mirror of
				https://github.com/django/django.git
				synced 2025-10-25 22:56:12 +00:00 
			
		
		
		
	Fixed #18038 -- Removed the 'supports_inactive_user' backwards-compatibility flag. Thanks Aymeric Augustin for the initial patch and Ramiro Morales for the review.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17938 bcc190cf-cafb-0310-a4f2-bffc1f526a37
This commit is contained in:
		| @@ -1,4 +1,3 @@ | ||||
| from warnings import warn | ||||
| from django.core.exceptions import ImproperlyConfigured | ||||
| from django.utils.importlib import import_module | ||||
| from django.contrib.auth.signals import user_logged_in, user_logged_out | ||||
| @@ -20,11 +19,6 @@ def load_backend(path): | ||||
|         cls = getattr(mod, attr) | ||||
|     except AttributeError: | ||||
|         raise ImproperlyConfigured('Module "%s" does not define a "%s" authentication backend' % (module, attr)) | ||||
|  | ||||
|     if not hasattr(cls, 'supports_inactive_user'): | ||||
|         warn("Authentication backends without a `supports_inactive_user` attribute are deprecated. Please define it in %s." % cls, | ||||
|              DeprecationWarning) | ||||
|         cls.supports_inactive_user = False | ||||
|     return cls() | ||||
|  | ||||
| def get_backends(): | ||||
|   | ||||
| @@ -5,7 +5,6 @@ class ModelBackend(object): | ||||
|     """ | ||||
|     Authenticates against django.contrib.auth.models.User. | ||||
|     """ | ||||
|     supports_inactive_user = True | ||||
|  | ||||
|     # TODO: Model, login attribute name and password attribute name should be | ||||
|     # configurable. | ||||
|   | ||||
| @@ -200,7 +200,6 @@ def _user_has_perm(user, perm, obj): | ||||
|     anon = user.is_anonymous() | ||||
|     active = user.is_active | ||||
|     for backend in auth.get_backends(): | ||||
|         if anon or active or backend.supports_inactive_user: | ||||
|         if hasattr(backend, "has_perm"): | ||||
|             if obj is not None: | ||||
|                 if backend.has_perm(user, perm, obj): | ||||
| @@ -215,7 +214,6 @@ def _user_has_module_perms(user, app_label): | ||||
|     anon = user.is_anonymous() | ||||
|     active = user.is_active | ||||
|     for backend in auth.get_backends(): | ||||
|         if anon or active or backend.supports_inactive_user: | ||||
|         if hasattr(backend, "has_module_perms"): | ||||
|             if backend.has_module_perms(user, app_label): | ||||
|                 return True | ||||
|   | ||||
| @@ -1,6 +1,6 @@ | ||||
| from django.contrib.auth.tests.auth_backends import (BackendTest, | ||||
|     RowlevelBackendTest, AnonymousUserBackendTest, NoBackendsTest, | ||||
|     InActiveUserBackendTest, NoInActiveUserBackendTest) | ||||
|     InActiveUserBackendTest) | ||||
| from django.contrib.auth.tests.basic import BasicTestCase | ||||
| from django.contrib.auth.tests.context_processors import AuthContextProcessorTests | ||||
| from django.contrib.auth.tests.decorators import LoginRequiredTestCase | ||||
|   | ||||
| @@ -104,12 +104,6 @@ class TestObj(object): | ||||
|  | ||||
|  | ||||
| class SimpleRowlevelBackend(object): | ||||
|     supports_inactive_user = False | ||||
|  | ||||
|     # This class also supports tests for anonymous user permissions, and | ||||
|     # inactive user permissions via subclasses which just set the | ||||
|     # 'supports_anonymous_user' or 'supports_inactive_user' attribute. | ||||
|  | ||||
|     def has_perm(self, user, perm, obj=None): | ||||
|         if not obj: | ||||
|             return # We only support row level perms | ||||
| @@ -196,16 +190,12 @@ class RowlevelBackendTest(TestCase): | ||||
|         self.assertEqual(self.user3.get_group_permissions(TestObj()), set(['group_perm'])) | ||||
|  | ||||
|  | ||||
| class AnonymousUserBackend(SimpleRowlevelBackend): | ||||
|     supports_inactive_user = False | ||||
|  | ||||
|  | ||||
| class AnonymousUserBackendTest(TestCase): | ||||
|     """ | ||||
|     Tests for AnonymousUser delegating to backend. | ||||
|     """ | ||||
|  | ||||
|     backend = 'django.contrib.auth.tests.auth_backends.AnonymousUserBackend' | ||||
