On Tuesday 28 March 2017 03:52:59 guettli wrote: > Am Montag, 27. März 2017 16:11:06 UTC+2 schrieb Melvyn Sopacua: > > On Friday 24 March 2017 04:31:32 guettli wrote: > > > I know this is a crazy idea, and it will get the "won't fix" tag > > > very > > > > > > soon. > > > > > > > > > > > > Nevertheless I want to speak it out. > > > > > > > > > > > > My use case: Get a queryset of users who have a given permission. > > > > I'm still thinking about this use case. > > > > Cause it's not for normal use - you don't normally use permissions > > as > > data, you use permissions to deny / allow access to data. > > > > So, you're already in the "specialized" corner. > > I can use more words, to make this use case more colorful. > > Imagine a approval workflow: Only some users are allowed to do the > approval. > > An invoice instance needs to be forwarded to someone with the matching > permissions.
>From an object perspective, you need to send the invoice to the group >"Approvers". Again, best solved at the group level. And it's questionable if superusers should be in there. They are the equivalent of the Posix 'root' user, which has the power to lock/unlock everything in and about the system. Data privilege and system privilege are always in fight and in this case it's questionable if superusers should automatically be Approvers and while they still could do it, the UI shouldn't present them. As said, a good group structure solves a lot of your problems - in fact you wouldn't need a user selection to begin with, as the mail can simply be sent to all members of the Approvers group. -- Melvyn Sopacua -- You received this message because you are subscribed to the Google Groups "Django developers (Contributions to Django itself)" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-developers+unsubscr...@googlegroups.com. To post to this group, send email to django-developers@googlegroups.com. Visit this group at https://groups.google.com/group/django-developers. To view this discussion on the web visit https://groups.google.com/d/msgid/django-developers/1596191.7V5LMPvmps%40devstation. For more options, visit https://groups.google.com/d/optout.
