When GroupRequiredMixin is used on a view, the superuser is blocked.
Can you expound on this? An example and explanation on what should be happening vs what is happening will make this go much quicker.
Hi Chris, thanks for looking into this!
Here is the problem I have:
Given the view below, If I run it and login as a superuser to update the content, the superuser is blocked.
I knew that the super has access to all resources in a django app so I was a bit surprised to notice this behavior.
class SomeUpdateView(LoginRequiredMixin, SuperuserRequiredMixin,
model = SomeModel
group_required = ("permission_one", "permission_two")
form_class = SomeUpdateForm
raise_exception = True
My solution is to add the following method to the class above:
def check_membership(self, group):
if self.request.user.is_superuser or \
name="permission_one") or \
I hope this explanation helps.
@jcuotpc Ahhh, I see it now. That's a bug. Superusers are considered to have all permissions. Groups are just collections of permissions. A superuser should always pass a group check. Shouldn't take me too long to get this fixed. I'm hoping to get a v1.4 out by mid-week next week and this will be included.