Oscar 0.7.2 release notes

This is Oscar 0.7.2, a minor security release. If you rely on the permissions_required decorator or the Application.permissions_map and Application.default_permissions syntax, you must upgrade.

Bug fixes

  • The permissions_required decorator now handles both methods and properties on the User model. Previously, it wasn’t supported, but a docstring showed is_anonymous as an example, which is a method.

  • It fixes a syntax error in basket.views.BasketView when rendering an error message. Previously, trying to save an item for later while not being logged in would cause an Internal Server Error.