A CustomUser should have no groups that are in the same family tree.
Consider the following family tree of groups:
visd-staff
visd-user
visd-guest
The User needs only to belong to visd-staff that have that level of access to resources in the visd-user and visd-guest groups. Adding visd-user to the User's groups with throw off methods.
For this reason, when we call
user.groups.add()
two things need to happen:
1) If the add() function receives multiple groups that are in the same family tree, it only attempts to add the group that is highest in the hierarchy;
2) If the user's groups already include something in the same family tree as the group to add, it winds up with the one with the higher status.
So:
If we have a User with groups [] and we call user.groups.add(, ), first the add() function strips the *args down to , and it figures out that is higher status than , and so removes and adds .
The end result is to ensure that Users only have one group from each family tree in their list of groups.
A CustomUser should have no groups that are in the same family tree.
Consider the following family tree of groups:
visd-guest
The User needs only to belong to visd-staff that have that level of access to resources in the visd-user and visd-guest groups. Adding visd-user to the User's groups with throw off methods.
For this reason, when we call
two things need to happen:
1) If the add() function receives multiple groups that are in the same family tree, it only attempts to add the group that is highest in the hierarchy; 2) If the user's groups already include something in the same family tree as the group to add, it winds up with the one with the higher status.
So:
If we have a User with groups [] and we call user.groups.add(, ), first the add() function strips the *args down to , and it figures out that is higher status than , and so removes and adds .
The end result is to ensure that Users only have one group from each family tree in their list of groups.