Fixed #11010 - Add a foundation for object permissions to authentication backends. Thanks to Florian Apolloner for writing the initial patch.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@11807 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2025-10-23 21:59:11 +00:00 · 2009-12-10 01:05:35 +00:00
parent 2c2f5aee4d
commit 9bf652dfd6
10 changed files with 253 additions and 98 deletions
--- a/docs/internals/deprecation.txt
+++ b/docs/internals/deprecation.txt
@@ -13,6 +13,10 @@ their deprecation, as per the :ref:`Django deprecation policy
          hooking up admin URLs.  This has been deprecated since the 1.1
          release.

+        * Authentication backends need to define the boolean attribute
+          ``supports_object_permissions``. The old backend style is deprecated
+          since the 1.2 release.
+
    * 1.4
        * ``CsrfResponseMiddleware``.  This has been deprecated since the 1.2
          release, in favour of the template tag method for inserting the CSRF
@@ -36,6 +40,10 @@ their deprecation, as per the :ref:`Django deprecation policy
          :ref:`messages framework <ref-contrib-messages>` should be used 
          instead.

+        * Authentication backends need to support the ``obj`` parameter for
+          permission checking. The ``supports_object_permissions`` variable
+          is not checked any longer and can be removed.
+
    * 2.0
        * ``django.views.defaults.shortcut()``. This function has been moved
          to ``django.contrib.contenttypes.views.shortcut()`` as part of the