Ticket #3011: #3011-extendable_auth_user-1.4.diff
| File #3011-extendable_auth_user-1.4.diff, 35.8 KB (added by , 13 years ago) |
|---|
-
django/contrib/admin/sites.py
diff --git a/django/contrib/admin/sites.py b/django/contrib/admin/sites.py index 83a0869..0cc92e3 100644
1 1 from functools import update_wrapper 2 2 from django import http 3 3 from django.contrib.admin import ModelAdmin, actions 4 from django.contrib.admin.forms import AdminAuthenticationForm5 4 from django.contrib.auth import REDIRECT_FIELD_NAME 6 5 from django.contrib.contenttypes import views as contenttype_views 7 6 from django.views.decorators.csrf import csrf_protect … … class AdminSite(object): 307 306 Displays the login form for the given HttpRequest. 308 307 """ 309 308 from django.contrib.auth.views import login 309 from django.contrib.admin.forms import AdminAuthenticationForm 310 310 context = { 311 311 'title': _('Log in'), 312 312 'app_path': request.get_full_path(), -
new file django/contrib/auth/base.py
diff --git a/django/contrib/auth/base.py b/django/contrib/auth/base.py new file mode 100644 index 0000000..c919822
- + 1 import urllib 2 3 from django.core.exceptions import ImproperlyConfigured 4 from django.core.mail import send_mail 5 from django.db import models 6 from django.db.models.manager import EmptyManager 7 from django.utils.crypto import get_random_string 8 from django.utils.encoding import smart_str 9 from django.utils.translation import ugettext_lazy as _ 10 from django.utils import timezone 11 12 from django.contrib import auth 13 # UNUSABLE_PASSWORD is still imported here for backwards compatibility 14 from django.contrib.auth.hashers import ( 15 check_password, make_password, is_password_usable, UNUSABLE_PASSWORD) 16 from django.contrib.auth.signals import user_logged_in 17 from django.contrib.contenttypes.models import ContentType 18 19 20 def update_last_login(sender, user, **kwargs): 21 """ 22 A signal receiver which updates the last_login date for 23 the user logging in. 24 """ 25 user.last_login = timezone.now() 26 user.save() 27 user_logged_in.connect(update_last_login) 28 29 30 class SiteProfileNotAvailable(Exception): 31 pass 32 33 34 class PermissionManager(models.Manager): 35 def get_by_natural_key(self, codename, app_label, model): 36 return self.get( 37 codename=codename, 38 content_type=ContentType.objects.get_by_natural_key(app_label, 39 model), 40 ) 41 42 43 class Permission(models.Model): 44 """ 45 The permissions system provides a way to assign permissions to specific 46 users and groups of users. 47 48 The permission system is used by the Django admin site, but may also be 49 useful in your own code. The Django admin site uses permissions as follows: 50 51 - The "add" permission limits the user's ability to view the "add" form 52 and add an object. 53 - The "change" permission limits a user's ability to view the change 54 list, view the "change" form and change an object. 55 - The "delete" permission limits the ability to delete an object. 56 57 Permissions are set globally per type of object, not per specific object 58 instance. It is possible to say "Mary may change news stories," but it's 59 not currently possible to say "Mary may change news stories, but only the 60 ones she created herself" or "Mary may only change news stories that have a 61 certain status or publication date." 62 63 Three basic permissions -- add, change and delete -- are automatically 64 created for each Django model. 65 """ 66 name = models.CharField(_('name'), max_length=50) 67 content_type = models.ForeignKey(ContentType) 68 codename = models.CharField(_('codename'), max_length=100) 69 objects = PermissionManager() 70 71 class Meta: 72 verbose_name = _('permission') 73 verbose_name_plural = _('permissions') 74 unique_together = (('content_type', 'codename'),) 75 ordering = ('content_type__app_label', 'content_type__model', 76 'codename') 77 78 def __unicode__(self): 79 return u"%s | %s | %s" % ( 80 unicode(self.content_type.app_label), 81 unicode(self.content_type), 82 unicode(self.name)) 83 84 def natural_key(self): 85 return (self.codename,) + self.content_type.natural_key() 86 natural_key.dependencies = ['contenttypes.contenttype'] 87 88 89 class Group(models.Model): 90 """ 91 Groups are a generic way of categorizing users to apply permissions, or 92 some other label, to those users. A user can belong to any number of 93 groups. 