Author: claudep
Date: 2012-04-26 10:15:40 -0700 (Thu, 26 Apr 2012)
New Revision: 17938
Modified:
django/trunk/django/contrib/auth/__init__.py
django/trunk/django/contrib/auth/backends.py
django/trunk/django/contrib/auth/models.py
django/trunk/django/contrib/auth/tests/__init__.py
django/trunk/django/contrib/auth/tests/auth_backends.py
django/trunk/docs/topics/auth.txt
Log:
Fixed #18038 -- Removed the 'supports_inactive_user' backwards-compatibility
flag. Thanks Aymeric Augustin for the initial patch and Ramiro Morales for the
review.
Modified: django/trunk/django/contrib/auth/__init__.py
===================================================================
--- django/trunk/django/contrib/auth/__init__.py 2012-04-25 19:17:47 UTC
(rev 17937)
+++ django/trunk/django/contrib/auth/__init__.py 2012-04-26 17:15:40 UTC
(rev 17938)
@@ -1,4 +1,3 @@
-from warnings import warn
from django.core.exceptions import ImproperlyConfigured
from django.utils.importlib import import_module
from django.contrib.auth.signals import user_logged_in, user_logged_out
@@ -20,11 +19,6 @@
cls = getattr(mod, attr)
except AttributeError:
raise ImproperlyConfigured('Module "%s" does not define a "%s"
authentication backend' % (module, attr))
-
- if not hasattr(cls, 'supports_inactive_user'):
- warn("Authentication backends without a `supports_inactive_user`
attribute are deprecated. Please define it in %s." % cls,
- DeprecationWarning)
- cls.supports_inactive_user = False
return cls()
def get_backends():
Modified: django/trunk/django/contrib/auth/backends.py
===================================================================
--- django/trunk/django/contrib/auth/backends.py 2012-04-25 19:17:47 UTC
(rev 17937)
+++ django/trunk/django/contrib/auth/backends.py 2012-04-26 17:15:40 UTC
(rev 17938)
@@ -5,7 +5,6 @@
"""
Authenticates against django.contrib.auth.models.User.
"""
- supports_inactive_user = True
# TODO: Model, login attribute name and password attribute name should be
# configurable.
Modified: django/trunk/django/contrib/auth/models.py
===================================================================
--- django/trunk/django/contrib/auth/models.py 2012-04-25 19:17:47 UTC (rev
17937)
+++ django/trunk/django/contrib/auth/models.py 2012-04-26 17:15:40 UTC (rev
17938)
@@ -200,14 +200,13 @@
anon = user.is_anonymous()
active = user.is_active
for backend in auth.get_backends():
- if anon or active or backend.supports_inactive_user:
- if hasattr(backend, "has_perm"):
- if obj is not None:
- if backend.has_perm(user, perm, obj):
- return True
- else:
- if backend.has_perm(user, perm):
- return True
+ if hasattr(backend, "has_perm"):
+ if obj is not None:
+ if backend.has_perm(user, perm, obj):
+ return True
+ else:
+ if backend.has_perm(user, perm):
+ return True
return False
@@ -215,10 +214,9 @@
anon = user.is_anonymous()
active = user.is_active
for backend in auth.get_backends():
- if anon or active or backend.supports_inactive_user:
- if hasattr(backend, "has_module_perms"):
- if backend.has_module_perms(user, app_label):
- return True
+ if hasattr(backend, "has_module_perms"):
+ if backend.has_module_perms(user, app_label):
+ return True
return False
Modified: django/trunk/django/contrib/auth/tests/__init__.py
===================================================================
--- django/trunk/django/contrib/auth/tests/__init__.py 2012-04-25 19:17:47 UTC
(rev 17937)
+++ django/trunk/django/contrib/auth/tests/__init__.py 2012-04-26 17:15:40 UTC
(rev 17938)
@@ -1,6 +1,6 @@
from django.contrib.auth.tests.auth_backends import (BackendTest,
RowlevelBackendTest, AnonymousUserBackendTest, NoBackendsTest,
- InActiveUserBackendTest, NoInActiveUserBackendTest)
+ InActiveUserBackendTest)
from django.contrib.auth.tests.basic import BasicTestCase
from django.contrib.auth.tests.context_processors import
AuthContextProcessorTests
from django.contrib.auth.tests.decorators import LoginRequiredTestCase
Modified: django/trunk/django/contrib/auth/tests/auth_backends.py
===================================================================
--- django/trunk/django/contrib/auth/tests/auth_backends.py 2012-04-25
19:17:47 UTC (rev 17937)
+++ django/trunk/django/contrib/auth/tests/auth_backends.py 2012-04-26
17:15:40 UTC (rev 17938)
@@ -104,12 +104,6 @@
class SimpleRowlevelBackend(object):
- supports_inactive_user = False
-
- # This class also supports tests for anonymous user permissions, and
- # inactive user permissions via subclasses which just set the
- # 'supports_anonymous_user' or 'supports_inactive_user' attribute.
