Fixed #29683 -- Added view permission to docs.
This commit is contained in:
parent
fb2964a410
commit
e40e7026ca
|
@ -43,6 +43,7 @@ class Permission(models.Model):
|
||||||
- The "change" permission limits a user's ability to view the change
|
- The "change" permission limits a user's ability to view the change
|
||||||
list, view the "change" form and change an object.
|
list, view the "change" form and change an object.
|
||||||
- The "delete" permission limits the ability to delete an object.
|
- The "delete" permission limits the ability to delete an object.
|
||||||
|
- The "view" permission limits the ability to view an object.
|
||||||
|
|
||||||
Permissions are set globally per type of object, not per specific object
|
Permissions are set globally per type of object, not per specific object
|
||||||
instance. It is possible to say "Mary may change news stories," but it's
|
instance. It is possible to say "Mary may change news stories," but it's
|
||||||
|
@ -50,8 +51,7 @@ class Permission(models.Model):
|
||||||
ones she created herself" or "Mary may only change news stories that have a
|
ones she created herself" or "Mary may only change news stories that have a
|
||||||
certain status or publication date."
|
certain status or publication date."
|
||||||
|
|
||||||
Three basic permissions -- add, change and delete -- are automatically
|
The permissions listed above are automatically created for each model.
|
||||||
created for each Django model.
|
|
||||||
"""
|
"""
|
||||||
name = models.CharField(_('name'), max_length=255)
|
name = models.CharField(_('name'), max_length=255)
|
||||||
content_type = models.ForeignKey(
|
content_type = models.ForeignKey(
|
||||||
|
|
|
@ -273,14 +273,13 @@ Custom permissions
|
||||||
To create custom permissions for a given model object, use the ``permissions``
|
To create custom permissions for a given model object, use the ``permissions``
|
||||||
:ref:`model Meta attribute <meta-options>`.
|
:ref:`model Meta attribute <meta-options>`.
|
||||||
|
|
||||||
This example Task model creates three custom permissions, i.e., actions users
|
This example ``Task`` model creates two custom permissions, i.e., actions users
|
||||||
can or cannot do with Task instances, specific to your application::
|
can or cannot do with ``Task`` instances, specific to your application::
|
||||||
|
|
||||||
class Task(models.Model):
|
class Task(models.Model):
|
||||||
...
|
...
|
||||||
class Meta:
|
class Meta:
|
||||||
permissions = (
|
permissions = (
|
||||||
("view_task", "Can see available tasks"),
|
|
||||||
("change_task_status", "Can change the status of tasks"),
|
("change_task_status", "Can change the status of tasks"),
|
||||||
("close_task", "Can remove a task by setting its status as closed"),
|
("close_task", "Can remove a task by setting its status as closed"),
|
||||||
)
|
)
|
||||||
|
@ -289,11 +288,11 @@ The only thing this does is create those extra permissions when you run
|
||||||
:djadmin:`manage.py migrate <migrate>` (the function that creates permissions
|
:djadmin:`manage.py migrate <migrate>` (the function that creates permissions
|
||||||
is connected to the :data:`~django.db.models.signals.post_migrate` signal).
|
is connected to the :data:`~django.db.models.signals.post_migrate` signal).
|
||||||
Your code is in charge of checking the value of these permissions when a user
|
Your code is in charge of checking the value of these permissions when a user
|
||||||
is trying to access the functionality provided by the application (viewing
|
is trying to access the functionality provided by the application (changing the
|
||||||
tasks, changing the status of tasks, closing tasks.) Continuing the above
|
status of tasks or closing tasks.) Continuing the above example, the following
|
||||||
example, the following checks if a user may view tasks::
|
checks if a user may close tasks::
|
||||||
|
|
||||||
user.has_perm('app.view_task')
|
user.has_perm('app.close_task')
|
||||||
|
|
||||||
.. _extending-user:
|
.. _extending-user:
|
||||||
|
|
||||||
|
|
|
@ -196,8 +196,8 @@ Default permissions
|
||||||
-------------------
|
-------------------
|
||||||
|
|
||||||
When ``django.contrib.auth`` is listed in your :setting:`INSTALLED_APPS`
|
When ``django.contrib.auth`` is listed in your :setting:`INSTALLED_APPS`
|
||||||
setting, it will ensure that three default permissions -- add, change and
|
setting, it will ensure that four default permissions -- add, change, delete,
|
||||||
delete -- are created for each Django model defined in one of your installed
|
and view -- are created for each Django model defined in one of your installed
|
||||||
applications.
|
applications.
|
||||||
|
|
||||||
These permissions will be created when you run :djadmin:`manage.py migrate
|
These permissions will be created when you run :djadmin:`manage.py migrate
|
||||||
|
|
|
@ -249,7 +249,7 @@ Advanced features of ``TransactionTestCase``
|
||||||
By default, ``available_apps`` is set to ``None``. After each test, Django
|
By default, ``available_apps`` is set to ``None``. After each test, Django
|
||||||
calls :djadmin:`flush` to reset the database state. This empties all tables
|
calls :djadmin:`flush` to reset the database state. This empties all tables
|
||||||
and emits the :data:`~django.db.models.signals.post_migrate` signal, which
|
and emits the :data:`~django.db.models.signals.post_migrate` signal, which
|
||||||
re-creates one content type and three permissions for each model. This
|
recreates one content type and four permissions for each model. This
|
||||||
operation gets expensive proportionally to the number of models.
|
operation gets expensive proportionally to the number of models.
|
||||||
|
|
||||||
Setting ``available_apps`` to a list of applications instructs Django to
|
Setting ``available_apps`` to a list of applications instructs Django to
|
||||||
|
|
Loading…
Reference in New Issue