|
1 from django.db import connection |
|
2 from django.contrib.auth.models import User |
|
3 |
|
4 try: |
|
5 set |
|
6 except NameError: |
|
7 from sets import Set as set # Python 2.3 fallback |
|
8 |
|
9 class ModelBackend(object): |
|
10 """ |
|
11 Authenticate against django.contrib.auth.models.User |
|
12 """ |
|
13 # TODO: Model, login attribute name and password attribute name should be |
|
14 # configurable. |
|
15 def authenticate(self, username=None, password=None): |
|
16 try: |
|
17 user = User.objects.get(username=username) |
|
18 if user.check_password(password): |
|
19 return user |
|
20 except User.DoesNotExist: |
|
21 return None |
|
22 |
|
23 def get_group_permissions(self, user_obj): |
|
24 "Returns a list of permission strings that this user has through his/her groups." |
|
25 if not hasattr(user_obj, '_group_perm_cache'): |
|
26 cursor = connection.cursor() |
|
27 # The SQL below works out to the following, after DB quoting: |
|
28 # cursor.execute(""" |
|
29 # SELECT ct."app_label", p."codename" |
|
30 # FROM "auth_permission" p, "auth_group_permissions" gp, "auth_user_groups" ug, "django_content_type" ct |
|
31 # WHERE p."id" = gp."permission_id" |
|
32 # AND gp."group_id" = ug."group_id" |
|
33 # AND ct."id" = p."content_type_id" |
|
34 # AND ug."user_id" = %s, [self.id]) |
|
35 qn = connection.ops.quote_name |
|
36 sql = """ |
|
37 SELECT ct.%s, p.%s |
|
38 FROM %s p, %s gp, %s ug, %s ct |
|
39 WHERE p.%s = gp.%s |
|
40 AND gp.%s = ug.%s |
|
41 AND ct.%s = p.%s |
|
42 AND ug.%s = %%s""" % ( |
|
43 qn('app_label'), qn('codename'), |
|
44 qn('auth_permission'), qn('auth_group_permissions'), |
|
45 qn('auth_user_groups'), qn('django_content_type'), |
|
46 qn('id'), qn('permission_id'), |
|
47 qn('group_id'), qn('group_id'), |
|
48 qn('id'), qn('content_type_id'), |
|
49 qn('user_id'),) |
|
50 cursor.execute(sql, [user_obj.id]) |
|
51 user_obj._group_perm_cache = set(["%s.%s" % (row[0], row[1]) for row in cursor.fetchall()]) |
|
52 return user_obj._group_perm_cache |
|
53 |
|
54 def get_all_permissions(self, user_obj): |
|
55 if not hasattr(user_obj, '_perm_cache'): |
|
56 user_obj._perm_cache = set([u"%s.%s" % (p.content_type.app_label, p.codename) for p in user_obj.user_permissions.select_related()]) |
|
57 user_obj._perm_cache.update(self.get_group_permissions(user_obj)) |
|
58 return user_obj._perm_cache |
|
59 |
|
60 def has_perm(self, user_obj, perm): |
|
61 return perm in self.get_all_permissions(user_obj) |
|
62 |
|
63 def has_module_perms(self, user_obj, app_label): |
|
64 return bool(len([p for p in self.get_all_permissions(user_obj) if p[:p.index('.')] == app_label])) |
|
65 |
|
66 def get_user(self, user_id): |
|
67 try: |
|
68 return User.objects.get(pk=user_id) |
|
69 except User.DoesNotExist: |
|
70 return None |