def has_module_perms(self, app_label):
"""
Returns True if the user has any permission in the specified app.
"""
if not self.__rbac_backend:
from rbac.backends import RbacUserBackend
self.__rbac_backend = RbacUserBackend()
return self.__rbac_backend.has_module_perms(self, app_label)
def has_perm(self, perm, obj=None):
"""
Returns True if the user has the specified permission. This method
only uses the RbacUserBackend for checking permissions.
"""
if not self.__rbac_backend:
from rbac.backends import RbacUserBackend
self.__rbac_backend = RbacUserBackend()
return self.__rbac_backend.has_perm(self, perm, obj)
class RbacUser(AbstractUser):
"""
Adds extra RBAC functionality to Django's built-in User class.
All RBAC-models will use this model when using 'django.contrib.auth'.
"""
groups = None
user_permissions = None
__rbac_backend = None
class Meta:
app_label = 'rbac'
db_table = 'auth_rbac_user'
swappable = 'AUTH_USER_MODEL'
def get_all_roles(self):
"""
Returns a list of roles which are assigned to this user. This list will
be used for providing role choices in RbacSessions, for example.
By default we only query the RbacUserAssignment for roles. If you have
any other sources for roles you can override this method. You just need
to make sure that this method returns a QuerySet!
@rtype: QuerySet
"""
return RbacRole.objects.filter(rbacuserassignment__user=self)
def get_all_permissions(self, obj=None):
if not self.__rbac_backend:
from rbac.backends import RbacUserBackend
self.__rbac_backend = RbacUserBackend()
return self.__rbac_backend.get_all_permissions(self)
class RbacUser(AbstractUser):
"""
Adds extra RBAC functionality to Django's built-in User class.
All RBAC-models will use this model when using 'django.contrib.auth'.
"""
groups = None
user_permissions = None
__rbac_backend = None
class Meta:
app_label = 'rbac'
db_table = 'auth_rbac_user'
swappable = 'AUTH_USER_MODEL'
def get_all_roles(self):
"""
Returns a list of roles which are assigned to this user. This list will
be used for providing role choices in RbacSessions, for example.
By default we only query the RbacUserAssignment for roles. If you have
any other sources for roles you can override this method. You just need
to make sure that this method returns a QuerySet!
@rtype: QuerySet
"""
return RbacRole.objects.filter(rbacuserassignment__user=self)
def get_all_permissions(self, obj=None):
if not self.__rbac_backend:
from rbac.backends import RbacUserBackend
self.__rbac_backend = RbacUserBackend()
return self.__rbac_backend.get_all_permissions(self)
def has_module_perms(self, app_label):
"""
Returns True if the user has any permission in the specified app.
"""
if not self.__rbac_backend:
from rbac.backends import RbacUserBackend
self.__rbac_backend = RbacUserBackend()
return self.__rbac_backend.has_module_perms(self, app_label)
def has_perm(self, perm, obj=None):
"""
Returns True if the user has the specified permission. This method
only uses the RbacUserBackend for checking permissions.
"""
if not self.__rbac_backend:
from rbac.backends import RbacUserBackend
self.__rbac_backend = RbacUserBackend()
return self.__rbac_backend.has_perm(self, perm, obj)
def get_all_permissions(self, obj=None):
if not self.__rbac_backend:
from rbac.backends import RbacUserBackend
self.__rbac_backend = RbacUserBackend()
return self.__rbac_backend.get_all_permissions(self)
class AbstractRbacUser(models.Model):
"""
This class can be used as a base class for defining custom User classes
whenever 'django.contrib.auth.models.User' cannot be used for whatever
reasons.
It does not provide any properties at all - only a minimum set of methods
which are required for RBAC operations. It is up to you to define the
properties which are needed to work with your application or with Django's
build-in admin.
"""
__rbac_backend = None
USERNAME_FIELD = 'id'
REQUIRED_FIELDS = []
class Meta:
abstract = True
def is_anonymous(self):
"""
Always returns False. This is a way of comparing User objects to
anonymous users.
"""
return False
def is_authenticated(self):
"""
Always return True. This is a way to tell if the user has been
authenticated in templates.
"""
return True
def get_all_roles(self):
"""
Returns a list of roles which are assigned to this user. This list will
be used for providing role choices in RbacSessions, for example.
