1
0
mirror of https://github.com/django/django.git synced 2025-10-25 22:56:12 +00:00

Fixed #18038 -- Removed the 'supports_inactive_user' backwards-compatibility flag. Thanks Aymeric Augustin for the initial patch and Ramiro Morales for the review.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@17938 bcc190cf-cafb-0310-a4f2-bffc1f526a37
This commit is contained in:
Claude Paroz
2012-04-26 17:15:40 +00:00
parent 1858e47672
commit be12c9e908
6 changed files with 16 additions and 79 deletions

View File

@@ -1,4 +1,3 @@
from warnings import warn
from django.core.exceptions import ImproperlyConfigured from django.core.exceptions import ImproperlyConfigured
from django.utils.importlib import import_module from django.utils.importlib import import_module
from django.contrib.auth.signals import user_logged_in, user_logged_out from django.contrib.auth.signals import user_logged_in, user_logged_out
@@ -20,11 +19,6 @@ def load_backend(path):
cls = getattr(mod, attr) cls = getattr(mod, attr)
except AttributeError: except AttributeError:
raise ImproperlyConfigured('Module "%s" does not define a "%s" authentication backend' % (module, attr)) raise ImproperlyConfigured('Module "%s" does not define a "%s" authentication backend' % (module, attr))
if not hasattr(cls, 'supports_inactive_user'):
warn("Authentication backends without a `supports_inactive_user` attribute are deprecated. Please define it in %s." % cls,
DeprecationWarning)
cls.supports_inactive_user = False
return cls() return cls()
def get_backends(): def get_backends():

View File

@@ -5,7 +5,6 @@ class ModelBackend(object):
""" """
Authenticates against django.contrib.auth.models.User. Authenticates against django.contrib.auth.models.User.
""" """
supports_inactive_user = True
# TODO: Model, login attribute name and password attribute name should be # TODO: Model, login attribute name and password attribute name should be
# configurable. # configurable.

View File

@@ -200,14 +200,13 @@ def _user_has_perm(user, perm, obj):
anon = user.is_anonymous() anon = user.is_anonymous()
active = user.is_active active = user.is_active
for backend in auth.get_backends(): for backend in auth.get_backends():
if anon or active or backend.supports_inactive_user: if hasattr(backend, "has_perm"):
if hasattr(backend, "has_perm"): if obj is not None:
if obj is not None: if backend.has_perm(user, perm, obj):
if backend.has_perm(user, perm, obj): return True
return True else:
else: if backend.has_perm(user, perm):
if backend.has_perm(user, perm): return True
return True
return False return False
@@ -215,10 +214,9 @@ def _user_has_module_perms(user, app_label):
anon = user.is_anonymous() anon = user.is_anonymous()
active = user.is_active active = user.is_active
for backend in auth.get_backends(): for backend in auth.get_backends():
if anon or active or backend.supports_inactive_user: if hasattr(backend, "has_module_perms"):
if hasattr(backend, "has_module_perms"): if backend.has_module_perms(user, app_label):
if backend.has_module_perms(user, app_label): return True
return True
return False return False

View File

@@ -1,6 +1,6 @@
from django.contrib.auth.tests.auth_backends import (BackendTest, from django.contrib.auth.tests.auth_backends import (BackendTest,
RowlevelBackendTest, AnonymousUserBackendTest, NoBackendsTest, RowlevelBackendTest, AnonymousUserBackendTest, NoBackendsTest,
InActiveUserBackendTest, NoInActiveUserBackendTest) InActiveUserBackendTest)
from django.contrib.auth.tests.basic import BasicTestCase from django.contrib.auth.tests.basic import BasicTestCase
from django.contrib.auth.tests.context_processors import AuthContextProcessorTests from django.contrib.auth.tests.context_processors import AuthContextProcessorTests
from django.contrib.auth.tests.decorators import LoginRequiredTestCase from django.contrib.auth.tests.decorators import LoginRequiredTestCase