94 95 A user in a group automatically has all the permissions granted to that 96 group. For example, if the group Site editors has the permission 97 can_edit_home_page, any user in that group will have that permission. 98 99 Beyond permissions, groups are a convenient way to categorize users to 100 apply some label, or extended functionality, to them. For example, you 101 could create a group 'Special users', and you could write code that would 102 do special things to those users -- such as giving them access to a 103 members-only portion of your site, or sending them members-only email 104 messages. 105 """ 106 name = models.CharField(_('name'), max_length=80, unique=True) 107 permissions = models.ManyToManyField(Permission, 108 verbose_name=_('permissions'), blank=True) 109 110 class Meta: 111 verbose_name = _('group') 112 verbose_name_plural = _('groups') 113 114 def __unicode__(self): 115 return self.name 116 117 118 class UserManager(models.Manager): 119 def create_user(self, username, email=None, password=None): 120 """ 121 Creates and saves a User with the given username, email and password. 122 """ 123 now = timezone.now() 124 125 # Normalize the address by lowercasing the domain part of the email 126 # address. 127 email = email or '' 128 try: 129 email_name, domain_part = email.strip().split('@', 1) 130 except ValueError: 131 pass 132 else: 133 email = '@'.join([email_name, domain_part.lower()]) 134 135 user = self.model(username=username, email=email, is_staff=False, 136 is_active=True, is_superuser=False, last_login=now, 137 date_joined=now) 138 139 user.set_password(password) 140 user.save(using=self._db) 141 return user 142 143 def create_superuser(self, username, email, password): 144 u = self.create_user(username, email, password) 145 u.is_staff = True 146 u.is_active = True 147 u.is_superuser = True 148 u.save(using=self._db) 149 return u 150 151 def make_random_password(self, length=10, 152 allowed_chars='abcdefghjkmnpqrstuvwxyz' 153 'ABCDEFGHJKLMNPQRSTUVWXYZ' 154 '23456789'): 155 """ 156 Generates a random password with the given length and given 157 allowed_chars. Note that the default value of allowed_chars does not 158 have "I" or "O" or letters and digits that look similar -- just to 159 avoid confusion. 160 """ 161 return get_random_string(length, allowed_chars) 162 163 164 # A few helper functions for common logic between User and AnonymousUser. 165 def _user_get_all_permissions(user, obj): 166 permissions = set() 167 for backend in auth.get_backends(): 168 if hasattr(backend, "get_all_permissions"): 169 if obj is not None: 170 permissions.update(backend.get_all_permissions(user, obj)) 171 else: 172 permissions.update(backend.get_all_permissions(user)) 173 return permissions 174 175 176 def _user_has_perm(user, perm, obj): 177 anon = user.is_anonymous() 178 active = user.is_active 179 for backend in auth.get_backends(): 180 if anon or active or backend.supports_inactive_user: 181 if hasattr(backend, "has_perm"): 182 if obj is not None: 183 if backend.has_perm(user, perm, obj): 184 return True 185 else: 186 if backend.has_perm(user, perm): 187 return True 188 return False 189 190 191 def _user_has_module_perms(user, app_label): 192 anon = user.is_anonymous() 193 active = user.is_active 194 for backend in auth.get_backends(): 195 if anon or active or backend.supports_inactive_user: 196 if hasattr(backend, "has_module_perms"): 197 if backend.has_module_perms(user, app_label): 198 return True 199 return False 200 201 202 class UserTemplate(models.Model): 203 """ 204 Users within the Django authentication system are represented by this 205 model. 206 207 Username and password are required. Other fields are optional. 208 """ 209 username = models.CharField(_('username'), max_length=30, unique=True, 210 help_text=_('Required. 