We should document (and add tests) for this behaviour and recommend the
following pattern to avoid the issue:
{{{#!python
@login_required
@permission_required('permission', raise_exception=True)
def view(request):
# ...
}}}
Documentation to be updated:
-
https://docs.djangoproject.com/en/2.0/topics/auth/default/#django.contrib.auth.views.LoginView
- https://docs.djangoproject.com/en/2.0/topics/auth/default/#the-
permission-required-decorator
--
Ticket URL: <https://code.djangoproject.com/ticket/29212>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
* status: new => assigned
* component: Uncategorized => Documentation
* version: 2.0 => master
* owner: nobody => Nick Pope
* has_patch: 0 => 1
* type: Uncategorized => Bug
Comment:
[https://github.com/django/django/pull/9774 PR]
--
Ticket URL: <https://code.djangoproject.com/ticket/29212#comment:1>
* stage: Unreviewed => Accepted
--
Ticket URL: <https://code.djangoproject.com/ticket/29212#comment:2>
* stage: Accepted => Ready for checkin
--
Ticket URL: <https://code.djangoproject.com/ticket/29212#comment:3>
* status: assigned => closed
* resolution: => fixed
Comment:
In [changeset:"df90e462d91d3a77aa89b69d791bf17c2bf7ff9b" df90e46]:
{{{
#!CommitTicketReference repository=""
revision="df90e462d91d3a77aa89b69d791bf17c2bf7ff9b"
Fixed #29212 -- Doc'd redirect loop if @permission_required used with
redirect_authenticated_user.
}}}
--
Ticket URL: <https://code.djangoproject.com/ticket/29212#comment:4>
Comment (by Tim Graham <timograham@…>):
In [changeset:"61fc315230d001faeebf5359308563023ada4948" 61fc315]:
{{{
#!CommitTicketReference repository=""
revision="61fc315230d001faeebf5359308563023ada4948"
[2.0.x] Fixed #29212 -- Doc'd redirect loop if @permission_required used
with redirect_authenticated_user.
Backport of df90e462d91d3a77aa89b69d791bf17c2bf7ff9b from master
}}}
--
Ticket URL: <https://code.djangoproject.com/ticket/29212#comment:5>