Ticket #5457: backend_user_permissions.2.diff
| File backend_user_permissions.2.diff, 7.5 KB (added by , 17 years ago) |
|---|
-
django/contrib/auth/backends.py
1 from django.db import connection, models 1 2 from django.contrib.auth.models import User 2 3 3 4 class ModelBackend: … … 14 15 except User.DoesNotExist: 15 16 return None 16 17 18 def get_group_permissions(self, user_obj): 19 "Returns a list of permission strings that this user has through his/her groups." 20 if not hasattr(user_obj, '_group_perm_cache'): 21 cursor = connection.cursor() 22 # The SQL below works out to the following, after DB quoting: 23 # cursor.execute(""" 24 # SELECT ct."app_label", p."codename" 25 # FROM "auth_permission" p, "auth_group_permissions" gp, "auth_user_groups" ug, "django_content_type" ct 26 # WHERE p."id" = gp."permission_id" 27 # AND gp."group_id" = ug."group_id" 28 # AND ct."id" = p."content_type_id" 29 # AND ug."user_id" = %s, [self.id]) 30 qn = connection.ops.quote_name 31 sql = """ 32 SELECT ct.%s, p.%s 33 FROM %s p, %s gp, %s ug, %s ct 34 WHERE p.%s = gp.%s 35 AND gp.%s = ug.%s 36 AND ct.%s = p.%s 37 AND ug.%s = %%s""" % ( 38 qn('app_label'), qn('codename'), 39 qn('auth_permission'), qn('auth_group_permissions'), 40 qn('auth_user_groups'), qn('django_content_type'), 41 qn('id'), qn('permission_id'), 42 qn('group_id'), qn('group_id'), 43 qn('id'), qn('content_type_id'), 44 qn('user_id'),) 45 cursor.execute(sql, [user_obj.id]) 46 user_obj._group_perm_cache = set(["%s.%s" % (row[0], row[1]) for row in cursor.fetchall()]) 47 return user_obj._group_perm_cache 48 49 def get_all_permissions(self, user_obj): 50 if not hasattr(user_obj, '_perm_cache'): 51 user_obj._perm_cache = set([u"%s.%s" % (p.content_type.app_label, p.codename) for p in user_obj.user_permissions.select_related()]) 52 user_obj._perm_cache.update(self.get_group_permissions(user_obj)) 53 return user_obj._perm_cache 54 55 def has_perm(self, user_obj, perm): 56 return perm in self.get_all_permissions(user_obj) 57 58 def has_module_perms(self, user_obj, app_label): 59 return bool(len([p for p in self.get_all_permissions(user_obj) if p[:p.index('.')] == app_label])) 60 61 62 17 63 def get_user(self, user_id): 18 64 try: 19 65 return User.objects.get(pk=user_id) -
django/contrib/auth/models.py
1 from django.contrib.auth import get_backends 1 2 from django.core import validators 2 3 from django.core.exceptions import ImproperlyConfigured 3 4 from django.db import connection, models … … 177 178 return self.password != UNUSABLE_PASSWORD 178 179 179 180 def get_group_permissions(self): 180 "Returns a list of permission strings that this user has through his/her groups." 181 if not hasattr(self, '_group_perm_cache'): 182 cursor = connection.cursor() 183 # The SQL below works out to the following, after DB quoting: 184 # cursor.execute(""" 185 # SELECT ct."app_label", p."codename" 186 # FROM "auth_permission" p, "auth_group_permissions" gp, "auth_user_groups" ug, "django_content_type" ct 187 # WHERE p."id" = gp."permission_id" 188 # AND gp."group_id" = ug."group_id" 189 # AND ct."id" = p."content_type_id" 190 # AND ug."user_id" = %s, [self.id]) 191 qn = connection.ops.quote_name 192 sql = """ 193 SELECT ct.%s, p.%s 194 FROM %s p, %s gp, %s ug, %s ct 195 WHERE p.%s = gp.%s 196 AND gp.%s = ug.%s 197 AND ct.%s = p.%s 198 AND ug.%s = %%s""" % ( 199 qn('app_label'), qn('codename'), 200 qn('auth_permission'), qn('auth_group_permissions'), 201 qn('auth_user_groups'), qn('django_content_type'), 202 qn('id'), qn('permission_id'), 203 qn('group_id'), qn('group_id'), 204 qn('id'), qn('content_type_id'), 205 qn('user_id'),) 206 cursor.execute(sql, [self.id]) 207 self._group_perm_cache = set(["%s.%s" % (row[0], row[1]) for row in cursor.fetchall()]) 208 return self._group_perm_cache 181 """ 182 Returns a list of permission strings that this user has through his/her groups. 183 This method queries the available backends. 184 """ 185 group_permissions = set([]) 186 for backend in get_backends(): 187 # Backend does not support this method, so skip it 188 if not hasattr(backend, "get_group_permissions"): continue 189 group_permissions.update(backend.get_group_permissions(self)) 190 return group_permissions 209 191 210 192 def get_all_permissions(self): 211 if not hasattr(self, '_perm_cache'): 212 self._perm_cache = set([u"%s.%s" % (p.content_type.app_label, p.codename) for p in self.user_permissions.select_related()]) 213 self._perm_cache.update(self.get_group_permissions()) 214 return self._perm_cache 193 permissions = set([]) 194 for backend in get_backends(): 195 # Backend does not support this method, so skip it 196 if not hasattr(backend, "get_all_permissions"): continue 197 permissions.update(backend.get_all_permissions(self)) 198 return permissions 215 199 216 200 def has_perm(self, perm): 217 "Returns True if the user has the specified permission." 201 """ 202 Returns True if the user has the specified permission. 203 This method queries the available backends and stops on 204 the first "True". 205 """ 218 206 if not self.is_active: 219 207 return False 220 208 if self.is_superuser: 221 209 return True 222 return perm in self.get_all_permissions() 210 for backend in get_backends(): 211 # Backend does not support this method, so skip it 212 if not hasattr(backend, "has_perm"): continue 213 if backend.has_perm(self, perm): 214 return True 215 return False 223 216 224 217 def has_perms(self, perm_list): 225 218 "Returns True if the user has each of the specified permissions." … … 229 222 return True 230 223 231 224 def has_module_perms(self, app_label): 232 "Returns True if the user has any permissions in the given app label." 225 """ 226 Returns True if the user has any permissions in the given app label. 227 This method queries the available backends and stops on 228 the first "True". 229 """ 233 230 if not self.is_active: 234 231 return False 235 232 if self.is_superuser: 236 233 return True 237 return bool(len([p for p in self.get_all_permissions() if p[:p.index('.')] == app_label])) 234 for backend in get_backends(): 235 # Backend does not support this method, so skip it 236 if not hasattr(backend, "has_module_perms"): continue 237 if backend.has_module_perms(self, app_label): 238 return True 239 return False 238 240 239 241 def get_and_delete_messages(self): 240 242 messages = []