mirror of https://github.com/django/django.git
Fixed #18038 -- Removed the 'supports_inactive_user' backwards-compatibility flag. Thanks Aymeric Augustin for the initial patch and Ramiro Morales for the review.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17938 bcc190cf-cafb-0310-a4f2-bffc1f526a37
This commit is contained in:
parent
1858e47672
commit
be12c9e908
|
@ -1,4 +1,3 @@
|
||||||
from warnings import warn
|
|
||||||
from django.core.exceptions import ImproperlyConfigured
|
from django.core.exceptions import ImproperlyConfigured
|
||||||
from django.utils.importlib import import_module
|
from django.utils.importlib import import_module
|
||||||
from django.contrib.auth.signals import user_logged_in, user_logged_out
|
from django.contrib.auth.signals import user_logged_in, user_logged_out
|
||||||
|
@ -20,11 +19,6 @@ def load_backend(path):
|
||||||
cls = getattr(mod, attr)
|
cls = getattr(mod, attr)
|
||||||
except AttributeError:
|
except AttributeError:
|
||||||
raise ImproperlyConfigured('Module "%s" does not define a "%s" authentication backend' % (module, attr))
|
raise ImproperlyConfigured('Module "%s" does not define a "%s" authentication backend' % (module, attr))
|
||||||
|
|
||||||
if not hasattr(cls, 'supports_inactive_user'):
|
|
||||||
warn("Authentication backends without a `supports_inactive_user` attribute are deprecated. Please define it in %s." % cls,
|
|
||||||
DeprecationWarning)
|
|
||||||
cls.supports_inactive_user = False
|
|
||||||
return cls()
|
return cls()
|
||||||
|
|
||||||
def get_backends():
|
def get_backends():
|
||||||
|
|
|
@ -5,7 +5,6 @@ class ModelBackend(object):
|
||||||
"""
|
"""
|
||||||
Authenticates against django.contrib.auth.models.User.
|
Authenticates against django.contrib.auth.models.User.
|
||||||
"""
|
"""
|
||||||
supports_inactive_user = True
|
|
||||||
|
|
||||||
# TODO: Model, login attribute name and password attribute name should be
|
# TODO: Model, login attribute name and password attribute name should be
|
||||||
# configurable.
|
# configurable.
|
||||||
|
|
|
@ -200,7 +200,6 @@ def _user_has_perm(user, perm, obj):
|
||||||
anon = user.is_anonymous()
|
anon = user.is_anonymous()
|
||||||
active = user.is_active
|
active = user.is_active
|
||||||
for backend in auth.get_backends():
|
for backend in auth.get_backends():
|
||||||
if anon or active or backend.supports_inactive_user:
|
|
||||||
if hasattr(backend, "has_perm"):
|
if hasattr(backend, "has_perm"):
|
||||||
if obj is not None:
|
if obj is not None:
|
||||||
if backend.has_perm(user, perm, obj):
|
if backend.has_perm(user, perm, obj):
|
||||||
|
@ -215,7 +214,6 @@ def _user_has_module_perms(user, app_label):
|
||||||
anon = user.is_anonymous()
|
anon = user.is_anonymous()
|
||||||
active = user.is_active
|
active = user.is_active
|
||||||
for backend in auth.get_backends():
|
for backend in auth.get_backends():
|
||||||
if anon or active or backend.supports_inactive_user:
|
|
||||||
if hasattr(backend, "has_module_perms"):
|
if hasattr(backend, "has_module_perms"):
|
||||||
if backend.has_module_perms(user, app_label):
|
if backend.has_module_perms(user, app_label):
|
||||||
return True
|
return True
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
from django.contrib.auth.tests.auth_backends import (BackendTest,
|
from django.contrib.auth.tests.auth_backends import (BackendTest,
|
||||||
RowlevelBackendTest, AnonymousUserBackendTest, NoBackendsTest,
|
RowlevelBackendTest, AnonymousUserBackendTest, NoBackendsTest,
|
||||||
InActiveUserBackendTest, NoInActiveUserBackendTest)
|
InActiveUserBackendTest)
|
||||||
from django.contrib.auth.tests.basic import BasicTestCase
|
from django.contrib.auth.tests.basic import BasicTestCase
|
||||||
from django.contrib.auth.tests.context_processors import AuthContextProcessorTests
|
from django.contrib.auth.tests.context_processors import AuthContextProcessorTests
|
||||||
from django.contrib.auth.tests.decorators import LoginRequiredTestCase
|
from django.contrib.auth.tests.decorators import LoginRequiredTestCase
|
||||||
|
|
|
@ -104,12 +104,6 @@ class TestObj(object):
|
||||||
|
|
||||||
|
|
||||||
class SimpleRowlevelBackend(object):
|
class SimpleRowlevelBackend(object):