30 characters or fewer. Letters, numbers and ' 211 '@/./+/-/_ characters')) 212 first_name = models.CharField(_('first name'), max_length=30, blank=True) 213 last_name = models.CharField(_('last name'), max_length=30, blank=True) 214 email = models.EmailField(_('e-mail address'), blank=True) 215 password = models.CharField(_('password'), max_length=128) 216 is_staff = models.BooleanField(_('staff status'), default=False, 217 help_text=_('Designates whether the user can log into this admin ' 218 'site.')) 219 is_active = models.BooleanField(_('active'), default=True, 220 help_text=_('Designates whether this user should be treated as ' 221 'active. Unselect this instead of deleting accounts.')) 222 is_superuser = models.BooleanField(_('superuser status'), default=False, 223 help_text=_('Designates that this user has all permissions without ' 224 'explicitly assigning them.')) 225 last_login = models.DateTimeField(_('last login'), default=timezone.now) 226 date_joined = models.DateTimeField(_('date joined'), default=timezone.now) 227 groups = models.ManyToManyField(Group, verbose_name=_('groups'), 228 blank=True, help_text=_('The groups this user belongs to. A user will ' 229 'get all permissions granted to each of ' 230 'his/her group.')) 231 user_permissions = models.ManyToManyField(Permission, 232 verbose_name=_('user permissions'), blank=True, 233 help_text='Specific permissions for this user.') 234 objects = UserManager() 235 236 class Meta: 237 abstract = True 238 239 def __unicode__(self): 240 return self.username 241 242 def get_absolute_url(self): 243 return "/users/%s/" % urllib.quote(smart_str(self.username)) 244 245 def is_anonymous(self): 246 """ 247 Always returns False. This is a way of comparing User objects to 248 anonymous users. 249 """ 250 return False 251 252 def is_authenticated(self): 253 """ 254 Always return True. This is a way to tell if the user has been 255 authenticated in templates. 256 """ 257 return True 258 259 def get_full_name(self): 260 """ 261 Returns the first_name plus the last_name, with a space in between. 262 """ 263 full_name = u'%s %s' % (self.first_name, self.last_name) 264 return full_name.strip() 265 266 def set_password(self, raw_password): 267 self.password = make_password(raw_password) 268 269 def check_password(self, raw_password): 270 """ 271 Returns a boolean of whether the raw_password was correct. Handles 272 hashing formats behind the scenes. 273 """ 274 def setter(raw_password): 275 self.set_password(raw_password) 276 self.save() 277 return check_password(raw_password, self.password, setter) 278 279 def set_unusable_password(self): 280 # Sets a value that will never be a valid hash 281 self.password = make_password(None) 282 283 def has_usable_password(self): 284 return is_password_usable(self.password) 285 286 def get_group_permissions(self, obj=None): 287 """ 288 Returns a list of permission strings that this user has through his/her 289 groups. This method queries all available auth backends. If an object 290 is passed in, only permissions matching this object are returned. 291 """ 292 permissions = set() 293 for backend in auth.get_backends(): 294 if hasattr(backend, "get_group_permissions"): 295 if obj is not None: 296 permissions.update(backend.get_group_permissions(self, 297 obj)) 298 else: 299 permissions.update(backend.get_group_permissions(self)) 300 return permissions 301 302 def get_all_permissions(self, obj=None): 303 return _user_get_all_permissions(self, obj) 304 305 def has_perm(self, perm, obj=None): 306 """ 307 Returns True if the user has the specified permission. This method 308 queries all available auth backends, but returns immediately if any 309 backend returns True. Thus, a user who has permission from a single 310 auth backend is assumed to have permission in general. If an object is 311 provided, permissions for this specific object are checked. 312 """ 313 314 # Active superusers have all permissions. 315 if self.is_active and self.is_superuser: 316 return True 317 318 # Otherwise we need to check the backends. 