I think this makes sense - I would create a ticket in Trac.
On Wednesday, 17 June 2020 at 10:55:44 UTC+1 mike.d...@gmail.com wrote:
> Auth Groups are fabulous for designing access control into a project.
> However, success in such design relies heavily on either user memory or
> documentation.
>
> In my case it has to be documentation.
>
> To that end I believe the contrib.auth.Group model needs a comment field.
> That would let business administrators document what each group or role
> might be responsible for and then system admins could assign correct
> permissions accordingly.
>
> The change required in contrib.auth.models.py is a new line inserted in
> the Group class between "name" and "permissions" as follows ...
>
> comment = models.TextField(_("comment"), default="", blank=True)
>
> I see this as a security improvement because human error in assigning
> group permissions can make security holes.
>
> Cheers
>
> Mike
>
>
--
You received this message because you are subscribed to the Google Groups
"Django developers (Contributions to Django itself)" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to django-developers+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/django-developers/5f8675ba-a879-4ac9-aa99-b23370422f77n%40googlegroups.com.
