tickets: 25656
This data as json
| id | created | changetime | last_pulled_from_trac | stage | status | component | type | severity | version | resolution | summary | description | owner | reporter | keywords | easy | has_patch | needs_better_patch | needs_tests | needs_docs | ui_ux |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 25656 | 2015-10-31 20:12:34 | 2015-10-31 22:29:32 | 2022-03-06 04:41:51.795561 | Accepted | assigned | contrib.admin | Bug | Normal | dev | Recent Actions admin section contains link to edit form even when user does not have edit permission | Steps to reproduce: - Login to admin with user that has add-only permission to certain model - Create an instance of this model - See that there is new logline within "Recent Actions" which contains link to edit form and results in 403 Forbidden. This is something similar to what has been spotted by Tim Graham during https://github.com/django/django/pull/5244 review so perhaps it will be handy to fix it after PR 5244 is merged so one can extend {{{test_no_forbidden_links_visible}}} test with checks for this ticket. | bak1an | bak1an | 0 | 0 | 0 | 0 | 0 | 0 |