test0908
/
django
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Fixed #2332 -- Introduced is_authenticated() method on User and AnonymousUser classes. Recommended its use over is_anonymous in the docs. Changed internal Django use to match this recommendation. Thanks to SmileyChris and Gary Wilson for the patch. 

git-svn-id: http://code.djangoproject.com/svn/django/trunk@3360 bcc190cf-cafb-0310-a4f2-bffc1f526a37
This commit is contained in:
Malcolm Tredinnick 2006-07-19 02:09:26 +00:00
parent 533594d1a5
commit 51705f60b1
12 changed files with 46 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
django/contrib/admin/templates/admin/base.html
View File

@ -20,9 +20,9 @@
<div id="branding">
{% block branding %}{% endblock %}
</div>
{% if not user.is_anonymous %}{% if user.is_staff %}
{% if user.is_authenticated and user.is_staff %}
<div id="user-tools">{% trans 'Welcome,' %} <strong>{% if user.first_name %}{{ user.first_name|escape }}{% else %}{{ user.username }}{% endif %}</strong>. {% block userlinks %}<a href="doc/">{% trans 'Documentation' %}</a> / <a href="password_change/">{% trans 'Change password' %}</a> / <a href="logout/">{% trans 'Log out' %}</a>{% endblock %}</div>
{% endif %}{% endif %}
{% endif %}
{% block nav-global %}{% endblock %}
</div>
<!-- END Header -->

2
django/contrib/admin/views/decorators.py
View File

@ -46,7 +46,7 @@ def staff_member_required(view_func):
member, displaying the login page if necessary.
"""
def _checklogin(request, *args, **kwargs):
if not request.user.is_anonymous() and request.user.is_staff:
if request.user.is_authenticated() and request.user.is_staff:
# The user is valid. Continue to the admin page.
if request.POST.has_key('post_data'):
# User must have re-authenticated through a different window

2
django/contrib/auth/decorators.py
View File

@ -17,7 +17,7 @@ def user_passes_test(test_func, login_url=LOGIN_URL):
return _checklogin
return _dec
login_required = user_passes_test(lambda u: not u.is_anonymous())
login_required = user_passes_test(lambda u: u.is_authenticated())
login_required.__doc__ = (
"""
Decorator for views that checks that the user is logged in, redirecting

8
django/contrib/auth/models.py
View File

@ -125,6 +125,11 @@ class User(models.Model):
def is_anonymous(self):
"Always returns False. This is a way of comparing User objects to anonymous users."
return False
def is_authenticated(self):
"""Always return True. This is a way to tell if the user has been authenticated in templates.
"""
return True
def get_full_name(self):
"Returns the first_name plus the last_name, with a space in between."
@ -293,3 +298,6 @@ class AnonymousUser(object):
def is_anonymous(self):
return True
def is_authenticated(self):
return False

6
django/contrib/comments/templates/comments/form.html
View File

@ -2,10 +2,10 @@
{% if display_form %}
<form {% if photos_optional or photos_required %}enctype="multipart/form-data" {% endif %}action="/comments/post/" method="post">
{% if user.is_anonymous %}
<p><label for="id_username">{% trans "Username:" %}</label> <input type="text" name="username" id="id_username" /><br />{% trans "Password:" %} <input type="password" name="password" id="id_password" /> (<a href="/accounts/password_reset/">{% trans "Forgotten your password?" %}</a>)</p>
{% else %}
{% if user.is_authenticated %}
<p>{% trans "Username:" %} <strong>{{ user.username }}</strong> (<a href="/accounts/logout/">{% trans "Log out" %}</a>)</p>
{% else %}
<p><label for="id_username">{% trans "Username:" %}</label> <input type="text" name="username" id="id_username" /><br />{% trans "Password:" %} <input type="password" name="password" id="id_password" /> (<a href="/accounts/password_reset/">{% trans "Forgotten your password?" %}</a>)</p>
{% endif %}
{% if ratings_optional or ratings_required %}

