Fixed #12462 - Fixed edge case with auth backends that don't support object permissions. Thanks to Florian Apolloner for catching it.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@12032 bcc190cf-cafb-0310-a4f2-bffc1f526a37
This commit is contained in:
Jannis Leidel 2009-12-30 22:12:57 +00:00
parent f93657218c
commit 57d7181caa
2 changed files with 31 additions and 11 deletions

View File

@ -218,22 +218,26 @@ class User(models.Model):
permissions = set() permissions = set()
for backend in auth.get_backends(): for backend in auth.get_backends():
if hasattr(backend, "get_group_permissions"): if hasattr(backend, "get_group_permissions"):
if obj is not None and backend.supports_object_permissions: if obj is not None:
group_permissions = backend.get_group_permissions(self, obj) if backend.supports_object_permissions:
permissions.update(
backend.get_group_permissions(self, obj)
)
else: else:
group_permissions = backend.get_group_permissions(self) permissions.update(backend.get_group_permissions(self))
permissions.update(group_permissions)
return permissions return permissions
def get_all_permissions(self, obj=None): def get_all_permissions(self, obj=None):
permissions = set() permissions = set()
for backend in auth.get_backends(): for backend in auth.get_backends():
if hasattr(backend, "get_all_permissions"): if hasattr(backend, "get_all_permissions"):
if obj is not None and backend.supports_object_permissions: if obj is not None:
all_permissions = backend.get_all_permissions(self, obj) if backend.supports_object_permissions:
permissions.update(
backend.get_all_permissions(self, obj)
)
else: else:
all_permissions = backend.get_all_permissions(self) permissions.update(backend.get_all_permissions(self))
permissions.update(all_permissions)
return permissions return permissions
def has_perm(self, perm, obj=None): def has_perm(self, perm, obj=None):
@ -255,8 +259,9 @@ class User(models.Model):
# Otherwise we need to check the backends. # Otherwise we need to check the backends.
for backend in auth.get_backends(): for backend in auth.get_backends():
if hasattr(backend, "has_perm"): if hasattr(backend, "has_perm"):
if obj is not None and backend.supports_object_permissions: if obj is not None:
if backend.has_perm(self, perm, obj): if (backend.supports_object_permissions and
backend.has_perm(self, perm, obj)):
return True return True
else: else:
if backend.has_perm(self, perm): if backend.has_perm(self, perm):

View File

@ -69,6 +69,21 @@ class BackendTest(TestCase):
self.assertEqual(user.has_perm('test'), False) self.assertEqual(user.has_perm('test'), False)
self.assertEqual(user.has_perms(['auth.test2', 'auth.test3']), False) self.assertEqual(user.has_perms(['auth.test2', 'auth.test3']), False)
def test_has_no_object_perm(self):
"""Regressiontest for #12462"""
user = User.objects.get(username='test')
content_type=ContentType.objects.get_for_model(Group)
perm = Permission.objects.create(name='test', content_type=content_type, codename='test')
user.user_permissions.add(perm)
user.save()
self.assertEqual(user.has_perm('auth.test', 'object'), False)
self.assertEqual(user.get_all_permissions('object'), set([]))
self.assertEqual(user.has_perm('auth.test'), True)
self.assertEqual(user.get_all_permissions(), set(['auth.test']))
class TestObj(object): class TestObj(object):
pass pass