|
||||||
supports_inactive_user = False
|
|
||||||
|
|
||||||
# This class also supports tests for anonymous user permissions, and
|
|
||||||
# inactive user permissions via subclasses which just set the
|
|
||||||
# 'supports_anonymous_user' or 'supports_inactive_user' attribute.
|
|
||||||
|
|
||||||
def has_perm(self, user, perm, obj=None):
|
def has_perm(self, user, perm, obj=None):
|
||||||
if not obj:
|
if not obj:
|
||||||
return # We only support row level perms
|
return # We only support row level perms
|
||||||
|
@ -196,16 +190,12 @@ class RowlevelBackendTest(TestCase):
|
||||||
self.assertEqual(self.user3.get_group_permissions(TestObj()), set(['group_perm']))
|
self.assertEqual(self.user3.get_group_permissions(TestObj()), set(['group_perm']))
|
||||||
|
|
||||||
|
|
||||||
class AnonymousUserBackend(SimpleRowlevelBackend):
|
|
||||||
supports_inactive_user = False
|
|
||||||
|
|
||||||
|
|
||||||
class AnonymousUserBackendTest(TestCase):
|
class AnonymousUserBackendTest(TestCase):
|
||||||
"""
|
"""
|
||||||
Tests for AnonymousUser delegating to backend.
|
Tests for AnonymousUser delegating to backend.
|
||||||
"""
|
"""
|
||||||
|
|
||||||
backend = 'django.contrib.auth.tests.auth_backends.AnonymousUserBackend'
|
backend = 'django.contrib.auth.tests.auth_backends.SimpleRowlevelBackend'
|
||||||
|
|
||||||
def setUp(self):
|
def setUp(self):
|
||||||
self.curr_auth = settings.AUTHENTICATION_BACKENDS
|
self.curr_auth = settings.AUTHENTICATION_BACKENDS
|
||||||
|
@ -243,20 +233,11 @@ class NoBackendsTest(TestCase):
|
||||||
self.assertRaises(ImproperlyConfigured, self.user.has_perm, ('perm', TestObj(),))
|
self.assertRaises(ImproperlyConfigured, self.user.has_perm, ('perm', TestObj(),))
|
||||||
|
|
||||||
|
|
||||||
class InActiveUserBackend(SimpleRowlevelBackend):
|
|
||||||
supports_inactive_user = True
|
|
||||||
|
|
||||||
|
|
||||||
class NoInActiveUserBackend(SimpleRowlevelBackend):
|
|
||||||
supports_inactive_user = False
|
|
||||||
|
|
||||||
|
|
||||||
class InActiveUserBackendTest(TestCase):
|
class InActiveUserBackendTest(TestCase):
|
||||||
"""
|
"""
|
||||||
Tests for a inactive user delegating to backend if it has 'supports_inactive_user' = True
|
Tests for a inactive user
|
||||||
"""
|
"""
|
||||||
|
backend = 'django.contrib.auth.tests.auth_backends.SimpleRowlevelBackend'
|
||||||
backend = 'django.contrib.auth.tests.auth_backends.InActiveUserBackend'
|
|
||||||
|
|
||||||
def setUp(self):
|
def setUp(self):
|
||||||
self.curr_auth = settings.AUTHENTICATION_BACKENDS
|
self.curr_auth = settings.AUTHENTICATION_BACKENDS
|
||||||
|
@ -275,29 +256,3 @@ class InActiveUserBackendTest(TestCase):
|
||||||
def test_has_module_perms(self):
|
def test_has_module_perms(self):
|
||||||
self.assertEqual(self.user1.has_module_perms("app1"), False)
|
self.assertEqual(self.user1.has_module_perms("app1"), False)
|
||||||
self.assertEqual(self.user1.has_module_perms("app2"), False)
|
self.assertEqual(self.user1.has_module_perms("app2"), False)