-
def has_perm(self, user, perm, obj=None):
if not obj:
return # We only support row level perms
@@ -196,16 +190,12 @@
self.assertEqual(self.user3.get_group_permissions(TestObj()),
set(['group_perm']))
-class AnonymousUserBackend(SimpleRowlevelBackend):
- supports_inactive_user = False
-
-
class AnonymousUserBackendTest(TestCase):
"""
Tests for AnonymousUser delegating to backend.
"""
- backend = 'django.contrib.auth.tests.auth_backends.AnonymousUserBackend'
+ backend = 'django.contrib.auth.tests.auth_backends.SimpleRowlevelBackend'
def setUp(self):
self.curr_auth = settings.AUTHENTICATION_BACKENDS
@@ -243,21 +233,12 @@
self.assertRaises(ImproperlyConfigured, self.user.has_perm, ('perm',
TestObj(),))
-class InActiveUserBackend(SimpleRowlevelBackend):
- supports_inactive_user = True
-
-
-class NoInActiveUserBackend(SimpleRowlevelBackend):
- supports_inactive_user = False
-
-
class InActiveUserBackendTest(TestCase):
"""
- Tests for a inactive user delegating to backend if it has
'supports_inactive_user' = True
+ Tests for a inactive user
"""
+ backend = 'django.contrib.auth.tests.auth_backends.SimpleRowlevelBackend'
- backend = 'django.contrib.auth.tests.auth_backends.InActiveUserBackend'
-
def setUp(self):
self.curr_auth = settings.AUTHENTICATION_BACKENDS
settings.AUTHENTICATION_BACKENDS = (self.backend,)
@@ -275,29 +256,3 @@
def test_has_module_perms(self):
self.assertEqual(self.user1.has_module_perms("app1"), False)
self.assertEqual(self.user1.has_module_perms("app2"), False)
-
-
-class NoInActiveUserBackendTest(TestCase):
- """
- Tests that an inactive user does not delegate to backend if it has
'supports_inactive_user' = False
- """
- backend = 'django.contrib.auth.tests.auth_backends.NoInActiveUserBackend'
-
- def setUp(self):
- self.curr_auth = settings.AUTHENTICATION_BACKENDS
- settings.AUTHENTICATION_BACKENDS = tuple(self.curr_auth) +
(self.backend,)
- self.user1 = User.objects.create_user('test', '[email protected]',
'test')
- self.user1.is_active = False
- self.user1.save()
-
- def tearDown(self):
- settings.AUTHENTICATION_BACKENDS = self.curr_auth
-
- def test_has_perm(self):
- self.assertEqual(self.user1.has_perm('perm', TestObj()), False)
- self.assertEqual(self.user1.has_perm('inactive', TestObj()), False)
-
- def test_has_module_perms(self):
- self.assertEqual(self.user1.has_module_perms("app1"), False)
- self.assertEqual(self.user1.has_module_perms("app2"), False)
-
Modified: django/trunk/docs/topics/auth.txt
===================================================================
--- django/trunk/docs/topics/auth.txt 2012-04-25 19:17:47 UTC (rev 17937)
+++ django/trunk/docs/topics/auth.txt 2012-04-26 17:15:40 UTC (rev 17938)
@@ -1831,8 +1831,6 @@
ADMIN_PASSWORD = 'sha1$4e987$afbcf42e21bd417fb71db8c66b321e9fc33051de'
"""
- supports_inactive_user = False
-
def authenticate(self, username=None, password=None):
login_valid = (settings.ADMIN_LOGIN == username)
pwd_valid = check_password(password, settings.ADMIN_PASSWORD)
@@ -1931,17 +1929,10 @@
anonymous users to have permissions to do something while inactive
authenticated users do not.
-To enable this on your own backend, you must set the class attribute
-``supports_inactive_user`` to ``True``.
+Do not forget to test for the ``is_active`` attribute of the user in your own
+backend permission methods.
-A nonexisting ``supports_inactive_user`` attribute will raise a
-``PendingDeprecationWarning`` if used in Django 1.3. In Django 1.4, this
-warning will be updated to a ``DeprecationWarning`` which will be displayed
-loudly. Additionally ``supports_inactive_user`` will be set to ``False``.
-Django 1.5 will assume that every backend supports inactive users being
-passed to the authorization methods.
-
Handling object permissions
---------------------------
--
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/django-updates?hl=en.
