On 9/27/06, Enrico <[EMAIL PROTECTED]> wrote: > > Hi all, > > I got a little confused about the auth docs. > Both is_staff and is_active designates that a user can log into the > admin, so... what's the real difference?
My (limited) understanding is that a User who `is_active` is a user in the system which may be able to access restricted views that you create (according to your specifications). However, that user cannot access the admin (usually a good thing). `is_staff` indicates that the user can access the admin. Of course, that only works when the user also `is_active`. The idea is that rather than deleting a user (staff or not), the record would remain in the db but would be set to "not active." Django is smart enough to know that a "non-active" user has no perms regardless of any other settings in that users records. As far as "super" goes, that is just a shortcut to give "staff" all perms. Otherwise, perms need to be manually set for each user (groups certainly make this easier). Obviously, if a user is not "staff" they could not be "super" either and Django is smart enough to figure that out. the "non-active" user stuff applies here as well. Hope that helps clear the fog. :-) -- ---- Waylan Limberg [EMAIL PROTECTED] --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users -~----------~----~----~----~------~----~------~--~---