|
||||||
|
|
||||||
|
|
||||||
class NoInActiveUserBackendTest(TestCase):
|
|
||||||
"""
|
|
||||||
Tests that an inactive user does not delegate to backend if it has 'supports_inactive_user' = False
|
|
||||||
"""
|
|
||||||
backend = 'django.contrib.auth.tests.auth_backends.NoInActiveUserBackend'
|
|
||||||
|
|
||||||
def setUp(self):
|
|
||||||
self.curr_auth = settings.AUTHENTICATION_BACKENDS
|
|
||||||
settings.AUTHENTICATION_BACKENDS = tuple(self.curr_auth) + (self.backend,)
|
|
||||||
self.user1 = User.objects.create_user('test', 'test@example.com', 'test')
|
|
||||||
self.user1.is_active = False
|
|
||||||
self.user1.save()
|
|
||||||
|
|
||||||
def tearDown(self):
|
|
||||||
settings.AUTHENTICATION_BACKENDS = self.curr_auth
|
|
||||||
|
|
||||||
def test_has_perm(self):
|
|
||||||
self.assertEqual(self.user1.has_perm('perm', TestObj()), False)
|
|
||||||
self.assertEqual(self.user1.has_perm('inactive', TestObj()), False)
|
|
||||||
|
|
||||||
def test_has_module_perms(self):
|
|
||||||
self.assertEqual(self.user1.has_module_perms("app1"), False)
|
|
||||||
self.assertEqual(self.user1.has_module_perms("app2"), False)
|
|
||||||
|
|
||||||
|
|
|
@ -1831,8 +1831,6 @@ object the first time a user authenticates::
|
||||||
ADMIN_PASSWORD = 'sha1$4e987$afbcf42e21bd417fb71db8c66b321e9fc33051de'
|
ADMIN_PASSWORD = 'sha1$4e987$afbcf42e21bd417fb71db8c66b321e9fc33051de'
|
||||||
"""
|
"""
|
||||||
|
|
||||||
supports_inactive_user = False
|
|
||||||
|
|
||||||
def authenticate(self, username=None, password=None):
|
def authenticate(self, username=None, password=None):
|
||||||
login_valid = (settings.ADMIN_LOGIN == username)
|
login_valid = (settings.ADMIN_LOGIN == username)
|
||||||
pwd_valid = check_password(password, settings.ADMIN_PASSWORD)
|
pwd_valid = check_password(password, settings.ADMIN_PASSWORD)
|
||||||
|
@ -1931,15 +1929,8 @@ The support for anonymous users in the permission system allows for
|
||||||
anonymous users to have permissions to do something while inactive
|
anonymous users to have permissions to do something while inactive
|
||||||
authenticated users do not.
|
authenticated users do not.
|
||||||
|
|
||||||
To enable this on your own backend, you must set the class attribute
|
Do not forget to test for the ``is_active`` attribute of the user in your own
|
||||||
``supports_inactive_user`` to ``True``.
|
backend permission methods.
|
||||||
|
|
||||||
A nonexisting ``supports_inactive_user`` attribute will raise a
|
|
||||||
``PendingDeprecationWarning`` if used in Django 1.3. In Django 1.4, this
|
|
||||||
warning will be updated to a ``DeprecationWarning`` which will be displayed
|
|
||||||
loudly. Additionally ``supports_inactive_user`` will be set to ``False``.
|
|
||||||
Django 1.5 will assume that every backend supports inactive users being
|
|
||||||
passed to the authorization methods.
|
|
||||||
|
|
||||||
|
|
||||||
Handling object permissions
|
Handling object permissions
|
||||||
|
|
Loading…
Reference in New Issue