Mercurial Mercurial > py_tasks_melange / file revision
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
app/django/contrib/auth/handlers/modpython.py
author Todd Larsen <tlarsen@google.com>
Fri, 03 Oct 2008 01:32:34 +0000
changeset 263 9b39d93b677f
parent 54 03e267d67478
permissions -rw-r--r--
Make findNearestUsers() code in soc/logic/site/id_user.py more generic and move it to soc/logic/model.py. Orginal findNearest...() functions in id_user.py are now convenience wrappers. Add typed-query string construction functions to model.py. Move getFulLClassName() from key_name.py model.py, since it has more to do with Model types than key names. Swap 'offset' and 'limit' and make 'limit' arguments non-optional. Also, stop adding 1 inside the ...ForLimitAndOffset() functions and make the callers do it (since it was being added for a very UI-specific reason of whether or not to display a "Next>" link). Patch by: Todd Larsen Review by: Pawel Solyga Review URL: http://codereviews.googleopensourceprograms.com/1401

from mod_python import apache
import os

def authenhandler(req, **kwargs):
    """
    Authentication handler that checks against Django's auth database.
    """

    # mod_python fakes the environ, and thus doesn't process SetEnv.  This fixes
    # that so that the following import works
    os.environ.update(req.subprocess_env)

    # apache 2.2 requires a call to req.get_basic_auth_pw() before 
    # req.user and friends are available.
    req.get_basic_auth_pw()

    # check for PythonOptions
    _str_to_bool = lambda s: s.lower() in ('1', 'true', 'on', 'yes')

    options = req.get_options()
    permission_name = options.get('DjangoPermissionName', None)
    staff_only = _str_to_bool(options.get('DjangoRequireStaffStatus', "on"))
    superuser_only = _str_to_bool(options.get('DjangoRequireSuperuserStatus', "off"))
    settings_module = options.get('DJANGO_SETTINGS_MODULE', None)
    if settings_module:
        os.environ['DJANGO_SETTINGS_MODULE'] = settings_module

    from django.contrib.auth.models import User
    from django import db
    db.reset_queries()

    # check that the username is valid
    kwargs = {'username': req.user, 'is_active': True}
    if staff_only:
        kwargs['is_staff'] = True
    if superuser_only:
        kwargs['is_superuser'] = True
    try:
        try:
            user = User.objects.get(**kwargs)
        except User.DoesNotExist:
            return apache.HTTP_UNAUTHORIZED
    
        # check the password and any permission given
        if user.check_password(req.get_basic_auth_pw()):
            if permission_name:
                if user.has_perm(permission_name):
                    return apache.OK
                else:
                    return apache.HTTP_UNAUTHORIZED
            else:
                return apache.OK
        else:
            return apache.HTTP_UNAUTHORIZED
    finally:
        db.connection.close()
py_tasks_melange