319 return _user_has_perm(self, perm, obj) 320 321 def has_perms(self, perm_list, obj=None): 322 """ 323 Returns True if the user has each of the specified permissions. If 324 object is passed, it checks if the user has all required perms for this 325 object. 326 """ 327 for perm in perm_list: 328 if not self.has_perm(perm, obj): 329 return False 330 return True 331 332 def has_module_perms(self, app_label): 333 """ 334 Returns True if the user has any permissions in the given app label. 335 Uses pretty much the same logic as has_perm, above. 336 """ 337 # Active superusers have all permissions. 338 if self.is_active and self.is_superuser: 339 return True 340 341 return _user_has_module_perms(self, app_label) 342 343 def email_user(self, subject, message, from_email=None): 344 """ 345 Sends an email to this User. 346 """ 347 send_mail(subject, message, from_email, [self.email]) 348 349 def get_profile(self): 350 """ 351 Returns site-specific profile for this user. Raises 352 SiteProfileNotAvailable if this site does not allow profiles. 353 """ 354 if not hasattr(self, '_profile_cache'): 355 from django.conf import settings 356 if not getattr(settings, 'AUTH_PROFILE_MODULE', False): 357 raise SiteProfileNotAvailable( 358 'You need to set AUTH_PROFILE_MODULE in your project ' 359 'settings') 360 try: 361 app_label, model_name = settings.AUTH_PROFILE_MODULE.split('.') 362 except ValueError: 363 raise SiteProfileNotAvailable( 364 'app_label and model_name should be separated by a dot in ' 365 'the AUTH_PROFILE_MODULE setting') 366 try: 367 model = models.get_model(app_label, model_name) 368 if model is None: 369 raise SiteProfileNotAvailable( 370 'Unable to load the profile model, check ' 371 'AUTH_PROFILE_MODULE in your project settings') 372 self._profile_cache = model._default_manager.using( 373 self._state.db).get(user__id__exact=self.id) 374 self._profile_cache.user = self 375 except (ImportError, ImproperlyConfigured): 376 raise SiteProfileNotAvailable 377 return self._profile_cache 378 379 380 class AnonymousUser(object): 381 id = None 382 username = '' 383 is_staff = False 384 is_active = False 385 is_superuser = False 386 _groups = EmptyManager() 387 _user_permissions = EmptyManager() 388 389 def __init__(self): 390 pass 391 392 def __unicode__(self): 393 return 'AnonymousUser' 394 395 def __str__(self): 396 return unicode(self).encode('utf-8') 397 398 def __eq__(self, other): 399 return isinstance(other, self.__class__) 400 401 def __ne__(self, other): 402 return not self.__eq__(other) 403 404 def __hash__(self): 405 return 1 # instances always return the same hash value 406 407 def save(self): 408 raise NotImplementedError 409 410 def delete(self): 411 raise NotImplementedError 412 413 def set_password(self, raw_password): 414 raise NotImplementedError 415 416 def check_password(self, raw_password): 417 raise NotImplementedError 418 419 def _get_groups(self): 420 return self._groups 421 groups = property(_get_groups) 422 423 def _get_user_permissions(self): 424 return self._user_permissions 425 user_permissions = property(_get_user_permissions) 426 427 def get_group_permissions(self, obj=None): 428 return set() 429 430 def get_all_permissions(self, obj=None): 431 return _user_get_all_permissions(self, obj=obj) 432 433 def has_perm(self, perm, obj=None): 434 return _user_has_perm(self, perm, obj=obj) 435 436 def has_perms(self, perm_list, obj=None): 437 for perm in perm_list: 438 if not self.has_perm(perm, obj): 439 return False 440 return True 441 442 def has_module_perms(self, module): 443 return _user_has_module_perms(self, module) 444 445 def is_anonymous(self): 446 return True 447 448 def is_authenticated(self): 449 return False -
django/contrib/auth/models.py
diff --git a/django/contrib/auth/models.py b/django/contrib/auth/models.py index 4bb8cad..6291350 100644