|     backend = 'django.contrib.auth.tests.auth_backends.SimpleRowlevelBackend' | ||||
|  | ||||
|     def setUp(self): | ||||
|         self.curr_auth = settings.AUTHENTICATION_BACKENDS | ||||
| @@ -243,20 +233,11 @@ class NoBackendsTest(TestCase): | ||||
|         self.assertRaises(ImproperlyConfigured, self.user.has_perm, ('perm', TestObj(),)) | ||||
|  | ||||
|  | ||||
| class InActiveUserBackend(SimpleRowlevelBackend): | ||||
|     supports_inactive_user = True | ||||
|  | ||||
|  | ||||
| class NoInActiveUserBackend(SimpleRowlevelBackend): | ||||
|     supports_inactive_user = False | ||||
|  | ||||
|  | ||||
| class InActiveUserBackendTest(TestCase): | ||||
|     """ | ||||
|     Tests for a inactive user delegating to backend if it has 'supports_inactive_user' = True | ||||
|     Tests for a inactive user | ||||
|     """ | ||||
|  | ||||
|     backend = 'django.contrib.auth.tests.auth_backends.InActiveUserBackend' | ||||
|     backend = 'django.contrib.auth.tests.auth_backends.SimpleRowlevelBackend' | ||||
|  | ||||
|     def setUp(self): | ||||
|         self.curr_auth = settings.AUTHENTICATION_BACKENDS | ||||
| @@ -275,29 +256,3 @@ class InActiveUserBackendTest(TestCase): | ||||
|     def test_has_module_perms(self): | ||||
|         self.assertEqual(self.user1.has_module_perms("app1"), False) | ||||
|         self.assertEqual(self.user1.has_module_perms("app2"), False) | ||||
|  | ||||
|  | ||||
| class NoInActiveUserBackendTest(TestCase): | ||||
|     """ | ||||
|     Tests that an inactive user does not delegate to backend if it has 'supports_inactive_user' = False | ||||
|     """ | ||||
|     backend = 'django.contrib.auth.tests.auth_backends.NoInActiveUserBackend' | ||||
|  | ||||
|     def setUp(self): | ||||
|         self.curr_auth = settings.AUTHENTICATION_BACKENDS | ||||
|         settings.AUTHENTICATION_BACKENDS = tuple(self.curr_auth) + (self.backend,) | ||||
|         self.user1 = User.objects.create_user('test', 'test@example.com', 'test') | ||||
|         self.user1.is_active = False | ||||
|         self.user1.save() | ||||
|  | ||||
|     def tearDown(self): | ||||
|         settings.AUTHENTICATION_BACKENDS = self.curr_auth | ||||
|  | ||||
|     def test_has_perm(self): | ||||
|         self.assertEqual(self.user1.has_perm('perm', TestObj()), False) | ||||
|         self.assertEqual(self.user1.has_perm('inactive', TestObj()), False) | ||||
|  | ||||
|     def test_has_module_perms(self): | ||||
|         self.assertEqual(self.user1.has_module_perms("app1"), False) | ||||
|         self.assertEqual(self.user1.has_module_perms("app2"), False) | ||||
|  | ||||
|   | ||||
| @@ -1831,8 +1831,6 @@ object the first time a user authenticates:: | ||||
|         ADMIN_PASSWORD = 'sha1$4e987$afbcf42e21bd417fb71db8c66b321e9fc33051de' | ||||
|         """ | ||||
|  | ||||
|         supports_inactive_user = False | ||||
|  | ||||
|         def authenticate(self, username=None, password=None): | ||||
|             login_valid = (settings.ADMIN_LOGIN == username) | ||||
|             pwd_valid = check_password(password, settings.ADMIN_PASSWORD) | ||||
| @@ -1931,15 +1929,8 @@ The support for anonymous users in the permission system allows for | ||||
| anonymous users to have permissions to do something while inactive | ||||
| authenticated users do not. | ||||
|  | ||||
| To enable this on your own backend, you must set the class attribute | ||||
| ``supports_inactive_user`` to ``True``. | ||||
|  | ||||
| A nonexisting ``supports_inactive_user`` attribute will raise a | ||||
| ``PendingDeprecationWarning`` if used in Django 1.3. In Django 1.4, this | ||||
| warning will be updated to a ``DeprecationWarning`` which will be displayed | ||||
| loudly. Additionally ``supports_inactive_user`` will be set to ``False``. | ||||
| Django 1.5 will assume that every backend supports inactive users being | ||||
| passed to the authorization methods. | ||||
| Do not forget to test for the ``is_active`` attribute of the user in your own | ||||
| backend permission methods. | ||||
|  | ||||
|  | ||||
| Handling object permissions | ||||
|   | ||||
		Reference in New Issue
	
	Block a user