def has_module_perms(self, app_label): """ Returns True if the user has any permission in the specified app. """ if not self.__rbac_backend: from rbac.backends import RbacUserBackend self.__rbac_backend = RbacUserBackend() return self.__rbac_backend.has_module_perms(self, app_label)
def has_perm(self, perm, obj=None): """ Returns True if the user has the specified permission. This method only uses the RbacUserBackend for checking permissions. """ if not self.__rbac_backend: from rbac.backends import RbacUserBackend self.__rbac_backend = RbacUserBackend() return self.__rbac_backend.has_perm(self, perm, obj)
class RbacUser(AbstractUser): """ Adds extra RBAC functionality to Django's built-in User class. All RBAC-models will use this model when using 'django.contrib.auth'. """ groups = None user_permissions = None __rbac_backend = None class Meta: app_label = 'rbac' db_table = 'auth_rbac_user' swappable = 'AUTH_USER_MODEL' def get_all_roles(self): """ Returns a list of roles which are assigned to this user. This list will be used for providing role choices in RbacSessions, for example. By default we only query the RbacUserAssignment for roles. If you have any other sources for roles you can override this method. You just need to make sure that this method returns a QuerySet! @rtype: QuerySet """ return RbacRole.objects.filter(rbacuserassignment__user=self) def get_all_permissions(self, obj=None): if not self.__rbac_backend: from rbac.backends import RbacUserBackend self.__rbac_backend = RbacUserBackend() return self.__rbac_backend.get_all_permissions(self)
def get_all_permissions(self, obj=None): if not self.__rbac_backend: from rbac.backends import RbacUserBackend self.__rbac_backend = RbacUserBackend() return self.__rbac_backend.get_all_permissions(self)
class AbstractRbacUser(models.Model): """ This class can be used as a base class for defining custom User classes whenever 'django.contrib.auth.models.User' cannot be used for whatever reasons. It does not provide any properties at all - only a minimum set of methods which are required for RBAC operations. It is up to you to define the properties which are needed to work with your application or with Django's build-in admin. """ __rbac_backend = None USERNAME_FIELD = 'id' REQUIRED_FIELDS = [] class Meta: abstract = True def is_anonymous(self): """ Always returns False. This is a way of comparing User objects to anonymous users. """ return False def is_authenticated(self): """ Always return True. This is a way to tell if the user has been authenticated in templates. """ return True def get_all_roles(self): """ Returns a list of roles which are assigned to this user. This list will be used for providing role choices in RbacSessions, for example. By default we only query the RbacUserAssignment for roles. If you have any other sources for roles you can override this method. You just need to make sure that this method returns a QuerySet! @rtype: QuerySet """ return RbacRole.objects.filter(rbacuserassignment__user=self) def get_all_permissions(self, obj=None): if not self.__rbac_backend: from rbac.backends import RbacUserBackend self.__rbac_backend = RbacUserBackend() return self.__rbac_backend.get_all_permissions(self, obj) def has_perm(self, perm, obj=None): """ Returns True if the user has the specified permission. This method only uses the RbacUserBackend for checking permissions. """ if not self.__rbac_backend: from rbac.backends import RbacUserBackend self.__rbac_backend = RbacUserBackend() return self.__rbac_backend.has_perm(self, perm, obj) def has_perms(self, perm_list, obj=None): """ Returns True if the user has each of the specified permissions. If object is passed, it checks if the user has all required perms for this object. """ for perm in perm_list: if not self.has_perm(perm, obj): return False return True def has_module_perms(self, app_label): """ Returns True if the user has any permission in the specified app. """ if not self.__rbac_backend: from rbac.backends import RbacUserBackend self.__rbac_backend = RbacUserBackend() return self.__rbac_backend.has_module_perms(self, app_label)