By default we only query the RbacUserAssignment for roles. If you have
any other sources for roles you can override this method. You just need
to make sure that this method returns a QuerySet!
@rtype: QuerySet
"""
return RbacRole.objects.filter(rbacuserassignment__user=self)
def get_all_permissions(self, obj=None):
if not self.__rbac_backend:
from rbac.backends import RbacUserBackend
self.__rbac_backend = RbacUserBackend()
return self.__rbac_backend.get_all_permissions(self, obj)
def has_perm(self, perm, obj=None):
"""
Returns True if the user has the specified permission. This method
only uses the RbacUserBackend for checking permissions.
"""
if not self.__rbac_backend:
from rbac.backends import RbacUserBackend
self.__rbac_backend = RbacUserBackend()
return self.__rbac_backend.has_perm(self, perm, obj)
def has_perms(self, perm_list, obj=None):
"""
Returns True if the user has each of the specified permissions. If
object is passed, it checks if the user has all required perms for this
object.
"""
for perm in perm_list:
if not self.has_perm(perm, obj):
return False
return True
def has_module_perms(self, app_label):
"""
Returns True if the user has any permission in the specified app.
"""
if not self.__rbac_backend:
from rbac.backends import RbacUserBackend
self.__rbac_backend = RbacUserBackend()
return self.__rbac_backend.has_module_perms(self, app_label)
class AbstractRbacUser(models.Model):
"""
This class can be used as a base class for defining custom User classes
whenever 'django.contrib.auth.models.User' cannot be used for whatever
reasons.
Only provides a bare minimum set of fields and methods which are required
for RBAC operations while maintaining compatibility with Django's built-in
admin interface.
"""
__rbac_backend = None
USERNAME_FIELD = 'id'
REQUIRED_FIELDS = []
# These fields are required for Django's admin site
last_login = models.DateTimeField(_('last login'), blank=True, null=True)
is_staff = models.BooleanField(
_('staff status'),
default=False,
help_text=_('Designates whether the user can log into this admin '
'site.'))
class Meta:
abstract = True
@property
def is_anonymous(self):
"""
Always returns False. This is a way of comparing User objects to
anonymous users.
"""
return CallableFalse
@property
def is_authenticated(self):
"""
Always return True. This is a way to tell if the user has been
authenticated in templates.
"""
return CallableTrue
def get_all_roles(self):
"""
Returns a list of roles which are assigned to this user. This list will
be used for providing role choices in RbacSessions, for example.
By default we only query the RbacUserAssignment for roles. If you have
any other sources for roles you can override this method. You just need
to make sure that this method returns a QuerySet!
@rtype: QuerySet
"""
return RbacRole.objects.filter(rbacuserassignment__user=self)
def get_all_permissions(self, obj=None):
if not self.__rbac_backend:
from rbac.backends import RbacUserBackend
self.__rbac_backend = RbacUserBackend()
return self.__rbac_backend.get_all_permissions(self, obj)
def has_perm(self, perm, obj=None):
"""
Returns True if the user has the specified permission. This method
only uses the RbacUserBackend for checking permissions.
"""
if not self.__rbac_backend:
from rbac.backends import RbacUserBackend
self.__rbac_backend = RbacUserBackend()
return self.__rbac_backend.has_perm(self, perm, obj)
def has_perms(self, perm_list, obj=None):
"""
Returns True if the user has each of the specified permissions. If
object is passed, it checks if the user has all required perms for this
object.
"""
for perm in perm_list:
if not self.has_perm(perm, obj):
return False
return True
def has_module_perms(self, app_label):
"""
Returns True if the user has any permission in the specified app.
"""
if not self.__rbac_backend:
from rbac.backends import RbacUserBackend
self.__rbac_backend = RbacUserBackend()
return self.__rbac_backend.has_module_perms(self, app_label)
def get_all_permissions(self, obj=None):
if not self.__rbac_backend:
from rbac.backends import RbacUserBackend
self.__rbac_backend = RbacUserBackend()
return self.__rbac_backend.get_all_permissions(self)
class AbstractRbacUser(models.Model):
"""
This class can be used as a base class for defining custom User classes
whenever 'django.contrib.auth.models.User' cannot be used for whatever
reasons.
It does not provide any properties at all - only a minimum set of methods
which are required for RBAC operations. It is up to you to define the
properties which are needed to work with your application or with Django's
build-in admin.
