Yep, still a bad idea. Permissions are by table not by row. Use generic views for basic CRUD.
Count László de Almásy wrote: > i've seen notes in some django documentation that implies that using / > admin/ for non-trusted users is not a good idea. which is unfortunate > since it seems like the admin interface is about 95% of what i want > for my users to be able to view and manipulate their sales > transactions data over the web. each user has their own table in the > db for transactions, and they can do whatever they want to their own > data. i wouldn't want them to be able to touch anyone else's tables, > but it seems like django has a permissions system to restrict that. > > with the latest django, is it still considered a bad idea to do this? > if so, what is the alternative, writing custom views to mimic what the > admin interface does? -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-us...@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