1 import urllib 2 3 from django.core.exceptions import ImproperlyConfigured 4 from django.core.mail import send_mail 5 from django.db import models 6 from django.db.models.manager import EmptyManager 7 from django.utils.crypto import get_random_string 8 from django.utils.encoding import smart_str 1 from django.conf import settings 9 2 from django.utils.translation import ugettext_lazy as _ 10 from django.utils import timezone 11 12 from django.contrib import auth 13 # UNUSABLE_PASSWORD is still imported here for backwards compatibility 14 from django.contrib.auth.hashers import ( 15 check_password, make_password, is_password_usable, UNUSABLE_PASSWORD) 16 from django.contrib.auth.signals import user_logged_in 17 from django.contrib.contenttypes.models import ContentType 18 3 from django.core.exceptions import ImproperlyConfigured 19 4 20 def update_last_login(sender, user, **kwargs): 21 """ 22 A signal receiver which updates the last_login date for 23 the user logging in. 24 """ 25 user.last_login = timezone.now() 26 user.save() 27 user_logged_in.connect(update_last_login) 5 from django.contrib.auth.base import * 28 6 29 7 30 class SiteProfileNotAvailable(Exception):8 class AuthNotAvailable(Exception): 31 9 pass 32 10 33 11 34 class PermissionManager(models.Manager): 35 def get_by_natural_key(self, codename, app_label, model): 36 return self.get( 37 codename=codename, 38 content_type=ContentType.objects.get_by_natural_key(app_label, 39 model), 40 ) 41 42 43 class Permission(models.Model): 44 """ 45 The permissions system provides a way to assign permissions to specific 46 users and groups of users. 47 48 The permission system is used by the Django admin site, but may also be 49 useful in your own code. The Django admin site uses permissions as follows: 50 51 - The "add" permission limits the user's ability to view the "add" form 52 and add an object. 53 - The "change" permission limits a user's ability to view the change 54 list, view the "change" form and change an object. 55 - The "delete" permission limits the ability to delete an object. 56 57 Permissions are set globally per type of object, not per specific object 58 instance. It is possible to say "Mary may change news stories," but it's 59 not currently possible to say "Mary may change news stories, but only the 60 ones she created herself" or "Mary may only change news stories that have a 61 certain status or publication date." 62 63 Three basic permissions -- add, change and delete -- are automatically 64 created for each Django model. 65 """ 66 name = models.CharField(_('name'), max_length=50) 67 content_type = models.ForeignKey(ContentType) 68 codename = models.CharField(_('codename'), max_length=100) 69 objects = PermissionManager() 70 71 class Meta: 72 verbose_name = _('permission') 73 verbose_name_plural = _('permissions') 74 unique_together = (('content_type', 'codename'),) 75 ordering = ('content_type__app_label', 'content_type__model', 76 'codename') 77 78 def __unicode__(self): 79 return u"%s | %s | %s" % ( 80 unicode(self.content_type.app_label), 81 unicode(self.content_type), 82 unicode(self.name)) 83 84 def natural_key(self): 85 return (self.codename,) + self.content_type.natural_key() 86 natural_key.dependencies = ['contenttypes.contenttype'] 87 88 89 class Group(models.Model): 90 """ 91 Groups are a generic way of categorizing users to apply permissions, or 92 some other label, to those users. A user can belong to any number of 93 groups. 94 95 A user in a group automatically has all the permissions granted to that 96 group. For example, if the group Site editors has the permission 97 can_edit_home_page, any user in that group will have that permission. 98 99 Beyond permissions, groups are a convenient way to categorize users to 100 apply some label, or extended functionality, to them. For example, you 101 could create a group 'Special users', and you could write code that would 102 do special things to those users -- such as giving them access to a 103 members-only portion of your site, or sending them members-only email 104 messages. 