From cc35bd461d35da2b03c0a1a8ff92123d716db9a9 Mon Sep 17 00:00:00 2001 From: "Jorge C. Leitão" Date: Mon, 30 Dec 2013 08:37:27 +0100 Subject: Fixed #7599 -- Added get_user_permissions to ModelBackend. Thanks to @gdub for the report and intial patch and @charettes and @timgraham for the review. --- docs/ref/contrib/auth.txt | 48 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 48 insertions(+) (limited to 'docs/ref') diff --git a/docs/ref/contrib/auth.txt b/docs/ref/contrib/auth.txt index 0f60ba0cfd..dcddc84283 100644 --- a/docs/ref/contrib/auth.txt +++ b/docs/ref/contrib/auth.txt @@ -425,6 +425,54 @@ The following backends are available in :mod:`django.contrib.auth.backends`: :class:`~django.contrib.auth.models.User` and :class:`~django.contrib.auth.models.PermissionsMixin`. + :meth:`has_perm`, :meth:`get_all_permissions`, :meth:`get_user_permissions`, + and :meth:`get_group_permissions` allow an object to be passed as a + parameter for object-specific permissions, but this backend does not + implement them other than returning an empty set of permissions if + ``obj is not None``. + + .. method:: authenticate(username=None, password=None, **kwargs) + + Tries to authenticate ``username`` with ``password`` by calling + :meth:`User.check_password + `. If no ``username`` + is provided, it tries to fetch a username from ``kwargs`` using the + key :attr:`CustomUser.USERNAME_FIELD + `. Returns an + authenticated user or ``None``. + + .. method:: get_user_permissions(user_obj, obj=None) + + .. versionadded:: 1.8 + + Returns the set of permission strings the ``user_obj`` has from their + own user permissions. Returns an empty set if the user + :meth:`~django.contrib.auth.models.AbstractBaseUser.is_anonymous`. + + .. method:: get_group_permissions(user_obj, obj=None) + + Returns the set of permission strings the ``user_obj`` has from the + permissions of the groups they belong. Returns an empty set if the user + :meth:`~django.contrib.auth.models.AbstractBaseUser.is_anonymous`. + + .. method:: get_all_permissions(user_obj, obj=None) + + Returns the set of permission strings the ``user_obj`` has, including + both user permissions and groups permissions. Returns an empty set if + the user + :meth:`~django.contrib.auth.models.AbstractBaseUser.is_anonymous`. + + .. method:: has_perm(user_obj, perm, obj=None) + + Uses :meth:`get_all_permissions` to check if ``user_obj`` has the + permission string ``perm``. Returns ``False`` if the user is not + :meth:`~django.contrib.auth.models.CustomUser.is_active`. + + .. method:: has_module_perms(self, user_obj, app_label) + + Returns whether the ``user_obj`` has any permissions on the app + ``app_label``. + .. class:: RemoteUserBackend Use this backend to take advantage of external-to-Django-handled -- cgit v1.3