On Thursday 11 May 2017 21:59:48 Constantine Covtushenko wrote: > Let us check terms: > Anonymous User - is one that is not authenticated. It refers to > scenarios when someone opens site pages. Even robots can be such > users. > > Inactive Authenticated User - is one that successfully logged in.
*sigh*. Why would you allow that? Explain the upside. In a good system there are no inactive **authenticated** users. Also good luck restricting permissions for Anonymous users. The functionality exists for allowing anonymous users to do *more*. I'm not saying you can't do it. But if another authentication backend *grants* the permission, there really isn't anything you can do about it. Please try to understand the whole thing and not just the bible quotes that fit you. To prevent the anonymous user from doing things, you shall use LoginRequiredMixin or the corresponding decorator. -- Melvyn Sopacua -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscr...@googlegroups.com. To post to this group, send email to django-users@googlegroups.com. Visit this group at https://groups.google.com/group/django-users. To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/4768982.g57mVDMKmX%40devstation. For more options, visit https://groups.google.com/d/optout.
