Ticket #2550: ticket2550c.diff

File ticket2550c.diff, 4.3 KB (added by danielr, 3 years ago)

Update patch to apply against 1.4

  • docs/topics/auth.txt

     
    17861786    you need to force users to re-authenticate using different methods. A simple
    17871787    way to do that is simply to execute ``Session.objects.all().delete()``.
    17881788
     1789.. versionadded:: 1.4
     1790
     1791If a backend raises a :class:`~django.core.exceptions.PermissionDenied`
     1792exception, authentication will immediately fail. Django won't check the backends that follow.
     1793
     1794
    17891795Writing an authentication backend
    17901796---------------------------------
    17911797
  • django/contrib/auth/__init__.py

     
    11from warnings import warn
    2 from django.core.exceptions import ImproperlyConfigured
     2from django.core.exceptions import ImproperlyConfigured, PermissionDenied
    33from django.utils.importlib import import_module
    44from django.contrib.auth.signals import user_logged_in, user_logged_out
    55
     
    4646        except TypeError:
    4747            # This backend doesn't accept these credentials as arguments. Try the next one.
    4848            continue
     49        except PermissionDenied:
     50            # This backend says to stop in our tracks - this user should not be allowed in at all.
     51            return None
    4952        if user is None:
    5053            continue
    5154        # Annotate the user object with the path of the backend.
  • django/contrib/auth/tests/auth_backends.py

     
    11from django.conf import settings
    22from django.contrib.auth.models import User, Group, Permission, AnonymousUser
    33from django.contrib.contenttypes.models import ContentType
    4 from django.core.exceptions import ImproperlyConfigured
     4from django.core.exceptions import ImproperlyConfigured, PermissionDenied
     5from django.contrib.auth import authenticate
    56from django.test import TestCase
    67
    78
     
    306307        self.assertEqual(self.user1.has_module_perms("app1"), False)
    307308        self.assertEqual(self.user1.has_module_perms("app2"), False)
    308309
     310class PermissionDeniedBackend(object):
     311    """
     312    Always raises PermissionDenied.
     313    """
     314    supports_object_permissions = True
     315    supports_anonymous_user = True
     316    supports_inactive_user = True
     317
     318    def authenticate(self, username=None, password=None):
     319        raise PermissionDenied
     320
     321
     322class PermissionDeniedBackendTest(TestCase):
     323    """
     324    Tests that other backends are not checked once a backend raises PermissionDenied
     325    """
     326    backend = 'django.contrib.auth.tests.auth_backends.PermissionDeniedBackend'
     327
     328    def setUp(self):
     329        self.curr_auth = settings.AUTHENTICATION_BACKENDS
     330        self.user1 = User.objects.create_user('test', 'test@example.com', 'test')
     331        self.user1.save()
     332
     333    def tearDown(self):
     334        settings.AUTHENTICATION_BACKENDS = self.curr_auth
     335
     336    def test_permission_denied(self):
     337        "user is not authenticated after a backend raises permission denied #2550"
     338        settings.AUTHENTICATION_BACKENDS = (self.backend,) + tuple(self.curr_auth)
     339        self.assertEqual(authenticate(username='test', password='test'), None)
     340
     341    def test_authenticates(self):
     342        settings.AUTHENTICATION_BACKENDS = tuple(self.curr_auth) + (self.backend,)
     343        self.assertEqual(authenticate(username='test', password='test'), self.user1)
  • django/contrib/auth/tests/__init__.py

     
    11from django.contrib.auth.tests.auth_backends import (BackendTest,
    22    RowlevelBackendTest, AnonymousUserBackendTest, NoBackendsTest,
    3     InActiveUserBackendTest, NoInActiveUserBackendTest)
     3    InActiveUserBackendTest, NoInActiveUserBackendTest, PermissionDeniedBackendTest)
    44from django.contrib.auth.tests.basic import BasicTestCase
    55from django.contrib.auth.tests.context_processors import AuthContextProcessorTests
    66from django.contrib.auth.tests.decorators import LoginRequiredTestCase
Back to Top