v^#@sddlZddlZddlmZddlmZddlmZmZm Z ddl m Z eZ GdddZ Gdd d e ZGd d d eZGd d d eZGdddeZdS)N)get_user_model) Permission)ExistsOuterRefQ)RemovedInDjango31Warningc@sdeZdZddZddZdddZddd Zdd d Zdd d ZdS) BaseBackendcKsdS)N)selfrequestkwargsr r >/tmp/pip-build-8lau8j11/django/django/contrib/auth/backends.py authenticate szBaseBackend.authenticatecCsdS)Nr )r user_idr r r get_userszBaseBackend.get_userNcCstS)N)set)r user_objobjr r r get_user_permissionssz BaseBackend.get_user_permissionscCstS)N)r)r rrr r r get_group_permissionssz!BaseBackend.get_group_permissionscCs(|j|d||j|d|S)Nr)rr)r rrr r r get_all_permissionsszBaseBackend.get_all_permissionscCs||j|d|kS)Nr)r)r rpermrr r r has_permszBaseBackend.has_perm) __name__ __module__ __qualname__rrrrrrr r r r r s   rcseZdZdZddddZddZddZd d Zd d Zdd dZ dddZ dfddZ dfddZ ddZ dddddZddZS) ModelBackendz9 Authenticates against settings.AUTH_USER_MODEL. Nc Ks|dkr|jtj}|dks6|dkr:dSytjj|}Wn%tjk rwtj|Yn#X|j|r|j|r|SdS)N) get UserModelUSERNAME_FIELD_default_managerget_by_natural_key DoesNotExistZ set_passwordZcheck_passworduser_can_authenticate)r r usernamepasswordr userr r r r(s zModelBackend.authenticatecCs"t|dd}|p!|dkS)z{ Reject users with is_active=False. Custom user models that don't have that attribute are allowed. is_activeN)getattr)r r&r'r r r r#7sz"ModelBackend.user_can_authenticatecCs |jjS)N)Zuser_permissionsall)r rr r r _get_user_permissions?sz"ModelBackend._get_user_permissionscCs;tjjd}d|j}tjj||iS)Ngroupsz group__%s)rZ_meta get_fieldZrelated_query_namerobjectsfilter)r rZuser_groups_fieldZuser_groups_queryr r r _get_group_permissionsBsz#ModelBackend._get_group_permissionscCs|j s|js|dk r&tSd|}t||s|jrZtjj}nt|d||}|j ddj }t ||dd|Dt||S)z Return the permissions of `user_obj` from `from_name`. `from_name` can be either "group" or "user" to return permissions from `_get_group_permissions` or `_get_user_permissions` respectively. Nz_%s_perm_cachez_get_%s_permissionscontent_type__app_labelcodenamecSs&h|]\}}d||fqS)z%s.%sr ).0ctnamer r r Ws z0ModelBackend._get_permissions..) r' is_anonymousrhasattr is_superuserrr-r)r(Z values_listZorder_bysetattr)r rr from_nameZperm_cache_nameZpermsr r r _get_permissionsGs  zModelBackend._get_permissionscCs|j||dS)zs Return a set of permission strings the user `user_obj` has from their `user_permissions`. r&)r;)r rrr r r rZsz!ModelBackend.get_user_permissionscCs|j||dS)zq Return a set of permission strings the user `user_obj` has from the groups they belong. group)r;)r rrr r r rasz"ModelBackend.get_group_permissionscsQ|j s|js|dk r&tSt|dsJtj||_|jS)N _perm_cache)r'r6rr7superrr=)r rr) __class__r r rhs z ModelBackend.get_all_permissionscs"|jo!tj||d|S)Nr)r'r>r)r rrr)r?r r roszModelBackend.has_permcs/|jo.tfdd|j|DS)zU Return True if user_obj has any permissions in the given app_label. c3s.|]$}|d|jdkVqdS)N.)index)r2r) app_labelr r wsz0ModelBackend.has_module_perms..)r'anyr)r rrBr )rBr has_module_permsrs zModelBackend.has_module_permsTc CsRt|trLy|jd\}}Wqgtk rHtdYqgXnt|tsgtdt}|dk r|jjSt dt dt dt dB}t|tr|t d|j M}n|t d|d |M}t tj j|} |r#| t d d O} |dk rB| t d |M} |jj| S) z Return users that have permission "perm". By default, filter out inactive users and include superusers. r@zDPermission name should be in the form app_label.permission_codename.z>The `perm` argument must be a string or a permission instance.NZ group__userpkr&r1r0r8Tr') isinstancestrsplit ValueErrorr TypeErrorrr nonerrrFrr-r.) r rr'Zinclude_superusersrrBr1rZ permission_qZuser_qr r r with_perm{s,     ( zModelBackend.with_permc CsLytjjd|}Wntjk r4dSYnX|j|rH|SdS)NrF)rr rr"r#)r rr&r r r rs  zModelBackend.get_user)rrr__doc__rr#r*r/r;rrrrrErMrr r )r?r r#s      $rc@seZdZddZdS)AllowAllUsersModelBackendcCsdS)NTr )r r&r r r r#sz/AllowAllUsersModelBackend.user_can_authenticateN)rrrr#r r r r rOs rOc@s@eZdZdZdZddZddZddZd S) RemoteUserBackenda This backend is to be used in conjunction with the ``RemoteUserMiddleware`` found in the middleware module of this package, and is used when the server is handling authentication outside of Django. By default, the ``authenticate`` method creates ``User`` objects for usernames that don't already exist in the database. Subclasses can disable this behavior by setting the ``create_unknown_user`` attribute to ``False``. Tc Cs|s dSd}|j|}|jrtjjtj|i\}}|r||f}ytj|j||Wn5t k r|f}t j d|j j tYnX|j|}n.ytjj|}Wntjk rYnX|j|r|SdS)ai The username passed as ``remote_user`` is considered trusted. Return the ``User`` object with the given username. Create a new ``User`` object if ``create_unknown_user`` is ``True``. Return None if ``create_unknown_user`` is ``False`` and a ``User`` object with the given username is not found in the database. NzEUpdate %s.configure_user() to accept `request` as the first argument.)clean_usernamecreate_unknown_userrr Z get_or_createrinspectZ getcallargsconfigure_userrKwarningswarnr?rrr!r"r#)r r Z remote_userr&r$createdargsr r r rs,      zRemoteUserBackend.authenticatecCs|S)z Perform any cleaning on the "username" prior to using it to get or create the user object. Return the cleaned username. By default, return the username unchanged. r )r r$r r r rQsz RemoteUserBackend.clean_usernamecCs|S)z Configure a user after creation and return the updated user. By default, return the user unmodified. r )r r r&r r r rTsz RemoteUserBackend.configure_userN)rrrrNrRrrQrTr r r r rPs  ( rPc@seZdZddZdS)AllowAllUsersRemoteUserBackendcCsdS)NTr )r r&r r r r#sz4AllowAllUsersRemoteUserBackend.user_can_authenticateN)rrrr#r r r r rYs rY)rSrUZdjango.contrib.authrZdjango.contrib.auth.modelsrZdjango.db.modelsrrrZdjango.utils.deprecationrrrrrOrPrYr r r r s   I