Open vtbassmatt opened 2 years ago
And actually, the whole thing is ill-designed. It's not clear what happens if there are two GameHostPermissions
objects with different bits set, for example. And the answer probably differs depending on exactly how the view access things ðŸ˜
Much better to switch to https://docs.djangoproject.com/en/4.1/topics/auth/default/#permissions-and-authorization
With the move to django-guardian
, the right primitives are in place. To do:
view_game
vs host_game
vs change_game
is universally employed and correctadd_game
is respected
Currently the
can_view
permission is completely unused. Also, haven't tested whether thecan_edit
/can_host
split is fully correct.