Menu
Why does Django redirects user to login page when trying to access pages protected by permissions? Wouldn't it make more sense to raise 403? Then I could display meaningful message in 403.html (using custom middleware) to user saying they don't have permissions to perform the action. Also I would be able to identify links to views that user shouldn't even be presented with at first place or users trying to access forbidden resources.
510
For future googlers, the permission_required decorator accepts an optional raise_exception keyword argument that will trigger a 403 if the user doesn't have the appropriate permission.
84
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
