contrib.auth.Group comment

[Mike Dewhirst]

Auth Groups are fabulous for designing access control into a project. However, success in such design relies heavily on either user memory or documentation.

In my case it has to be documentation.

To that end I believe the contrib.auth.Group model needs a comment field. That would let business administrators document what each group or role might be responsible for and then system admins could assign correct permissions accordingly.

The change required in contrib.auth.models.py is a new line inserted in the Group class between "name" and "permissions" as follows ...

    comment = models.TextField(_("comment"), default="", blank=True)

I see this as a security improvement because human error in assigning group permissions can make security holes.

Cheers

Mike

[Tom Forbes]

I think this makes sense - I would create a ticket in Trac.