105 """ 106 name = models.CharField(_('name'), max_length=80, unique=True) 107 permissions = models.ManyToManyField(Permission, 108 verbose_name=_('permissions'), blank=True) 109 110 class Meta: 111 verbose_name = _('group') 112 verbose_name_plural = _('groups') 113 114 def __unicode__(self): 115 return self.name 116 117 118 class UserManager(models.Manager): 119 def create_user(self, username, email=None, password=None): 120 """ 121 Creates and saves a User with the given username, email and password. 122 """ 123 now = timezone.now() 124 125 # Normalize the address by lowercasing the domain part of the email 126 # address. 127 email = email or '' 128 try: 129 email_name, domain_part = email.strip().split('@', 1) 130 except ValueError: 131 pass 132 else: 133 email = '@'.join([email_name, domain_part.lower()]) 134 135 user = self.model(username=username, email=email, is_staff=False, 136 is_active=True, is_superuser=False, last_login=now, 137 date_joined=now) 138 139 user.set_password(password) 140 user.save(using=self._db) 141 return user 142 143 def create_superuser(self, username, email, password): 144 u = self.create_user(username, email, password) 145 u.is_staff = True 146 u.is_active = True 147 u.is_superuser = True 148 u.save(using=self._db) 149 return u 150 151 def make_random_password(self, length=10, 152 allowed_chars='abcdefghjkmnpqrstuvwxyz' 153 'ABCDEFGHJKLMNPQRSTUVWXYZ' 154 '23456789'): 155 """ 156 Generates a random password with the given length and given 157 allowed_chars. Note that the default value of allowed_chars does not 158 have "I" or "O" or letters and digits that look similar -- just to 159 avoid confusion. 160 """ 161 return get_random_string(length, allowed_chars) 162 163 164 # A few helper functions for common logic between User and AnonymousUser. 165 def _user_get_all_permissions(user, obj): 166 permissions = set() 167 for backend in auth.get_backends(): 168 if hasattr(backend, "get_all_permissions"): 169 if obj is not None: 170 permissions.update(backend.get_all_permissions(user, obj)) 171 else: 172 permissions.update(backend.get_all_permissions(user)) 173 return permissions 174 175 176 def _user_has_perm(user, perm, obj): 177 anon = user.is_anonymous() 178 active = user.is_active 179 for backend in auth.get_backends(): 180 if anon or active or backend.supports_inactive_user: 181 if hasattr(backend, "has_perm"): 182 if obj is not None: 183 if backend.has_perm(user, perm, obj): 184 return True 185 else: 186 if backend.has_perm(user, perm): 187 return True 188 return False 189 190 191 def _user_has_module_perms(user, app_label): 192 anon = user.is_anonymous() 193 active = user.is_active 194 for backend in auth.get_backends(): 195 if anon or active or backend.supports_inactive_user: 196 if hasattr(backend, "has_module_perms"): 197 if backend.has_module_perms(user, app_label): 198 return True 199 return False 200 201 202 class User(models.Model): 203 """ 204 Users within the Django authentication system are represented by this 205 model. 206 207 Username and password are required. Other fields are optional. 208 """ 209 username = models.CharField(_('username'), max_length=30, unique=True, 210 help_text=_('Required. 30 characters or fewer. Letters, numbers and ' 211 '@/./+/-/_ characters')) 212 first_name = models.CharField(_('first name'), max_length=60, blank=True) 213 last_name = models.CharField(_('last name'), max_length=60, blank=True) 214 email = models.EmailField(_('e-mail address'), max_length=255, blank=True) 215 password = models.CharField(_('password'), max_length=128) 216 is_staff = models.BooleanField(_('staff status'), default=False, 217 help_text=_('Designates whether the user can log into this admin ' 218 'site.')) 219 is_active = models.BooleanField(_('active'), default=True, 220 help_text=_('Designates whether this user should be treated as ' 221 'active. Unselect this instead of deleting accounts.')) 222 is_superuser = models.BooleanField(_('superuser status'), default=False, 223 help_text=_('Designates that this user has all permissions without ' 224 'explicitly assigning them.')) 225 last_login = models.DateTimeField(_('last login'), default=timezone.now) 226 date_joined = models.DateTimeField(_('date joined'), default=timezone.now) 227 groups = models.ManyToManyField(Group, verbose_name=_('groups'), 228 blank=True, help_text=_('The groups this user belongs to. A user will ' 229 'get all permissions granted to each of ' 230 'his/her group.')) 