paragraph on how to use the PermissionDenied exception to create a 403 response and use handler403.
2012-11-03 17:04:53 +01:00 · 2012-11-03 17:04:53 +01:00 · 4b2fb7efea
parent b99707bded
commit 4b2fb7efea
1 changed files with 11 additions and 0 deletions
--- a/docs/topics/http/views.txt
+++ b/docs/topics/http/views.txt
@ -209,6 +209,17 @@ This view loads and renders the template ``403.html`` in your root template
 directory, or if this file does not exist, instead serves the text
 "403 Forbidden", as per :rfc:`2616` (the HTTP 1.1 Specification).

+``django.views.defaults.permission_denied`` is triggered by a
+:exc:`~django.core.exceptions.PermissionDenied` exception. To deny access in a
+view you can use code like this::
+
+    from django.core.exceptions import PermissionDenied
+
+    def edit(request, pk):
+        if not request.user.is_staff:
+            raise PermissionDenied
+        # ...
+
 It is possible to override ``django.views.defaults.permission_denied`` in the
 same way you can for the 404 and 500 views by specifying a ``handler403`` in
 your URLconf::