U [+d4$@sddlZddlmZddlmZddlmZmZmZddl m Z ddl m Z eZ GdddZGd d d eZGd d d eZGd ddeZGdddeZdS)N)get_user_model) Permission)ExistsOuterRefQ)RemovedInDjango50Warning)func_supports_parameterc@sDeZdZddZddZdddZddd Zdd d Zdd d ZdS) BaseBackendcKsdSN)selfrequestkwargsr r @/tmp/pip-unpacked-wheel-n7e__lmp/django/contrib/auth/backends.py authenticate szBaseBackend.authenticatecCsdSr r )r user_idr r rget_userszBaseBackend.get_userNcCstSr setr user_objobjr r rget_user_permissionssz BaseBackend.get_user_permissionscCstSr rrr r rget_group_permissionssz!BaseBackend.get_group_permissionscCs|j||d|j||dSN)r)rrrr r rget_all_permissionss  zBaseBackend.get_all_permissionscCs||j||dkSr)rr rpermrr r rhas_permszBaseBackend.has_perm)N)N)N)N) __name__ __module__ __qualname__rrrrrrr r r rr s    r cseZdZdZdddZddZddZd d Zd d Zdd dZ dddZ dfdd Z d fdd Z ddZ d!ddZddZZS)" ModelBackendz9 Authenticates against settings.AUTH_USER_MODEL. NcKsx|dkr|tj}|dks$|dkr(dSztj|}Wn"tjk rZt|YnX||rt||rt|SdSr ) get UserModelUSERNAME_FIELD_default_managerget_by_natural_key DoesNotExist set_passwordZcheck_passworduser_can_authenticate)r r usernamepasswordruserr r rr(s zModelBackend.authenticatecCst|dd}|p|dkS)z{ Reject users with is_active=False. Custom user models that don't have that attribute are allowed. is_activeN)getattr)r r-r.r r rr*7s z"ModelBackend.user_can_authenticatecCs |jSr )Zuser_permissionsall)r rr r r_get_user_permissions?sz"ModelBackend._get_user_permissionscCs,tjd}d|}tjjf||iS)Ngroupsz group__%s)rZ_meta get_fieldZrelated_query_namerobjectsfilter)r rZuser_groups_fieldZuser_groups_queryr r r_get_group_permissionsBs z#ModelBackend._get_group_permissionscCs|jr|js|dk rtSd|}t||sv|jr>tj}nt|d||}| dd }t ||dd|Dt||S)z Return the permissions of `user_obj` from `from_name`. `from_name` can be either "group" or "user" to return permissions from `_get_group_permissions` or `_get_user_permissions` respectively. Nz_%s_perm_cachez_get_%s_permissionscontent_type__app_labelcodenamecSsh|]\}}d||fqS)z%s.%sr ).0ctnamer r r Xsz0ModelBackend._get_permissions..) r. is_anonymousrhasattr is_superuserrr4r0r/Z values_listZorder_bysetattr)r rr from_nameZperm_cache_nameZpermsr r r_get_permissionsGs   zModelBackend._get_permissionscCs|||dS)zs Return a set of permission strings the user `user_obj` has from their `user_permissions`. r-rBrr r rr\sz!ModelBackend.get_user_permissionscCs|||dS)zq Return a set of permission strings the user `user_obj` has from the groups they belong. grouprCrr r rrcsz"ModelBackend.get_group_permissionscs8|jr|js|dk rtSt|ds2t||_|jS)N _perm_cache)r.r=rr>superrrEr __class__r rrjs  z ModelBackend.get_all_permissionscs|jotj|||dSr)r.rFrrrGr rrqszModelBackend.has_permcs"|jo tfdd||DS)zU Return True if user_obj has any permissions in the given app_label. c3s$|]}|d|dkVqdS)N.)index)r9r app_labelr r xsz0ModelBackend.has_module_perms..)r.anyr)r rrLr rKrhas_module_permstszModelBackend.has_module_permsTc Cst|trThe `perm` argument must be a string or a permission instance.Npk)Z group__user)r-rP)r8r7T)r?)r.) isinstancestrsplit ValueErrorr TypeErrorr$r&nonerrrPrr4r5) r rr.Zinclude_superusersrrLr8Z permission_qZuser_qr r r with_perm}s.     zModelBackend.with_permcCs>ztjj|d}Wntjk r*YdSX||r:|SdS)NrQ)r$r&r#r(r*)r rr-r r rrs zModelBackend.get_user)NN)N)N)N)N)TTN)rr r!__doc__rr*r1r6rBrrrrrOrXr __classcell__r r rGrr"#s    #r"c@seZdZddZdS)AllowAllUsersModelBackendcCsdSNTr r r-r r rr*sz/AllowAllUsersModelBackend.user_can_authenticateNrr r!r*r r r rr[sr[c@s.eZdZdZdZddZddZd ddZd S) RemoteUserBackenda This backend is to be used in conjunction with the ``RemoteUserMiddleware`` found in the middleware module of this package, and is used when the server is handling authentication outside of Django. By default, the ``authenticate`` method creates ``User`` objects for usernames that don't already exist in the database. Subclasses can disable this behavior by setting the ``create_unknown_user`` attribute to ``False``. TcCs|sdSd}d}||}|jr:tjjftj|i\}}n(ztj|}Wntjk r`YnXt|j dr|j |||d}n*t j d|j j dtd|r| ||}||r|SdS)ai The username passed as ``remote_user`` is considered trusted. Return the ``User`` object with the given username. Create a new ``User`` object if ``create_unknown_user`` is ``True``. Return None if ``create_unknown_user`` is ``False`` and a ``User`` object with the given username is not found in the database. NFcreated)r`z1`created=True` must be added to the signature of z.configure_user().)category)clean_usernamecreate_unknown_userr$r&Z get_or_creater%r'r(rconfigure_userwarningswarnrHr!rr*)r r Z remote_userr`r-r+r r rrs,     zRemoteUserBackend.authenticatecCs|S)z Perform any cleaning on the "username" prior to using it to get or create the user object. Return the cleaned username. By default, return the username unchanged. r )r r+r r rrbsz RemoteUserBackend.clean_usernamecCs|S)zp Configure a user and return the updated user. By default, return the user unmodified. r )r r r-r`r r rrdsz RemoteUserBackend.configure_userN)T)rr r!rYrcrrbrdr r r rr_s  * r_c@seZdZddZdS)AllowAllUsersRemoteUserBackendcCsdSr\r r]r r rr*sz4AllowAllUsersRemoteUserBackend.user_can_authenticateNr^r r r rrgsrg)reZdjango.contrib.authrZdjango.contrib.auth.modelsrZdjango.db.modelsrrrZdjango.utils.deprecationrZdjango.utils.inspectrr$r r"r[r_rgr r r rs    K