class AbstractRbacUser(models.Model): """ This class can be used as a base class for defining custom User classes whenever 'django.contrib.auth.models.User' cannot be used for whatever reasons. Only provides a bare minimum set of fields and methods which are required for RBAC operations while maintaining compatibility with Django's built-in admin interface. """ __rbac_backend = None USERNAME_FIELD = 'id' REQUIRED_FIELDS = [] # These fields are required for Django's admin site last_login = models.DateTimeField(_('last login'), blank=True, null=True) is_staff = models.BooleanField( _('staff status'), default=False, help_text=_('Designates whether the user can log into this admin ' 'site.')) class Meta: abstract = True @property def is_anonymous(self): """ Always returns False. This is a way of comparing User objects to anonymous users. """ return CallableFalse @property def is_authenticated(self): """ Always return True. This is a way to tell if the user has been authenticated in templates. """ return CallableTrue def get_all_roles(self): """ Returns a list of roles which are assigned to this user. This list will be used for providing role choices in RbacSessions, for example. By default we only query the RbacUserAssignment for roles. If you have any other sources for roles you can override this method. You just need to make sure that this method returns a QuerySet! @rtype: QuerySet """ return RbacRole.objects.filter(rbacuserassignment__user=self) def get_all_permissions(self, obj=None): if not self.__rbac_backend: from rbac.backends import RbacUserBackend self.__rbac_backend = RbacUserBackend() return self.__rbac_backend.get_all_permissions(self, obj) def has_perm(self, perm, obj=None): """ Returns True if the user has the specified permission. This method only uses the RbacUserBackend for checking permissions. """ if not self.__rbac_backend: from rbac.backends import RbacUserBackend self.__rbac_backend = RbacUserBackend() return self.__rbac_backend.has_perm(self, perm, obj) def has_perms(self, perm_list, obj=None): """ Returns True if the user has each of the specified permissions. If object is passed, it checks if the user has all required perms for this object. """ for perm in perm_list: if not self.has_perm(perm, obj): return False return True def has_module_perms(self, app_label): """ Returns True if the user has any permission in the specified app. """ if not self.__rbac_backend: from rbac.backends import RbacUserBackend self.__rbac_backend = RbacUserBackend() return self.__rbac_backend.has_module_perms(self, app_label)
class AbstractRbacUser(models.Model): """ This class can be used as a base class for defining custom User classes whenever 'django.contrib.auth.models.User' cannot be used for whatever reasons. Only provides a bare minimum set of fields and methods which are required for RBAC operations while maintaining compatibility with Django's built-in admin interface. """ __rbac_backend = None USERNAME_FIELD = 'id' REQUIRED_FIELDS = [] # These fields are required for Django's admin site last_login = models.DateTimeField(_('last login'), blank=True, null=True) is_staff = models.BooleanField(_('staff status'), default=False, help_text=_('Designates whether the user can log into this admin ' 'site.')) class Meta: abstract = True @property def is_anonymous(self): """ Always returns False. This is a way of comparing User objects to anonymous users. """ return CallableFalse @property def is_authenticated(self): """ Always return True. This is a way to tell if the user has been authenticated in templates. """ return CallableTrue def get_all_roles(self): """ Returns a list of roles which are assigned to this user. This list will be used for providing role choices in RbacSessions, for example. By default we only query the RbacUserAssignment for roles. If you have any other sources for roles you can override this method. You just need to make sure that this method returns a QuerySet! @rtype: QuerySet """ return RbacRole.objects.filter(rbacuserassignment__user=self) def get_all_permissions(self, obj=None): if not self.__rbac_backend: from rbac.backends import RbacUserBackend self.__rbac_backend = RbacUserBackend() return self.__rbac_backend.get_all_permissions(self, obj) def has_perm(self, perm, obj=None): """ Returns True if the user has the specified permission. This method only uses the RbacUserBackend for checking permissions. """ if not self.__rbac_backend: from rbac.backends import RbacUserBackend self.__rbac_backend = RbacUserBackend() return self.__rbac_backend.has_perm(self, perm, obj) def has_perms(self, perm_list, obj=None): """ Returns True if the user has each of the specified permissions. If object is passed, it checks if the user has all required perms for this object. """ for perm in perm_list: if not self.has_perm(perm, obj): return False return True def has_module_perms(self, app_label): """ Returns True if the user has any permission in the specified app. """ if not self.__rbac_backend: from rbac.backends import RbacUserBackend self.__rbac_backend = RbacUserBackend() return self.__rbac_backend.has_module_perms(self, app_label)