Mercurial Mercurial > py_tasks_melange / file revision
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
app/django/contrib/auth/handlers/modpython.py
author Pawel Solyga <Pawel.Solyga@gmail.com>
Wed, 15 Oct 2008 14:06:33 +0000
changeset 338 0d78f41dde9b
parent 54 03e267d67478
permissions -rw-r--r--
Show "Created by" read-only field in Document Edit view. Update size of TinyMCE widget in Document Edit/Create views. Change user property name to founder in Document model and update files according to this change (now founder is used in Group and Document models). Remove not used variables and imports in views/site/docs/edit.py. Refactor EditForm and CreateForm in views/site/docs/edit.py so that EditForm inherits from CreateForm and just extends it. Patch by: Pawel Solyga Review by: to-be-reviewed

from mod_python import apache
import os

def authenhandler(req, **kwargs):
    """
    Authentication handler that checks against Django's auth database.
    """

    # mod_python fakes the environ, and thus doesn't process SetEnv.  This fixes
    # that so that the following import works
    os.environ.update(req.subprocess_env)

    # apache 2.2 requires a call to req.get_basic_auth_pw() before 
    # req.user and friends are available.
    req.get_basic_auth_pw()

    # check for PythonOptions
    _str_to_bool = lambda s: s.lower() in ('1', 'true', 'on', 'yes')

    options = req.get_options()
    permission_name = options.get('DjangoPermissionName', None)
    staff_only = _str_to_bool(options.get('DjangoRequireStaffStatus', "on"))
    superuser_only = _str_to_bool(options.get('DjangoRequireSuperuserStatus', "off"))
    settings_module = options.get('DJANGO_SETTINGS_MODULE', None)
    if settings_module:
        os.environ['DJANGO_SETTINGS_MODULE'] = settings_module

    from django.contrib.auth.models import User
    from django import db
    db.reset_queries()

    # check that the username is valid
    kwargs = {'username': req.user, 'is_active': True}
    if staff_only:
        kwargs['is_staff'] = True
    if superuser_only:
        kwargs['is_superuser'] = True
    try:
        try:
            user = User.objects.get(**kwargs)
        except User.DoesNotExist:
            return apache.HTTP_UNAUTHORIZED
    
        # check the password and any permission given
        if user.check_password(req.get_basic_auth_pw()):
            if permission_name:
                if user.has_perm(permission_name):
                    return apache.OK
                else:
                    return apache.HTTP_UNAUTHORIZED
            else:
                return apache.OK
        else:
            return apache.HTTP_UNAUTHORIZED
    finally:
        db.connection.close()
py_tasks_melange