Settingize some stuff and add custom AnonymousUser

787fd2f4 · Skia · a6edfcc0 · 787fd2f4 · 787fd2f4 · 787fd2f4
Commit 787fd2f4 authored Dec 14, 2015 by Skia
--- a/core/management/commands/setup.py
+++ b/core/management/commands/setup.py
 import os
 from django.core.management.base import BaseCommand, CommandError
 from django.core.management import call_command
+from django.conf import settings
 from core.models import Group, User

 class Command(BaseCommand):
@@ -21,11 +22,8 @@ class Command(BaseCommand):
                 is_superuser=True, is_staff=True)
        u.set_password("plop")
        u.save()
-        Group(name="root").save()
-        # Just some example groups, only root is truly mandatory
-        Group(name="bureau_restreint_ae").save()
-        Group(name="bureau_ae").save()
-        Group(name="membre_ae").save()
+        for g in settings.AE_GROUPS.values():
+            Group(id=g['id'], name=g['name']).save()
        if not options['prod']:
            print("Dev mode, adding some test data")
            u = User(username='skia', last_name="Kia", first_name="S'",
@@ -34,4 +32,10 @@ class Command(BaseCommand):
                     is_superuser=True, is_staff=True)
            u.set_password("plop")
            u.save()
+            u = User(username='guy', last_name="Carlier", first_name="Guy",
+                     email="guy@git.an",
+                     date_of_birth="1942-06-12T00:00:00+01:00",
+                     is_superuser=False, is_staff=False)
+            u.set_password("plop")
+            u.save()

--- a/core/middleware.py
+++ b/core/middleware.py
+import importlib
+from django.conf import settings
+from django.utils.functional import SimpleLazyObject
+from django.contrib.auth import get_user
+from django.contrib.auth.middleware import AuthenticationMiddleware as DjangoAuthenticationMiddleware
+
+module, klass = settings.AUTH_ANONYMOUS_MODEL.rsplit('.', 1)
+AnonymousUser = getattr(importlib.import_module(module), klass)
+
+
+def get_cached_user(request):
+    if not hasattr(request, '_cached_user'):
+        user = get_user(request)
+        if user.is_anonymous():
+            user = AnonymousUser(request)
+
+        request._cached_user = user
+
+    return request._cached_user
+
+
+class AuthenticationMiddleware(DjangoAuthenticationMiddleware):
+    def process_request(self, request):
+        assert hasattr(request, 'session'), (
+            "The Django authentication middleware requires session middleware "
+            "to be installed. Edit your MIDDLEWARE_CLASSES setting to insert "
+            "'django.contrib.sessions.middleware.SessionMiddleware' before "
+            "'account.middleware.AuthenticationMiddleware'."
+        )
+        request.user = SimpleLazyObject(lambda: get_cached_user(request))
+
--- a/core/models.py
+++ b/core/models.py
 from django.db import models
-from django.contrib.auth.models import AbstractBaseUser, PermissionsMixin, UserManager, Group as AuthGroup
+from django.contrib.auth.models import AbstractBaseUser, PermissionsMixin, UserManager, Group as AuthGroup, AnonymousUser as AuthAnonymousUser
 from django.utils.translation import ugettext_lazy as _
 from django.utils import timezone
 from django.core import validators
 from django.core.exceptions import ValidationError
 from django.core.urlresolvers import reverse
+from django.conf import settings
 from datetime import datetime, timedelta

 class Group(AuthGroup):
@@ -60,14 +61,15 @@ class User(AbstractBaseUser, PermissionsMixin):
        ),
    )
    date_joined = models.DateTimeField(_('date joined'), default=timezone.now)
-    owner_group = models.ForeignKey(Group, related_name="owned_user", default=1)
+    owner_group = models.ForeignKey(Group, related_name="owned_user",
+                                    default=settings.AE_GROUPS['root']['id'])
    edit_group = models.ManyToManyField(Group, related_name="editable_user", blank=True)
    view_group = models.ManyToManyField(Group, related_name="viewable_user", blank=True)

    objects = UserManager()

    USERNAME_FIELD = 'username'
-    REQUIRED_FIELDS = ['email', 'first_name', 'last_name', 'date_of_birth']
+    REQUIRED_FIELDS = ['email', 'date_of_birth']

    class Meta:
        verbose_name = _('user')
@@ -149,7 +151,8 @@ class User(AbstractBaseUser, PermissionsMixin):
        if not hasattr(obj, "owner_group"):
            return False
        if (self.is_superuser or self.groups.filter(name=obj.owner_group.name).exists() or
-            self.has_perm(obj.__class__.__module__.split('.')[0]+".change_prop_"+obj.__class__.__name__.lower())):
+            self.has_perm(obj.__class__.__module__.split('.')[0]+".change_prop_"+obj.__class__.__name__.lower()) or
+            self.groups.filter(id=settings.AE_GROUPS['root']['id']).exists()):
            return True
        return False

@@ -185,6 +188,21 @@ class User(AbstractBaseUser, PermissionsMixin):
            return True
        return False

+class AnonymousUser(AuthAnonymousUser):
+    def __init__(self, request):
+        super(AnonymousUser, self).__init__()
+
+    def is_owner(self, obj):
+        return False
+
+    def can_edit(self, obj):
+        return False
+
+    def can_view(self, obj):
+        if obj.view_group.filter(pk=settings.AE_GROUPS['public']['id']).exists():
+            return True
+        return False
+
 class LockError(Exception):
    """There was a lock error on the object"""
    pass
@@ -213,7 +231,8 @@ class Page(models.Model):
    # Attention: this field may not be valid until you call save(). It's made for fast query, but don't rely on it when
    # playing with a Page object, use get_full_name() instead!
    full_name = models.CharField(_('page name'), max_length=255, blank=True)
-    owner_group = models.ForeignKey(Group, related_name="owned_page", default=1)
+    owner_group = models.ForeignKey(Group, related_name="owned_page",
+                                    default=settings.AE_GROUPS['root']['id'])
    edit_group = models.ManyToManyField(Group, related_name="editable_page", blank=True)
    view_group = models.ManyToManyField(Group, related_name="viewable_page", blank=True)
    lock_mutex = {}

--- a/sith/settings.py
+++ b/sith/settings.py
@@ -49,6 +49,7 @@ MIDDLEWARE_CLASSES = (
    'django.contrib.messages.middleware.MessageMiddleware',
    'django.middleware.clickjacking.XFrameOptionsMiddleware',
    'django.middleware.security.SecurityMiddleware',
+    'core.middleware.AuthenticationMiddleware',
 )

 ROOT_URLCONF = 'sith.urls'
@@ -105,6 +106,7 @@ STATIC_URL = '/static/'
 # Auth configuration

 AUTH_USER_MODEL = 'core.User'
+AUTH_ANONYMOUS_MODEL = 'core.models.AnonymousUser'
 LOGIN_URL = '/login'
 LOGOUT_URL = '/logout'
 LOGIN_REDIRECT_URL = '/'
@@ -113,3 +115,24 @@ DEFAULT_FROM_EMAIL="bibou@git.an"
 # Email
 EMAIL_HOST="localhost"
 EMAIL_PORT=25
+
+# AE configuration
+AE_GROUPS = {
+    'root': {
+        'id': 1,
+        'name': "root",
+    },
+    'board': {
+        'id': 2,
+        'name': "ae_bureau",
+    },
+    'members': {
+        'id': 3,
+        'name': "ae_membres",
+    },
+    'public': {
+        'id': 4,
+        'name': "not_registered_users",
+    },
+}
+