In the Django Developers group/mailing-list, I brought up an
enhancement for adding the is_approved field to django's
contrib.auth.
This request was declined. It was suggested that I add this
to the
profile class instead. This doesn't make sense to me,
because
authentication should be independent of a user's profile
(plus, that's
discrimination :P).
My assumption for django not including this in its trunk is
that
SchemaEvolution is not there to assist all of the users that
would be
affected by this trunk. So, if you do decide to use this,
be prepared
to ALTER TABLES on existing databases.
Anyways, I just updated my django trunk, so I had to
repatch... and
thus, I decided to post this for anyone else wanting to add
an approval
field to their user model & authentication.
You can turn on and off this approval requirement by setting
the
LOGIN_REQUIRES_APPROVAL boolean in your settings.py.
Below you will find the patch:
Index: latest/django/conf/global_settings.py
============================================================
=======
--- latest/django/conf/global_settings.py (revision 3688)
+++ latest/django/conf/global_settings.py (working copy)
 -179,6
+179,9
# is an admin.
ADMIN_FOR = ()
+# A contrib/auth setting. True means that the must be
approved to
login
+LOGIN_REQUIRES_APPROVAL = False
+
# 404s that may be ignored.
IGNORABLE_404_STARTS = ('/cgi-bin/', '/_vti_bin',
'/_vti_inf')
IGNORABLE_404_ENDS = ('mail.pl', 'mailform.pl',
'mail.cgi',
'mailform.cgi', 'favicon.ico', '.php')
Index: latest/django/contrib/auth/create_superuser.py
============================================================
=======
--- latest/django/contrib/auth/create_superuser.py (revision
3688)
+++ latest/django/contrib/auth/create_superuser.py (working
copy)
-82,6
+82,7
u = User.objects.create_user(username, email, password)
u.is_staff = True
u.is_active = True
+ u.is_approved = True
u.is_superuser = True
u.save()
print "Superuser created successfully."
Index: latest/django/contrib/auth/models.py
============================================================
=======
--- latest/django/contrib/auth/models.py (revision 3688)
+++ latest/django/contrib/auth/models.py (working copy)
-3,6
+3,7
from django.db import backend, connection, models
from django.contrib.contenttypes.models import ContentType
from django.utils.translation import gettext_lazy as _
+from django.conf import settings
import datetime
def check_password(raw_password, enc_password):
-70,7
+71,7
def create_user(self, username, email, password):
"Creates and saves a User with the given
username, e-mail and
password."
now = datetime.datetime.now()
- user = self.model(None, username, '', '',
email.strip().lower(), 'placeholder', False, True, False,
now, now)
+ user = self.model(None, username, '', '',
email.strip().lower(), 'placeholder', False, True, False,
False, now,
now)
user.set_password(password)
user.save()
return user
-94,6
+95,7
password = models.CharField(_('password'),
maxlength=128,
help_text=_("Use
'[algo]$[salt]$[hexdigest]'"))
is_staff = models.BooleanField(_('staff status'),
help_text=_("Designates whether the user can log into
this admin
site."))
is_active = models.BooleanField(_('active'),
default=True,
help_text=_("Designates whether this user can log into
the Django
admin. Unselect this instead of deleting accounts."))
+ is_approved = models.BooleanField(_('approved'),
default=True,
help_text=_("Designates whether this user has been
approved to
login."))
is_superuser = models.BooleanField(_('superuser
status'),
help_text=_("Designates that this user has all
permissions without
explicitly assigning them."))
last_login = models.DateTimeField(_('last login'),
default=models.LazyDate())
date_joined = models.DateTimeField(_('date joined'),
default=models.LazyDate())
-109,7
+111,7
fields = (
(None, {'fields': ('username',
'password')}),
(_('Personal info'), {'fields':
('first_name',
'last_name', 'email')}),
- (_('Permissions'), {'fields':
('is_staff', 'is_active',
'is_superuser', 'user_permissions')}),
+ (_('Permissions'), {'fields':
('is_staff', 'is_active',
'is_approved', 'is_superuser', 'user_permissions')}),
(_('Important dates'), {'fields':
('last_login',
'date_joined')}),
(_('Groups'), {'fields': ('groups',)}),
)
-203,6
+205,8
"Returns True if the user has the specified
permission."
if not self.is_active:
return False
+ if settings.LOGIN_REQUIRES_APPROVAL and not
self.is_approved:
+ return False
if self.is_superuser:
return True
return perm in self.get_all_permissions()
Index: latest/django/contrib/auth/forms.py
============================================================
=======
--- latest/django/contrib/auth/forms.py (revision 3688)
+++ latest/django/contrib/auth/forms.py (working copy)
-59,6
+59,8
raise validators.ValidationError,
_("Please enter a
correct username and password. Note that both fields are
case-sensitive.")
elif not self.user_cache.is_active:
raise validators.ValidationError, _("This
account is
inactive.")
+ elif settings.LOGIN_REQUIRES_APPROVAL and not
self.user_cache.is_approved:
+ raise validators.ValidationError, _("This
account is
pending on approval.")
def get_user_id(self):
if self.user_cache:
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the
Google Groups "Django users" group.
To post to this group, send email to django-usersgooglegroups.com
To unsubscribe from this group, send email to
django-users-unsubscribegooglegroups.com
For more options, visit this group at http://gr
oups.google.com/group/django-users
-~----------~----~----~----~------~----~------~--~---
|