Actually, I told about server-side form processing, not client-side. When
client posts data, I always check permissions in a VIEW that receives it.
2009/10/20 Mike Ramirez
> On Tuesday 20 October 2009 11:47:51 Михаил Лукин wrote:
>
> > Next, we don't want 'edit' and 'change status' links to alwa
On Tuesday 20 October 2009 11:47:51 Михаил Лукин wrote:
> Next, we don't want 'edit' and 'change status' links to always appear on
> task detail page, so we pass 'can_edit' and 'can_change_status' flags to
> the template. But we never trust the browser, so in views 'task_edit' and
> 'task_change
Good idea, thanks Javier.
2009/10/20 Javier Guerra
>
> On Tue, Oct 20, 2009 at 1:47 PM, Михаил Лукин
> wrote:
> > What is your best practice in such situations?
>
> write a custom tag
>
> --
> Javier
>
> >
>
--
regards,
Mihail
--~--~-~--~~~---~--~~
You receiv
On Tue, Oct 20, 2009 at 1:47 PM, Михаил Лукин
wrote:
> What is your best practice in such situations?
write a custom tag
--
Javier
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to
There is a couple of models in auth application to check user permissions in
Django. But sometimes we need to grant permissions per instance, not per
model.
Example:
*class Employee(django.contrib.auth.models.User):
pass
class Task(models.Model):
summary = models.CharField(max_length=50)
des
5 matches
Mail list logo