231 user_permissions = models.ManyToManyField(Permission, 232 verbose_name=_('user permissions'), blank=True, 233 help_text='Specific permissions for this user.') 234 objects = UserManager() 235 236 class Meta: 237 verbose_name = _('user') 238 verbose_name_plural = _('users') 239 240 def __unicode__(self): 241 return self.username 242 243 def get_absolute_url(self): 244 return "/users/%s/" % urllib.quote(smart_str(self.username)) 245 246 def is_anonymous(self): 247 """ 248 Always returns False. This is a way of comparing User objects to 249 anonymous users. 250 """ 251 return False 252 253 def is_authenticated(self): 254 """ 255 Always return True. This is a way to tell if the user has been 256 authenticated in templates. 257 """ 258 return True 259 260 def get_full_name(self): 261 """ 262 Returns the first_name plus the last_name, with a space in between. 263 """ 264 full_name = u'%s %s' % (self.first_name, self.last_name) 265 return full_name.strip() 266 267 def set_password(self, raw_password): 268 self.password = make_password(raw_password) 269 270 def check_password(self, raw_password): 271 """ 272 Returns a boolean of whether the raw_password was correct. Handles 273 hashing formats behind the scenes. 274 """ 275 def setter(raw_password): 276 self.set_password(raw_password) 277 self.save() 278 return check_password(raw_password, self.password, setter) 279 280 def set_unusable_password(self): 281 # Sets a value that will never be a valid hash 282 self.password = make_password(None) 283 284 def has_usable_password(self): 285 return is_password_usable(self.password) 286 287 def get_group_permissions(self, obj=None): 288 """ 289 Returns a list of permission strings that this user has through his/her 290 groups. This method queries all available auth backends. If an object 291 is passed in, only permissions matching this object are returned. 292 """ 293 permissions = set() 294 for backend in auth.get_backends(): 295 if hasattr(backend, "get_group_permissions"): 296 if obj is not None: 297 permissions.update(backend.get_group_permissions(self, 298 obj)) 299 else: 300 permissions.update(backend.get_group_permissions(self)) 301 return permissions 302 303 def get_all_permissions(self, obj=None): 304 return _user_get_all_permissions(self, obj) 305 306 def has_perm(self, perm, obj=None): 307 """ 308 Returns True if the user has the specified permission. This method 309 queries all available auth backends, but returns immediately if any 310 backend returns True. Thus, a user who has permission from a single 311 auth backend is assumed to have permission in general. If an object is 312 provided, permissions for this specific object are checked. 313 """ 314 315 # Active superusers have all permissions. 316 if self.is_active and self.is_superuser: 317 return True 318 319 # Otherwise we need to check the backends. 320 return _user_has_perm(self, perm, obj) 321 322 def has_perms(self, perm_list, obj=None): 323 """ 324 Returns True if the user has each of the specified permissions. If 325 object is passed, it checks if the user has all required perms for this 326 object. 327 """ 328 for perm in perm_list: 329 if not self.has_perm(perm, obj): 330 return False 331 return True 332 333 def has_module_perms(self, app_label): 334 """ 335 Returns True if the user has any permissions in the given app label. 336 Uses pretty much the same logic as has_perm, above. 337 """ 338 # Active superusers have all permissions. 339 if self.is_active and self.is_superuser: 340 return True 341 342 return _user_has_module_perms(self, app_label) 343 344 def email_user(self, subject, message, from_email=None): 345 """ 346 Sends an email to this User. 347 """ 348 send_mail(subject, message, from_email, [self.email]) 349 350 def get_profile(self): 351 """ 352 Returns site-specific profile for this user. Raises 353 SiteProfileNotAvailable if this site does not allow profiles. 