View File

@@ -104,12 +104,6 @@ class TestObj(object):
class SimpleRowlevelBackend(object): class SimpleRowlevelBackend(object):
supports_inactive_user = False
# This class also supports tests for anonymous user permissions, and
# inactive user permissions via subclasses which just set the
# 'supports_anonymous_user' or 'supports_inactive_user' attribute.
def has_perm(self, user, perm, obj=None): def has_perm(self, user, perm, obj=None):
if not obj: if not obj:
return # We only support row level perms return # We only support row level perms
@@ -196,16 +190,12 @@ class RowlevelBackendTest(TestCase):
self.assertEqual(self.user3.get_group_permissions(TestObj()), set(['group_perm'])) self.assertEqual(self.user3.get_group_permissions(TestObj()), set(['group_perm']))
class AnonymousUserBackend(SimpleRowlevelBackend):
supports_inactive_user = False
class AnonymousUserBackendTest(TestCase): class AnonymousUserBackendTest(TestCase):
""" """
Tests for AnonymousUser delegating to backend. Tests for AnonymousUser delegating to backend.
""" """
backend = 'django.contrib.auth.tests.auth_backends.AnonymousUserBackend' backend = 'django.contrib.auth.tests.auth_backends.SimpleRowlevelBackend'
def setUp(self): def setUp(self):
self.curr_auth = settings.AUTHENTICATION_BACKENDS self.curr_auth = settings.AUTHENTICATION_BACKENDS
@@ -243,20 +233,11 @@ class NoBackendsTest(TestCase):
self.assertRaises(ImproperlyConfigured, self.user.has_perm, ('perm', TestObj(),)) self.assertRaises(ImproperlyConfigured, self.user.has_perm, ('perm', TestObj(),))
class InActiveUserBackend(SimpleRowlevelBackend):
supports_inactive_user = True
class NoInActiveUserBackend(SimpleRowlevelBackend):
supports_inactive_user = False
class InActiveUserBackendTest(TestCase): class InActiveUserBackendTest(TestCase):
""" """
Tests for a inactive user delegating to backend if it has 'supports_inactive_user' = True Tests for a inactive user
""" """
backend = 'django.contrib.auth.tests.auth_backends.SimpleRowlevelBackend'
backend = 'django.contrib.auth.tests.auth_backends.InActiveUserBackend'
def setUp(self): def setUp(self):
self.curr_auth = settings.AUTHENTICATION_BACKENDS self.curr_auth = settings.AUTHENTICATION_BACKENDS
@@ -275,29 +256,3 @@ class InActiveUserBackendTest(TestCase):
def test_has_module_perms(self): def test_has_module_perms(self):
self.assertEqual(self.user1.has_module_perms("app1"), False) self.assertEqual(self.user1.has_module_perms("app1"), False)
self.assertEqual(self.user1.has_module_perms("app2"), False) self.assertEqual(self.user1.has_module_perms("app2"), False)
class NoInActiveUserBackendTest(TestCase):
"""
Tests that an inactive user does not delegate to backend if it has 'supports_inactive_user' = False
"""
backend = 'django.contrib.auth.tests.auth_backends.NoInActiveUserBackend'
def setUp(self):
self.curr_auth = settings.AUTHENTICATION_BACKENDS
settings.AUTHENTICATION_BACKENDS = tuple(self.curr_auth) + (self.backend,)
self.user1 = User.objects.create_user('test', 'test@example.com', 'test')
self.user1.is_active = False
self.user1.save()
def tearDown(self):
settings.AUTHENTICATION_BACKENDS = self.curr_auth
def test_has_perm(self):
self.assertEqual(self.user1.has_perm('perm', TestObj()), False)
self.assertEqual(self.user1.has_perm('inactive', TestObj()), False)
def test_has_module_perms(self):
self.assertEqual(self.user1.has_module_perms("app1"), False)
self.assertEqual(self.user1.has_module_perms("app2"), False)

View File

@@ -1831,8 +1831,6 @@ object the first time a user authenticates::
ADMIN_PASSWORD = 'sha1$4e987$afbcf42e21bd417fb71db8c66b321e9fc33051de' ADMIN_PASSWORD = 'sha1$4e987$afbcf42e21bd417fb71db8c66b321e9fc33051de'
""" """
supports_inactive_user = False
def authenticate(self, username=None, password=None): def authenticate(self, username=None, password=None):
login_valid = (settings.ADMIN_LOGIN == username) login_valid = (settings.ADMIN_LOGIN == username)
pwd_valid = check_password(password, settings.ADMIN_PASSWORD) pwd_valid = check_password(password, settings.ADMIN_PASSWORD)
@@ -1931,15 +1929,8 @@ The support for anonymous users in the permission system allows for
anonymous users to have permissions to do something while inactive anonymous users to have permissions to do something while inactive
authenticated users do not. authenticated users do not.
To enable this on your own backend, you must set the class attribute Do not forget to test for the ``is_active`` attribute of the user in your own
``supports_inactive_user`` to ``True``. backend permission methods.
A nonexisting ``supports_inactive_user`` attribute will raise a
``PendingDeprecationWarning`` if used in Django 1.3. In Django 1.4, this
warning will be updated to a ``DeprecationWarning`` which will be displayed
loudly. Additionally ``supports_inactive_user`` will be set to ``False``.
Django 1.5 will assume that every backend supports inactive users being
passed to the authorization methods.
Handling object permissions Handling object permissions