summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRussell Keith-Magee <russell@keith-magee.com>2010-02-23 12:02:41 +0000
committerRussell Keith-Magee <russell@keith-magee.com>2010-02-23 12:02:41 +0000
commit6b2f125b80807231e0a216c0193089f3a40f7253 (patch)
treecc7cb73337815bc6cbb1af65cc2cf2e8a8c8309a
parent7ca3e8fecf3788d219720138be3ec80fec527ab6 (diff)
Fixed #12729 -- Replaced a hard-coded SQL statement with an ORM query so that the contrib.auth ModelBackend will work on a routed multi-db setup. Thanks to dhageman for the report.
Historical note: The SQL that was removed predates Django being open sourced. git-svn-id: http://code.djangoproject.com/svn/django/trunk@12509 bcc190cf-cafb-0310-a4f2-bffc1f526a37
-rw-r--r--django/contrib/auth/backends.py32
1 files changed, 5 insertions, 27 deletions
diff --git a/django/contrib/auth/backends.py b/django/contrib/auth/backends.py
index 038ba2bba3..bcfd532664 100644
--- a/django/contrib/auth/backends.py
+++ b/django/contrib/auth/backends.py
@@ -4,7 +4,7 @@ except NameError:
from sets import Set as set # Python 2.3 fallback
from django.db import connection
-from django.contrib.auth.models import User
+from django.contrib.auth.models import User, Permission
class ModelBackend(object):
@@ -30,32 +30,10 @@ class ModelBackend(object):
groups.
"""
if not hasattr(user_obj, '_group_perm_cache'):
- cursor = connection.cursor()
- # The SQL below works out to the following, after DB quoting:
- # cursor.execute("""
- # SELECT ct."app_label", p."codename"
- # FROM "auth_permission" p, "auth_group_permissions" gp, "auth_user_groups" ug, "django_content_type" ct
- # WHERE p."id" = gp."permission_id"
- # AND gp."group_id" = ug."group_id"
- # AND ct."id" = p."content_type_id"
- # AND ug."user_id" = %s, [self.id])
- qn = connection.ops.quote_name
- sql = """
- SELECT ct.%s, p.%s
- FROM %s p, %s gp, %s ug, %s ct
- WHERE p.%s = gp.%s
- AND gp.%s = ug.%s
- AND ct.%s = p.%s
- AND ug.%s = %%s""" % (
- qn('app_label'), qn('codename'),
- qn('auth_permission'), qn('auth_group_permissions'),
- qn('auth_user_groups'), qn('django_content_type'),
- qn('id'), qn('permission_id'),
- qn('group_id'), qn('group_id'),
- qn('id'), qn('content_type_id'),
- qn('user_id'),)
- cursor.execute(sql, [user_obj.id])
- user_obj._group_perm_cache = set(["%s.%s" % (row[0], row[1]) for row in cursor.fetchall()])
+ perms = Permission.objects.filter(group__user=user_obj
+ ).values_list('content_type__app_label', 'codename'
+ ).order_by()
+ user_obj._group_perm_cache = set(["%s.%s" % (ct, name) for ct, name in perms])
return user_obj._group_perm_cache
def get_all_permissions(self, user_obj):