354 """ 355 if not hasattr(self, '_profile_cache'): 356 from django.conf import settings 357 if not getattr(settings, 'AUTH_PROFILE_MODULE', False): 358 raise SiteProfileNotAvailable( 359 'You need to set AUTH_PROFILE_MODULE in your project ' 360 'settings') 361 try: 362 app_label, model_name = settings.AUTH_PROFILE_MODULE.split('.') 363 except ValueError: 364 raise SiteProfileNotAvailable( 365 'app_label and model_name should be separated by a dot in ' 366 'the AUTH_PROFILE_MODULE setting') 367 try: 368 model = models.get_model(app_label, model_name) 369 if model is None: 370 raise SiteProfileNotAvailable( 371 'Unable to load the profile model, check ' 372 'AUTH_PROFILE_MODULE in your project settings') 373 self._profile_cache = model._default_manager.using( 374 self._state.db).get(user__id__exact=self.id) 375 self._profile_cache.user = self 376 except (ImportError, ImproperlyConfigured): 377 raise SiteProfileNotAvailable 378 return self._profile_cache 379 380 381 class AnonymousUser(object): 382 id = None 383 username = '' 384 is_staff = False 385 is_active = False 386 is_superuser = False 387 _groups = EmptyManager() 388 _user_permissions = EmptyManager() 389 390 def __init__(self): 391 pass 392 393 def __unicode__(self): 394 return 'AnonymousUser' 395 396 def __str__(self): 397 return unicode(self).encode('utf-8') 398 399 def __eq__(self, other): 400 return isinstance(other, self.__class__) 401 402 def __ne__(self, other): 403 return not self.__eq__(other) 404 405 def __hash__(self): 406 return 1 # instances always return the same hash value 407 408 def save(self): 409 raise NotImplementedError 410 411 def delete(self): 412 raise NotImplementedError 413 414 def set_password(self, raw_password): 415 raise NotImplementedError 416 417 def check_password(self, raw_password): 418 raise NotImplementedError 419 420 def _get_groups(self): 421 return self._groups 422 groups = property(_get_groups) 423 424 def _get_user_permissions(self): 425 return self._user_permissions 426 user_permissions = property(_get_user_permissions) 427 428 def get_group_permissions(self, obj=None): 429 return set() 430 431 def get_all_permissions(self, obj=None): 432 return _user_get_all_permissions(self, obj=obj) 433 434 def has_perm(self, perm, obj=None): 435 return _user_has_perm(self, perm, obj=obj) 436 437 def has_perms(self, perm_list, obj=None): 438 for perm in perm_list: 439 if not self.has_perm(perm, obj): 440 return False 441 return True 442 443 def has_module_perms(self, module): 444 return _user_has_module_perms(self, module) 445 446 def is_anonymous(self): 447 return True 448 449 def is_authenticated(self): 450 return False 12 if hasattr(settings, 'AUTH_USER_MODULE'): 13 try: 14 app_label, model_name = settings.AUTH_USER_MODULE.split('.') 15 except ValueError: 16 raise AuthNotAvailable('app_label and model_name should' 17 ' be separated by a dot in the AUTH_USER_MODULE set' 18 'ting') 19 20 try: 21 # Grab the AUTH_USER_MODULE path and classname from the settings. 22 module = __import__(app_label + '.models', {}, {}, ['']) 23 # Store the user model so it is accessible with the standard 24 # 'from django.contrib.auth.models import User' 25 User = getattr(module, model_name, None) 26 27 if User is None: 28 raise AuthNotAvailable('Unable to load the user ' 29 'model, check AUTH_USER_MODULE in your project sett' 30 'ings') 31 except (ImportError, ImproperlyConfigured): 32 raise AuthNotAvailable 33 34 # Add te User model to the django models cache 35 # These two lines allow the custom auth_user model to play nicely with syncdb 36 # and other systems that rely on functions like 37 # django.db.models.loading.get_model(...) 38 from django.db.models.loading import cache 39 cache.register_models('auth', User) 40 41 # We need to remove whatever we used as the AUTH_USER_MODUlE from the 42 # db cache so apps like contenttypes don't think that it's part 43 # of contrib.auth 44 del cache.app_models['auth'][User.__name__.lower()] 45 else: 46 class User(UserTemplate): 47 class Meta: 48 verbose_name = _('user') 49 verbose_name_plural = _('users')