diff options
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/narr/security.rst | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/docs/narr/security.rst b/docs/narr/security.rst index 783810734..8b3427675 100644 --- a/docs/narr/security.rst +++ b/docs/narr/security.rst @@ -204,6 +204,13 @@ When a default permission is registered: and the view is registered *without* a permission (making it available to all callers regardless of their credentials). +.. warning:: + + When you register a default permission, *all* views (even :term:`exception + view` views) are protected by a permission. For all views which are truly + meant to be anonymously accessible, you will need to associate the view's + configuration with the ``__no_permission_required__`` permission. + .. index:: single: ACL single: access control list |