With the merge of #23 , role based authorization is no longer a given. We should remove the roles relationship from the User mixin and make it a seperate opt-in.
Not only will this be cleaner, it will also allow for something like this wherever roles are integrated:
if not hasattr(request.user, 'roles'):
raise ImproperlyConfiguredException("user roles are not set up")
With the merge of #23 , role based authorization is no longer a given. We should remove the
roles
relationship from theUser
mixin and make it a seperate opt-in.Not only will this be cleaner, it will also allow for something like this wherever roles are integrated: