Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- from django.conf import settings
- from django.contrib.auth.hashers import check_password
- from django.contrib.auth.models import User
- class SettingsBackend:
- """
- Authenticate against the settings ADMIN_LOGIN and ADMIN_PASSWORD.
- Use the login name and a hash of the password. For example:
- ADMIN_LOGIN = 'admin'
- ADMIN_PASSWORD = 'pbkdf2_sha256$30000$Vo0VlMnkR4Bk$qEvtdyZRWTcOsCnI/oQ7fVOu1XAURIZYoOZ3iq8Dr4M='
- """
- def authenticate(self, request, username=None, password=None):
- login_valid = (settings.ADMIN_LOGIN == username)
- pwd_valid = check_password(password, settings.ADMIN_PASSWORD)
- if login_valid and pwd_valid:
- try:
- user = User.objects.get(username=username)
- except User.DoesNotExist:
- # Create a new user. There's no need to set a password
- # because only the password from settings.py is checked.
- user = User(username=username)
- user.is_staff = True
- user.is_superuser = True
- user.save()
- return user
- return None
- def get_user(self, user_id):
- try:
- return User.objects.get(pk=user_id)
- except User.DoesNotExist:
- return None
- #Set permission in model
- -------------------------------------------------------------------------------
- class Task(models.Model):
- ...
- class Meta:
- permissions = (
- ("change_task_status", "Can change the status of tasks"),
- ("close_task", "Can remove a task by setting its status as closed"),
- )
- #Check permission
- --------------------------------------------------------------------------------
- user.has_perm('app.close_task')
- #Permission Scheme:
- ---------------------------------------------------------------------------------
- myuser.groups.set([group_list])
- myuser.groups.add(group, group, ...)
- myuser.groups.remove(group, group, ...)
- myuser.groups.clear()
- myuser.user_permissions.set([permission_list])
- myuser.user_permissions.add(permission, permission, ...)
- myuser.user_permissions.remove(permission, permission, ...)
- myuser.user_permissions.clear()
- Assuming you have an application with an app_label foo and a model named Bar, to test for basic permissions you should use:
- add: user.has_perm('foo.add_bar')
- change: user.has_perm('foo.change_bar')
- delete: user.has_perm('foo.delete_bar')
- view: user.has_perm('foo.view_bar')
- #Creating permission
- ------------------------------------------------------------------------------------
- from myapp.models import BlogPost
- from django.contrib.auth.models import Permission
- from django.contrib.contenttypes.models import ContentType
- content_type = ContentType.objects.get_for_model(BlogPost)
- permission = Permission.objects.create(
- codename='can_publish',
- name='Can Publish Posts',
- content_type=content_type,
- )
- #Example
- -------------------------------------------------------------------------------------
- from django.contrib.auth.models import Permission, User
- from django.contrib.contenttypes.models import ContentType
- from django.shortcuts import get_object_or_404
- from myapp.models import BlogPost
- def user_gains_perms(request, user_id):
- user = get_object_or_404(User, pk=user_id)
- # any permission check will cache the current set of permissions
- user.has_perm('myapp.change_blogpost')
- content_type = ContentType.objects.get_for_model(BlogPost)
- permission = Permission.objects.get(
- codename='change_blogpost',
- content_type=content_type,
- )
- user.user_permissions.add(permission)
- # Checking the cached permission set
- user.has_perm('myapp.change_blogpost') # False
- # Request new instance of User
- # Be aware that user.refresh_from_db() won't clear the cache.
- user = get_object_or_404(User, pk=user_id)
- # Permission cache is repopulated from the database
- user.has_perm('myapp.change_blogpost') # True
- #Redirect
- -------------------------------------------------------------------------------
- from django.conf import settings
- from django.shortcuts import redirect
- def my_view(request):
- if not request.user.is_authenticated:
- return redirect('%s?next=%s' % (settings.LOGIN_URL, request.path))
- # ...
- OR
- from django.shortcuts import render
- def my_view(request):
- if not request.user.is_authenticated:
- return render(request, 'myapp/login_error.html')
Add Comment
Please, Sign In to add comment