1 files changed, 80 insertions, 0 deletions

diff --git a/webapp/django/contrib/auth/backends.py b/webapp/django/contrib/auth/backends.py
new file mode 100644
index 0000000000..bba883ba78
--- /dev/null
+++ b/webapp/django/contrib/auth/backends.py
@@ -0,0 +1,80 @@
+try:
+    set
+except NameError:
+    from sets import Set as set # Python 2.3 fallback
+
+from django.db import connection
+from django.contrib.auth.models import User
+
+
+class ModelBackend(object):
+    """
+    Authenticates against django.contrib.auth.models.User.
+    """
+    # TODO: Model, login attribute name and password attribute name should be
+    # configurable.
+    def authenticate(self, username=None, password=None):
+        try:
+            user = User.objects.get(username=username)
+            if user.check_password(password):
+                return user
+        except User.DoesNotExist:
+            return None
+
+    def get_group_permissions(self, user_obj):
+        """
+        Returns a set of permission strings that this user has through his/her
+        groups.
+        """
+        if not hasattr(user_obj, '_group_perm_cache'):
+            cursor = connection.cursor()
+            # The SQL below works out to the following, after DB quoting:
+            # cursor.execute("""
+            #     SELECT ct."app_label", p."codename"
+            #     FROM "auth_permission" p, "auth_group_permissions" gp, "auth_user_groups" ug, "django_content_type" ct
+            #     WHERE p."id" = gp."permission_id"
+            #         AND gp."group_id" = ug."group_id"
+            #         AND ct."id" = p."content_type_id"
+            #         AND ug."user_id" = %s, [self.id])
+            qn = connection.ops.quote_name
+            sql = """
+                SELECT ct.%s, p.%s
+                FROM %s p, %s gp, %s ug, %s ct
+                WHERE p.%s = gp.%s
+                    AND gp.%s = ug.%s
+                    AND ct.%s = p.%s
+                    AND ug.%s = %%s""" % (
+                qn('app_label'), qn('codename'),
+                qn('auth_permission'), qn('auth_group_permissions'),
+                qn('auth_user_groups'), qn('django_content_type'),
+                qn('id'), qn('permission_id'),
+                qn('group_id'), qn('group_id'),
+                qn('id'), qn('content_type_id'),
+                qn('user_id'),)
+            cursor.execute(sql, [user_obj.id])
+            user_obj._group_perm_cache = set(["%s.%s" % (row[0], row[1]) for row in cursor.fetchall()])
+        return user_obj._group_perm_cache
+
+    def get_all_permissions(self, user_obj):
+        if not hasattr(user_obj, '_perm_cache'):
+            user_obj._perm_cache = set([u"%s.%s" % (p.content_type.app_label, p.codename) for p in user_obj.user_permissions.select_related()])
+            user_obj._perm_cache.update(self.get_group_permissions(user_obj))
+        return user_obj._perm_cache
+
+    def has_perm(self, user_obj, perm):
+        return perm in self.get_all_permissions(user_obj)
+
+    def has_module_perms(self, user_obj, app_label):
+        """
+        Returns True if user_obj has any permissions in the given app_label.
+        """
+        for perm in self.get_all_permissions(user_obj):
+            if perm[:perm.index('.')] == app_label:
+                return True
+        return False
+
+    def get_user(self, user_id):
+        try:
+            return User.objects.get(pk=user_id)
+        except User.DoesNotExist:
+            return None