Why does Django re开发者_开发技巧directs user to login page when trying to access pages protected by permissions? Wouldn't it make more sense to raise 403? Then I could display meaningful message in 403.html (using custom middleware) to user saying they don't have permissions to perform the action. Also I would be able to identify links to views that user shouldn't even be presented with at first place or users trying to access forbidden resources.
For future googlers, the permission_required decorator accepts an optional raise_exception keyword argument that will trigger a 403 if the user doesn't have the appropriate permission.
If you're talking about the login_required decorator, there's no reason you have to use that. You could write a similar decorator that did the very thing you're looking for (return a 403 response).
Unfortunately, the login_required decorator code is actually somewhat complex so it wouldn't be trivial to just copy/modify for your needs, as the redirect portion is actually within the user_passes_test function that they use.
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论