Django

Code

Changeset 3885

Show
Ignore:
Timestamp:
09/29/06 20:21:03 (2 years ago)
Author:
russellm
Message:

Clarified documentation to indicate that authenticating a user doesn't imply that they are active. Reinforced the fact that has_perm only returns true if user is active, and fixed a minor bug to that effect.

Files:

Legend:

Unmodified
Added
Removed
Modified
Copied
Moved

  • django/trunk/AUTHORS

    r3872 r3885  
    7676    Andy Dustman <farcepest@gmail.com> 
    7777    Clint Ecker 
     78    Enrico <rico.bl@gmail.com> 
    7879    favo@exoweb.net 
    7980    gandalf@owca.info 

  • django/trunk/django/contrib/auth/models.py

    r3681 r3885  
    217217    def has_module_perms(self, app_label): 
    218218        "Returns True if the user has any permissions in the given app label." 
     219        if not self.is_active: 
     220            return False 
    219221        if self.is_superuser: 
    220222            return True 

  • django/trunk/docs/authentication.txt

    r3884 r3885  
    100100 
    101101    * ``is_authenticated()`` -- Always returns ``True``. This is a way to 
    102       tell if the user has been authenticated. 
     102      tell if the user has been authenticated. This does not imply any  
     103      permissions, and doesn't check if the user is active - it only indicates 
     104      that the user has provided a valid username and password. 
    103105 
    104106    * ``get_full_name()`` -- Returns the ``first_name`` plus the ``last_name``, 
     
    121123    * ``has_perm(perm)`` -- Returns ``True`` if the user has the specified 
    122124      permission, where perm is in the format ``"package.codename"``. 
     125      If the user is inactive, this method will always return ``False``. 
    123126 
    124127    * ``has_perms(perm_list)`` -- Returns ``True`` if the user has each of the 
    125128      specified permissions, where each perm is in the format 
    126       ``"package.codename"``. 
     129      ``"package.codename"``. If the user is inactive, this method will  
     130      always return ``False``. 
    127131 
    128132    * ``has_module_perms(package_name)`` -- Returns ``True`` if the user has 
    129133      any permissions in the given package (the Django app label). 
     134      If the user is inactive, this method will always return ``False``. 
    130135 
    131136    * ``get_and_delete_messages()`` -- Returns a list of ``Message`` objects in 
     
    284289    user = authenticate(username='john', password='secret') 
    285290    if user is not None: 
    286         print "You provided a correct username and password!" 
     291        if user.is_active: 
     292            print "You provided a correct username and password!" 
     293        else: 
     294            print "Your account has been disabled!" 
    287295    else: 
    288296        print "Your username and password were incorrect." 
     
    302310        user = authenticate(username=username, password=password) 
    303311        if user is not None: 
    304             login(request, user) 
    305             # Redirect to a success page. 
     312            if user.is_active: 
     313                login(request, user) 
     314                # Redirect to a success page. 
     315            else: 
     316                # Return a 'disabled account' error message 
    306317        else: 
    307             # Return an error message. 
     318            # Return a 'invalid login' error message. 
    308319 
    309320How to log a user out