2
django/contrib/comments/templatetags/comments.py
View File

@ -114,7 +114,7 @@ class CommentListNode(template.Node):
comment_list = get_list_function(**kwargs).order_by(self.ordering + 'submit_date').select_related()
if not self.free:
if context.has_key('user') and not context['user'].is_anonymous():
if context.has_key('user') and context['user'].is_authenticated():
user_id = context['user'].id
context['user_can_moderate_comments'] = Comment.objects.user_is_moderator(context['user'])
else:

2
django/contrib/comments/views/comments.py
View File

@ -63,7 +63,7 @@ class PublicCommentManipulator(AuthenticationForm):
validator_list=get_validator_list(8),
),
])
if not user.is_anonymous():
if user.is_authenticated():
self["username"].is_required = False
self["username"].validator_list = []
self["password"].is_required = False

2
django/contrib/comments/views/karma.py
View File

@ -15,7 +15,7 @@ def vote(request, comment_id, vote):
rating = {'up': 1, 'down': -1}.get(vote, False)
if not rating:
raise Http404, "Invalid vote"
if request.user.is_anonymous():
if not request.user.is_authenticated():
raise Http404, _("Anonymous users cannot vote")
try:
comment = Comment.objects.get(pk=comment_id)

2
django/contrib/flatpages/views.py
View File

@ -22,7 +22,7 @@ def flatpage(request, url):
f = get_object_or_404(FlatPage, url__exact=url, sites__id__exact=settings.SITE_ID)
# If registration is required for accessing this page, and the user isn't
# logged in, redirect to the login page.
if f.registration_required and request.user.is_anonymous():
if f.registration_required and not request.user.is_authenticated():
from django.contrib.auth.views import redirect_to_login
return redirect_to_login(request.path)
if f.template_name:

12
django/views/generic/create_update.py
View File

@ -20,7 +20,7 @@ def create_object(request, model, template_name=None,
the form wrapper for the object
"""
if extra_context is None: extra_context = {}
if login_required and request.user.is_anonymous():
if login_required and not request.user.is_authenticated():
return redirect_to_login(request.path)
manipulator = model.AddManipulator(follow=follow)
@ -39,7 +39,7 @@ def create_object(request, model, template_name=None,
# No errors -- this means we can save the data!
new_object = manipulator.save(new_data)
if not request.user.is_anonymous():
if request.user.is_authenticated():
request.user.message_set.create(message="The %s was created successfully." % model._meta.verbose_name)
# Redirect to the new object: first by trying post_save_redirect,
@ -86,7 +86,7 @@ def update_object(request, model, object_id=None, slug=None,
the original object being edited
"""
if extra_context is None: extra_context = {}
if login_required and request.user.is_anonymous():
if login_required and not request.user.is_authenticated():
return redirect_to_login(request.path)
# Look up the object to be edited
@ -113,7 +113,7 @@ def update_object(request, model, object_id=None, slug=None,
if not errors:
object = manipulator.save(new_data)
if not request.user.is_anonymous():
if request.user.is_authenticated():
request.user.message_set.create(message="The %s was updated successfully." % model._meta.verbose_name)
# Do a post-after-redirect so that reload works, etc.
@ -162,7 +162,7 @@ def delete_object(request, model, post_delete_redirect,
the original object being deleted
"""
if extra_context is None: extra_context = {}
if login_required and request.user.is_anonymous():
if login_required and not request.user.is_authenticated():
return redirect_to_login(request.path)
# Look up the object to be edited
@ -180,7 +180,7 @@ def delete_object(request, model, post_delete_redirect,
if request.method == 'POST':
object.delete()
if not request.user.is_anonymous():
if request.user.is_authenticated():
request.user.message_set.create(message="The %s was deleted." % model._meta.verbose_name)
return HttpResponseRedirect(post_delete_redirect)
else:

29
docs/authentication.txt
View File

@ -95,7 +95,11 @@ In addition to those automatic API methods, ``User`` objects have the following
custom methods:
* ``is_anonymous()`` -- Always returns ``False``. This is a way of
comparing ``User`` objects to anonymous users.
differentiating ``User`` and ``AnonymousUser`` objects. Generally, you
should prefer using ``is_authenticated()`` to this method.
* ``is_authenticated()`` -- Always returns ``True``. This is a way to
tell if the user has been authenticated.
* ``get_full_name()`` -- Returns the ``first_name`` plus the ``last_name``,
with a space in between.
@ -219,6 +223,7 @@ the ``django.contrib.auth.models.User`` interface, with these differences:
* ``id`` is always ``None``.
* ``is_anonymous()`` returns ``True`` instead of ``False``.
* ``is_authenticated()`` returns ``False`` instead of ``True``.
* ``has_perm()`` always returns ``False``.
* ``set_password()``, ``check_password()``, ``save()``, ``delete()``,
``set_groups()`` and ``set_permissions()`` raise ``NotImplementedError``.
@ -254,12 +259,12 @@ Once you have those middlewares installed, you'll be able to access
``request.user`` in views. ``request.user`` will give you a ``User`` object
representing the currently logged-in user. If a user isn't currently logged in,
``request.user`` will be set to an instance of ``AnonymousUser`` (see the
previous section). You can tell them apart with ``is_anonymous()``, like so::
previous section). You can tell them apart with ``is_authenticated()``, like so::
if request.user.is_anonymous():
# Do something for anonymous users.
if request.user.is_authenticated():
# Do something for authenticated users.
else:
# Do something for logged-in users.
# Do something for anonymous users.
.. _request objects: http://www.djangoproject.com/documentation/request_response/#httprequest-objects
.. _session documentation: http://www.djangoproject.com/documentation/sessions/
@ -323,19 +328,19 @@ The raw way
~~~~~~~~~~~
The simple, raw way to limit access to pages is to check
``request.user.is_anonymous()`` and either redirect to a login page::
``request.user.is_authenticated()`` and either redirect to a login page::
from django.http import HttpResponseRedirect
def my_view(request):
if request.user.is_anonymous():
if not request.user.is_authenticated():
return HttpResponseRedirect('/login/?next=%s' % request.path)
# ...
...or display an error message::
def my_view(request):
if request.user.is_anonymous():
if not request.user.is_authenticated():
return render_to_response('myapp/login_error.html')
# ...
@ -439,7 +444,7 @@ For example, this view checks to make sure the user is logged in and has the
permission ``polls.can_vote``::
def my_view(request):
if request.user.is_anonymous() or not request.user.has_perm('polls.can_vote'):
if not (request.user.is_authenticated() and request.user.has_perm('polls.can_vote')):
return HttpResponse("You can't vote in this poll.")
# ...
@ -605,10 +610,10 @@ Users
The currently logged-in user, either a ``User`` instance or an``AnonymousUser``
instance, is stored in the template variable ``{{ user }}``::
{% if user.is_anonymous %}
<p>Welcome, new user. Please log in.</p>
{% if user.is_authenticated %}
<p>Welcome, {{ user.username }}. Thanks for logging in.</p>
{% else %}
<p>Welcome, {{ user.username }}. Thanks for logging in.</p>
<p>Welcome, new user. Please log in.</p>
{% endif %}
Permissions

8
docs/request_response.txt
View File

@ -106,12 +106,12 @@ All attributes except ``session`` should be considered read-only.
A ``django.contrib.auth.models.User`` object representing the currently
logged-in user. If the user isn't currently logged in, ``user`` will be set
to an instance of ``django.contrib.auth.models.AnonymousUser``. You
can tell them apart with ``is_anonymous()``, like so::
can tell them apart with ``is_authenticated()``, like so::
if request.user.is_anonymous():
# Do something for anonymous users.
else:
if request.user.is_authenticated():
# Do something for logged-in users.
else:
# Do something for anonymous users.
``user`` is only available if your Django installation has the
``AuthenticationMiddleware`` activated. For more, see