commit 40569f2b131078de810deb85222c6b65f8c69335
Author: Claude Paroz <claude@2xlibre.net>
Date: Fri Mar 30 23:16:43 2012 +0200
Remove deprecated supports_inactive_user
diff --git a/django/contrib/auth/__init__.py b/django/contrib/auth/__init__.py
index 3495e16..dd816ce 100644
a
|
b
|
|
1 | | from warnings import warn |
2 | 1 | from django.core.exceptions import ImproperlyConfigured |
3 | 2 | from django.utils.importlib import import_module |
4 | 3 | from django.contrib.auth.signals import user_logged_in, user_logged_out |
… |
… |
def load_backend(path):
|
20 | 19 | cls = getattr(mod, attr) |
21 | 20 | except AttributeError: |
22 | 21 | raise ImproperlyConfigured('Module "%s" does not define a "%s" authentication backend' % (module, attr)) |
23 | | |
24 | | if not hasattr(cls, 'supports_inactive_user'): |
25 | | warn("Authentication backends without a `supports_inactive_user` attribute are deprecated. Please define it in %s." % cls, |
26 | | DeprecationWarning) |
27 | | cls.supports_inactive_user = False |
28 | 22 | return cls() |
29 | 23 | |
30 | 24 | def get_backends(): |
diff --git a/django/contrib/auth/backends.py b/django/contrib/auth/backends.py
index 56cdb42..04fbef4 100644
a
|
b
|
class ModelBackend(object):
|
5 | 5 | """ |
6 | 6 | Authenticates against django.contrib.auth.models.User. |
7 | 7 | """ |
8 | | supports_inactive_user = True |
9 | 8 | |
10 | 9 | # TODO: Model, login attribute name and password attribute name should be |
11 | 10 | # configurable. |
diff --git a/django/contrib/auth/models.py b/django/contrib/auth/models.py
index 4e15849..042420a 100644
a
|
b
|
def _user_has_perm(user, perm, obj):
|
200 | 200 | anon = user.is_anonymous() |
201 | 201 | active = user.is_active |
202 | 202 | for backend in auth.get_backends(): |
203 | | if anon or active or backend.supports_inactive_user: |
204 | | if hasattr(backend, "has_perm"): |
205 | | if obj is not None: |
206 | | if backend.has_perm(user, perm, obj): |
207 | | return True |
208 | | else: |
209 | | if backend.has_perm(user, perm): |
210 | | return True |
| 203 | if hasattr(backend, "has_perm"): |
| 204 | if obj is not None: |
| 205 | if backend.has_perm(user, perm, obj): |
| 206 | return True |
| 207 | else: |
| 208 | if backend.has_perm(user, perm): |
| 209 | return True |
211 | 210 | return False |
212 | 211 | |
213 | 212 | |
… |
… |
def _user_has_module_perms(user, app_label):
|
215 | 214 | anon = user.is_anonymous() |
216 | 215 | active = user.is_active |
217 | 216 | for backend in auth.get_backends(): |
218 | | if anon or active or backend.supports_inactive_user: |
219 | | if hasattr(backend, "has_module_perms"): |
220 | | if backend.has_module_perms(user, app_label): |
221 | | return True |
| 217 | if hasattr(backend, "has_module_perms"): |
| 218 | if backend.has_module_perms(user, app_label): |
| 219 | return True |
222 | 220 | return False |
223 | 221 | |
224 | 222 | |
diff --git a/django/contrib/auth/tests/__init__.py b/django/contrib/auth/tests/__init__.py
index cc61977..16eaa5c 100644
a
|
b
|
|
1 | 1 | from django.contrib.auth.tests.auth_backends import (BackendTest, |
2 | 2 | RowlevelBackendTest, AnonymousUserBackendTest, NoBackendsTest, |
3 | | InActiveUserBackendTest, NoInActiveUserBackendTest) |
| 3 | InActiveUserBackendTest) |
4 | 4 | from django.contrib.auth.tests.basic import BasicTestCase |
5 | 5 | from django.contrib.auth.tests.context_processors import AuthContextProcessorTests |
6 | 6 | from django.contrib.auth.tests.decorators import LoginRequiredTestCase |
diff --git a/django/contrib/auth/tests/auth_backends.py b/django/contrib/auth/tests/auth_backends.py
index 2c6e395..7b38acf 100644
a
|
b
|
class TestObj(object):
|
104 | 104 | |
105 | 105 | |
106 | 106 | class SimpleRowlevelBackend(object): |
107 | | supports_inactive_user = False |
108 | | |
109 | | # This class also supports tests for anonymous user permissions, and |
110 | | # inactive user permissions via subclasses which just set the |
111 | | # 'supports_anonymous_user' or 'supports_inactive_user' attribute. |
112 | | |
113 | 107 | def has_perm(self, user, perm, obj=None): |
114 | 108 | if not obj: |
115 | 109 | return # We only support row level perms |
… |
… |
class RowlevelBackendTest(TestCase):
|
196 | 190 | self.assertEqual(self.user3.get_group_permissions(TestObj()), set(['group_perm'])) |
197 | 191 | |
198 | 192 | |
199 | | class AnonymousUserBackend(SimpleRowlevelBackend): |
