generic-auth: Initial implementation and tests for the new has_permission function

git-svn-id: http://code.djangoproject.com/svn/django/branches/generic-auth@3222 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2025-07-05 18:29:11 +00:00 · 2006-06-28 03:57:40 +00:00 · 2006-06-28 03:57:40 +00:00 · bf629e5a4d
commit bf629e5a4d
parent 71b57627ad
3 changed files with 77 additions and 0 deletions
--- a/django/contrib/auth/init.py
+++ b/django/contrib/auth/init.py
@ -1,2 +1,29 @@
 LOGIN_URL = '/accounts/login/'
 REDIRECT_FIELD_NAME = 'next'
+
+class NoMatchFound(Exception): pass
+
+class HasPermission(object):
+    """
+    Function that supports multiple implementations via a type registry. The 
+    implemetation called depends on the argument types.
+    """
+    def __init__(self):
+        self.registry = {}
+
+    def __call__(self, user, permission, obj=None):
+        # TODO: this isn't very robust. Only matches on exact types. Support 
+        # for matching subclasses and caching registry hits would be helpful,
+        # but we'll add that later
+        types = (type(user), type(permission), type(obj))
+        func = self.registry.get(types)
+        if func is not None:
+            return func(user, permission, obj)
+        else:
+            raise NoMatchFound, "%s\n%s" % (self.registry, types)
+
+    def register(self, user_type, permission_type, obj_type, func):
+        types = (user_type, permission_type, obj_type)
+        self.registry[types] = func
+
+has_permission = HasPermission()
--- a/tests/regressiontests/authorization/init.py
+++ b/tests/regressiontests/authorization/init.py
--- a/tests/regressiontests/authorization/models.py
+++ b/tests/regressiontests/authorization/models.py
@ -0,0 +1,50 @@
+from django.db import models
+
+class TestModel(models.Model):
+    name = models.CharField(maxlength=255)
+    
+    class Admin:
+        pass
+
+API_TESTS = """
+# Let's create a default implementation of has_permission. For now, It should 
+# just call user.has_permission(permission) for the given django.contrib.auth.models.User. 
+# Eventually the user.has_permission implementation should be extracted here.
+>>> from django.contrib.auth import has_permission
+>>> def user_has_permission(user, permission, object=None):
+...     return user.has_perm(permission)
+
+# Then let's register that function to be called when we get an instance of
+# django.contrib.auth.models.User and a string as the permission. We use str
+# as the permission type for convenience. It would be annoying to grab the
+# actual Permission object instead of just using the codename. This feels kind
+# of limiting, but can be revisited later.
+>>> from django.contrib.auth.models import User
+>>> has_permission.register(User, str, TestModel, user_has_permission)
+
+# Now make sure it works.
+>>> admin = User(username='admin', password='test', email='test@example.com', is_superuser=True)
+>>> admin.save()
+>>> has_permission(admin, 'testmodel.add', TestModel())
+True
+
+# Now let's create an implemetation for AnonymousUsers... it should always
+# return False.
+>>> def anon_has_permission(user, permission, object=None):
+...     return False
+
+# Register it like before, but for AnonymousUser rather than User.
+>>> from django.contrib.auth.models import AnonymousUser
+>>> has_permission.register(AnonymousUser, str, TestModel, anon_has_permission)
+
+# And make sure it works.
+>>> anonymous = AnonymousUser()
+>>> has_permission(anonymous, 'testmodel.add', TestModel())
+False
+
+# Let's double check that the function we registered for User still works (we're
+# not just replacing the implementation of has_permission)
+>>> has_permission(admin, 'testmodel.add', TestModel())
+True
+
+"""