Ticket #12557: anonymous_permissions.diff

File anonymous_permissions.diff, 2.5 KB (added by hvdklauw, 5 years ago)
  • django/contrib/auth/backends.py

     
    2828        Returns a set of permission strings that this user has through his/her
    2929        groups.
    3030        """
     31        if user_obj.is_anonymous():
     32            return set([])
    3133        if not hasattr(user_obj, '_group_perm_cache'):
    3234            cursor = connection.cursor()
    3335            # The SQL below works out to the following, after DB quoting:
     
    5860        return user_obj._group_perm_cache
    5961
    6062    def get_all_permissions(self, user_obj):
     63        if user_obj.is_anonymous():
     64            return set([])
    6165        if not hasattr(user_obj, '_perm_cache'):
    6266            user_obj._perm_cache = set([u"%s.%s" % (p.content_type.app_label, p.codename) for p in user_obj.user_permissions.select_related()])
    6367            user_obj._perm_cache.update(self.get_group_permissions(user_obj))
  • django/contrib/auth/models.py

     
    397397    user_permissions = property(_get_user_permissions)
    398398
    399399    def has_perm(self, perm, obj=None):
     400        for backend in auth.get_backends():
     401            if hasattr(backend, "has_perm"):
     402                if obj is not None:
     403                    if (backend.supports_object_permissions and
     404                        backend.has_perm(self, perm, obj)):
     405                            return True
     406                else:
     407                    if backend.has_perm(self, perm):
     408                        return True
    400409        return False
    401410
    402411    def has_perms(self, perm_list, obj=None):
    403         return False
     412        """
     413        Returns True if the user has each of the specified permissions.
     414        If object is passed, it checks if the user has all required perms
     415        for this object.
     416        """
     417        for perm in perm_list:
     418            if not self.has_perm(perm, obj):
     419                return False
     420        return True
    404421
    405     def has_module_perms(self, module):
     422    def has_module_perms(self, app_label):
     423        for backend in auth.get_backends():
     424            if hasattr(backend, "has_module_perms"):
     425                if backend.has_module_perms(self, app_label):
     426                    return True
    406427        return False
    407428
    408429    def get_and_delete_messages(self):
Back to Top