1 try: |
|
2 set |
|
3 except NameError: |
|
4 from sets import Set as set # Python 2.3 fallback |
|
5 |
|
6 from django.db import connection |
1 from django.db import connection |
7 from django.contrib.auth.models import User |
2 from django.contrib.auth.models import User, Permission |
8 |
3 |
9 |
4 |
10 class ModelBackend(object): |
5 class ModelBackend(object): |
11 """ |
6 """ |
12 Authenticates against django.contrib.auth.models.User. |
7 Authenticates against django.contrib.auth.models.User. |
13 """ |
8 """ |
|
9 supports_object_permissions = False |
|
10 supports_anonymous_user = True |
|
11 |
14 # TODO: Model, login attribute name and password attribute name should be |
12 # TODO: Model, login attribute name and password attribute name should be |
15 # configurable. |
13 # configurable. |
16 def authenticate(self, username=None, password=None): |
14 def authenticate(self, username=None, password=None): |
17 try: |
15 try: |
18 user = User.objects.get(username=username) |
16 user = User.objects.get(username=username) |
25 """ |
23 """ |
26 Returns a set of permission strings that this user has through his/her |
24 Returns a set of permission strings that this user has through his/her |
27 groups. |
25 groups. |
28 """ |
26 """ |
29 if not hasattr(user_obj, '_group_perm_cache'): |
27 if not hasattr(user_obj, '_group_perm_cache'): |
30 cursor = connection.cursor() |
28 perms = Permission.objects.filter(group__user=user_obj |
31 # The SQL below works out to the following, after DB quoting: |
29 ).values_list('content_type__app_label', 'codename' |
32 # cursor.execute(""" |
30 ).order_by() |
33 # SELECT ct."app_label", p."codename" |
31 user_obj._group_perm_cache = set(["%s.%s" % (ct, name) for ct, name in perms]) |
34 # FROM "auth_permission" p, "auth_group_permissions" gp, "auth_user_groups" ug, "django_content_type" ct |
|
35 # WHERE p."id" = gp."permission_id" |
|
36 # AND gp."group_id" = ug."group_id" |
|
37 # AND ct."id" = p."content_type_id" |
|
38 # AND ug."user_id" = %s, [self.id]) |
|
39 qn = connection.ops.quote_name |
|
40 sql = """ |
|
41 SELECT ct.%s, p.%s |
|
42 FROM %s p, %s gp, %s ug, %s ct |
|
43 WHERE p.%s = gp.%s |
|
44 AND gp.%s = ug.%s |
|
45 AND ct.%s = p.%s |
|
46 AND ug.%s = %%s""" % ( |
|
47 qn('app_label'), qn('codename'), |
|
48 qn('auth_permission'), qn('auth_group_permissions'), |
|
49 qn('auth_user_groups'), qn('django_content_type'), |
|
50 qn('id'), qn('permission_id'), |
|
51 qn('group_id'), qn('group_id'), |
|
52 qn('id'), qn('content_type_id'), |
|
53 qn('user_id'),) |
|
54 cursor.execute(sql, [user_obj.id]) |
|
55 user_obj._group_perm_cache = set(["%s.%s" % (row[0], row[1]) for row in cursor.fetchall()]) |
|
56 return user_obj._group_perm_cache |
32 return user_obj._group_perm_cache |
57 |
33 |
58 def get_all_permissions(self, user_obj): |
34 def get_all_permissions(self, user_obj): |
|
35 if user_obj.is_anonymous(): |
|
36 return set() |
59 if not hasattr(user_obj, '_perm_cache'): |
37 if not hasattr(user_obj, '_perm_cache'): |
60 user_obj._perm_cache = set([u"%s.%s" % (p.content_type.app_label, p.codename) for p in user_obj.user_permissions.select_related()]) |
38 user_obj._perm_cache = set([u"%s.%s" % (p.content_type.app_label, p.codename) for p in user_obj.user_permissions.select_related()]) |
61 user_obj._perm_cache.update(self.get_group_permissions(user_obj)) |
39 user_obj._perm_cache.update(self.get_group_permissions(user_obj)) |
62 return user_obj._perm_cache |
40 return user_obj._perm_cache |
63 |
41 |