"""
__rbac_backend = None
USERNAME_FIELD = 'id'
REQUIRED_FIELDS = []
class Meta:
abstract = True
def is_anonymous(self):
"""
Always returns False. This is a way of comparing User objects to
anonymous users.
"""
return False
def is_authenticated(self):
"""
Always return True. This is a way to tell if the user has been
authenticated in templates.
"""
return True
def get_all_roles(self):
"""
Returns a list of roles which are assigned to this user. This list will
be used for providing role choices in RbacSessions, for example.
By default we only query the RbacUserAssignment for roles. If you have
any other sources for roles you can override this method. You just need
to make sure that this method returns a QuerySet!
@rtype: QuerySet
"""
return RbacRole.objects.filter(rbacuserassignment__user=self)
def get_all_permissions(self, obj=None):
if not self.__rbac_backend:
from rbac.backends import RbacUserBackend
self.__rbac_backend = RbacUserBackend()
return self.__rbac_backend.get_all_permissions(self, obj)
def has_perm(self, perm, obj=None):
"""
Returns True if the user has the specified permission. This method
only uses the RbacUserBackend for checking permissions.
"""
if not self.__rbac_backend:
from rbac.backends import RbacUserBackend
self.__rbac_backend = RbacUserBackend()
return self.__rbac_backend.has_perm(self, perm, obj)
def has_perms(self, perm_list, obj=None):
"""
Returns True if the user has each of the specified permissions. If
object is passed, it checks if the user has all required perms for this
object.
"""
for perm in perm_list:
if not self.has_perm(perm, obj):
return False
return True
def has_module_perms(self, app_label):
"""
Returns True if the user has any permission in the specified app.
"""
if not self.__rbac_backend:
from rbac.backends import RbacUserBackend
self.__rbac_backend = RbacUserBackend()
return self.__rbac_backend.has_module_perms(self, app_label)
class AbstractRbacUser(models.Model):
"""
This class can be used as a base class for defining custom User classes
whenever 'django.contrib.auth.models.User' cannot be used for whatever
reasons.
Only provides a bare minimum set of fields and methods which are required
for RBAC operations while maintaining compatibility with Django's built-in
admin interface.
"""
__rbac_backend = None
USERNAME_FIELD = 'id'
REQUIRED_FIELDS = []
# These fields are required for Django's admin site
last_login = models.DateTimeField(_('last login'), blank=True, null=True)
is_staff = models.BooleanField(_('staff status'), default=False,
help_text=_('Designates whether the user can log into this admin '
'site.'))
class Meta:
abstract = True
@property
def is_anonymous(self):
"""
Always returns False. This is a way of comparing User objects to
anonymous users.
"""
return CallableFalse
@property
def is_authenticated(self):
"""
Always return True. This is a way to tell if the user has been
authenticated in templates.
"""
return CallableTrue
def get_all_roles(self):
"""
Returns a list of roles which are assigned to this user. This list will
be used for providing role choices in RbacSessions, for example.
By default we only query the RbacUserAssignment for roles. If you have
any other sources for roles you can override this method. You just need
to make sure that this method returns a QuerySet!
@rtype: QuerySet
"""
return RbacRole.objects.filter(rbacuserassignment__user=self)
def get_all_permissions(self, obj=None):
if not self.__rbac_backend:
from rbac.backends import RbacUserBackend
self.__rbac_backend = RbacUserBackend()
return self.__rbac_backend.get_all_permissions(self, obj)
def has_perm(self, perm, obj=None):
"""
Returns True if the user has the specified permission. This method
only uses the RbacUserBackend for checking permissions.
"""
if not self.__rbac_backend:
from rbac.backends import RbacUserBackend
self.__rbac_backend = RbacUserBackend()
return self.__rbac_backend.has_perm(self, perm, obj)
def has_perms(self, perm_list, obj=None):
"""
Returns True if the user has each of the specified permissions. If
object is passed, it checks if the user has all required perms for this
object.
"""
for perm in perm_list:
if not self.has_perm(perm, obj):
return False
return True
def has_module_perms(self, app_label):
"""
Returns True if the user has any permission in the specified app.
"""
if not self.__rbac_backend:
from rbac.backends import RbacUserBackend
self.__rbac_backend = RbacUserBackend()
return self.__rbac_backend.has_module_perms(self, app_label)
