o 3a!@sddlmZddlmZddlmZmZmZeZGdddZ Gddde Z Gdd d e Z Gd d d e Z Gd d d e Z dS))get_user_model) Permission)ExistsOuterRefQc@sDeZdZddZddZdddZddd Zdd d Zdd d ZdS) BaseBackendcKdSN)selfrequestkwargsr r >/usr/lib/python3/dist-packages/django/contrib/auth/backends.py authenticate zBaseBackend.authenticatecCrr r )r user_idr r rget_user rzBaseBackend.get_userNcCtSr setr user_objobjr r rget_user_permissionsz BaseBackend.get_user_permissionscCrr rrr r rget_group_permissionsrz!BaseBackend.get_group_permissionscCs h|j||d|j||dSN)r)rrrr r rget_all_permissionss   zBaseBackend.get_all_permissionscCs||j||dvSr)rr rpermrr r rhas_permszBaseBackend.has_permr ) __name__ __module__ __qualname__rrrrrr r r r rrs   rcseZdZdZdddZddZddZd d Zd d Zdd dZ dddZ dfdd Z dfdd Z ddZ dddZddZZS) ModelBackendz9 Authenticates against settings.AUTH_USER_MODEL. NcKs||dur |tj}|dus|durdSztj|}Wntjy-t|YdSw||r:||r<|SdSdSr ) get UserModelUSERNAME_FIELD_default_managerget_by_natural_key DoesNotExist set_passwordcheck_passworduser_can_authenticate)r r usernamepasswordr userr r rr$s zModelBackend.authenticatecCst|dd}|p |duS)z{ Reject users with is_active=False. Custom user models that don't have that attribute are allowed. is_activeN)getattr)r r0r1r r rr-3s  z"ModelBackend.user_can_authenticatecCs |jSr )user_permissionsall)r rr r r_get_user_permissions;s z"ModelBackend._get_user_permissionscCs0tjd}d|}tjjdi||iS)Ngroupsz group__%sr )r_meta get_fieldrelated_query_namerobjectsfilter)r ruser_groups_fielduser_groups_queryr r r_get_group_permissions>s z#ModelBackend._get_group_permissionscCs|jr |js |dur tSd|}t||s;|jrtj}n t|d||}| dd }t ||dd|Dt||S)z Return the permissions of `user_obj` from `from_name`. `from_name` can be either "group" or "user" to return permissions from `_get_group_permissions` or `_get_user_permissions` respectively. Nz_%s_perm_cachez_get_%s_permissionscontent_type__app_labelcodenamecSsh|] \}}d||fqS)z%s.%sr ).0ctnamer r r Ssz0ModelBackend._get_permissions..) r1 is_anonymousrhasattr is_superuserrr:r4r2 values_listorder_bysetattr)r rr from_nameperm_cache_namepermsr r r_get_permissionsCs   zModelBackend._get_permissionscC|||dS)zs Return a set of permission strings the user `user_obj` has from their `user_permissions`. r0rNrr r rrVz!ModelBackend.get_user_permissionscCrO)zq Return a set of permission strings the user `user_obj` has from the groups they belong. grouprPrr r rr]rQz"ModelBackend.get_group_permissionscs8|jr |js |dur tSt|dst||_|jS)N _perm_cache)r1rErrFsuperrrSr __class__r rrds  z ModelBackend.get_all_permissionscs|jo tj|||dSr)r1rTr rrUr rr kszModelBackend.has_permcs"|jotfdd||DS)zU Return True if user_obj has any permissions in the given app_label. c3s&|]}|d|dkVqdS)N.)index)rAr app_labelr r rs  z0ModelBackend.has_module_perms..)r1anyr)r rrZr rYrhas_module_permsnszModelBackend.has_module_permsTc Cst|trz |d\}}Wntytdwt|ts#tdt}|dur/|jSt t ddt t ddB}t|trK|t |j dM}n|t ||d M}t tj |} |rd| t d d O} |duro| t |d M} |j| S) z Return users that have permission "perm". By default, filter out inactive users and include superusers. rWzDPermission name should be in the form app_label.permission_codename.z>The `perm` argument must be a string or a permission instance.Npk) group__user)r0r^)r@r?T)rG)r1) isinstancestrsplit ValueErrorr TypeErrorrr(nonerrr^rr:r;) r rr1include_superusersrrZr@r& permission_quser_qr r r with_permws2      zModelBackend.with_permcCs<z tjj|d}Wn tjyYdSw||r|SdS)Nr`)r&r(r%r*r-)r rr0r r rrs zModelBackend.get_user)NNr )TTN)r!r"r#__doc__rr-r5r>rNrrrr r]rjr __classcell__r r rUrr$s    $r$c@eZdZddZdS)AllowAllUsersModelBackendcCdSNTr r r0r r rr-rz/AllowAllUsersModelBackend.user_can_authenticateNr!r"r#r-r r r rrn rnc@s,eZdZdZdZddZddZddZd S) RemoteUserBackenda This backend is to be used in conjunction with the ``RemoteUserMiddleware`` found in the middleware module of this package, and is used when the server is handling authentication outside of Django. By default, the ``authenticate`` method creates ``User`` objects for usernames that don't already exist in the database. Subclasses can disable this behavior by setting the ``create_unknown_user`` attribute to ``False``. TcCs|sdSd}||}|jr%tjjditj|i\}}|r$|||}nztj|}Wn tjy7Ynw| |r?|SdS)ai The username passed as ``remote_user`` is considered trusted. Return the ``User`` object with the given username. Create a new ``User`` object if ``create_unknown_user`` is ``True``. Return None if ``create_unknown_user`` is ``False`` and a ``User`` object with the given username is not found in the database. Nr ) clean_usernamecreate_unknown_userr&r( get_or_creater'configure_userr)r*r-)r r remote_userr0r.createdr r rrs"     zRemoteUserBackend.authenticatecCs|S)z Perform any cleaning on the "username" prior to using it to get or create the user object. Return the cleaned username. By default, return the username unchanged. r )r r.r r rrusz RemoteUserBackend.clean_usernamecCs|S)z Configure a user after creation and return the updated user. By default, return the user unmodified. r )r r r0r r rrxsz RemoteUserBackend.configure_userN)r!r"r#rkrvrrurxr r r rrts   rtc@rm)AllowAllUsersRemoteUserBackendcCrorpr rqr r rr-rz4AllowAllUsersRemoteUserBackend.user_can_authenticateNrrr r r rr{rsr{N)django.contrib.authrdjango.contrib.auth.modelsrdjango.db.modelsrrrr&rr$rnrtr{r r r rs ?