200 | | supports_inactive_user = False |
201 | | |
202 | | |
203 | 193 | class AnonymousUserBackendTest(TestCase): |
204 | 194 | """ |
205 | 195 | Tests for AnonymousUser delegating to backend. |
206 | 196 | """ |
207 | 197 | |
208 | | backend = 'django.contrib.auth.tests.auth_backends.AnonymousUserBackend' |
| 198 | backend = 'django.contrib.auth.tests.auth_backends.SimpleRowlevelBackend' |
209 | 199 | |
210 | 200 | def setUp(self): |
211 | 201 | self.curr_auth = settings.AUTHENTICATION_BACKENDS |
… |
… |
class NoBackendsTest(TestCase):
|
243 | 233 | self.assertRaises(ImproperlyConfigured, self.user.has_perm, ('perm', TestObj(),)) |
244 | 234 | |
245 | 235 | |
246 | | class InActiveUserBackend(SimpleRowlevelBackend): |
247 | | supports_inactive_user = True |
248 | | |
249 | | |
250 | | class NoInActiveUserBackend(SimpleRowlevelBackend): |
251 | | supports_inactive_user = False |
252 | | |
253 | | |
254 | 236 | class InActiveUserBackendTest(TestCase): |
255 | 237 | """ |
256 | | Tests for a inactive user delegating to backend if it has 'supports_inactive_user' = True |
| 238 | Tests for a inactive user |
257 | 239 | """ |
258 | | |
259 | | backend = 'django.contrib.auth.tests.auth_backends.InActiveUserBackend' |
| 240 | backend = 'django.contrib.auth.tests.auth_backends.SimpleRowlevelBackend' |
260 | 241 | |
261 | 242 | def setUp(self): |
262 | 243 | self.curr_auth = settings.AUTHENTICATION_BACKENDS |
… |
… |
class InActiveUserBackendTest(TestCase):
|
275 | 256 | def test_has_module_perms(self): |
276 | 257 | self.assertEqual(self.user1.has_module_perms("app1"), False) |
277 | 258 | self.assertEqual(self.user1.has_module_perms("app2"), False) |
278 | | |
279 | | |
280 | | class NoInActiveUserBackendTest(TestCase): |
281 | | """ |
282 | | Tests that an inactive user does not delegate to backend if it has 'supports_inactive_user' = False |
283 | | """ |
284 | | backend = 'django.contrib.auth.tests.auth_backends.NoInActiveUserBackend' |
285 | | |
286 | | def setUp(self): |
287 | | self.curr_auth = settings.AUTHENTICATION_BACKENDS |
288 | | settings.AUTHENTICATION_BACKENDS = tuple(self.curr_auth) + (self.backend,) |
289 | | self.user1 = User.objects.create_user('test', 'test@example.com', 'test') |
290 | | self.user1.is_active = False |
291 | | self.user1.save() |
292 | | |
293 | | def tearDown(self): |
294 | | settings.AUTHENTICATION_BACKENDS = self.curr_auth |
295 | | |
296 | | def test_has_perm(self): |
297 | | self.assertEqual(self.user1.has_perm('perm', TestObj()), False) |
298 | | self.assertEqual(self.user1.has_perm('inactive', TestObj()), False) |
299 | | |
300 | | def test_has_module_perms(self): |
301 | | self.assertEqual(self.user1.has_module_perms("app1"), False) |
302 | | self.assertEqual(self.user1.has_module_perms("app2"), False) |
303 | | |
diff --git a/docs/topics/auth.txt b/docs/topics/auth.txt
index 18f8947..8690b83 100644
a
|
b
|
object the first time a user authenticates::
|
1831 | 1831 | ADMIN_PASSWORD = 'sha1$4e987$afbcf42e21bd417fb71db8c66b321e9fc33051de' |
1832 | 1832 | """ |
1833 | 1833 | |
1834 | | supports_inactive_user = False |
1835 | | |
1836 | 1834 | def authenticate(self, username=None, password=None): |
1837 | 1835 | login_valid = (settings.ADMIN_LOGIN == username) |
1838 | 1836 | pwd_valid = check_password(password, settings.ADMIN_PASSWORD) |
… |
… |
The support for anonymous users in the permission system allows for
|
1931 | 1929 | anonymous users to have permissions to do something while inactive |
1932 | 1930 | authenticated users do not. |
1933 | 1931 | |
1934 | | To enable this on your own backend, you must set the class attribute |
1935 | | ``supports_inactive_user`` to ``True``. |
1936 | | |
1937 | | A nonexisting ``supports_inactive_user`` attribute will raise a |
1938 | | ``PendingDeprecationWarning`` if used in Django 1.3. In Django 1.4, this |
1939 | | warning will be updated to a ``DeprecationWarning`` which will be displayed |
1940 | | loudly. Additionally ``supports_inactive_user`` will be set to ``False``. |
1941 | | Django 1.5 will assume that every backend supports inactive users being |
1942 | | passed to the authorization methods. |
| 1932 | Do not forget to test for the ``is_active`` attribute of the user in your own |
| 1933 | backend permission methods. |
1943 | 1934 | |
1944 | 1935 | |
1945 | 1936 | Handling object permissions |