o

3�a�!�@s�dd
lm
Z

ddlmZ
ddlmZmZmZ
e
�ZGdd�d�Z	Gdd�de	�Z
Gdd	�d	e
�ZGd
d�de
�ZGdd
�d
e�Z
dS)�)
�get_user_model)
�
Permission)�Exists�OuterRef�
Qc@sDeZ
dZd
d�Zdd�Zddd�
Zddd	�
Zdd
d�
Zddd
�
ZdS)�BaseBackendc
K�dS�
N�)�self�request�kwargsr
r
�>/usr/lib/python3/dist-packages/django/contrib/auth/backends.py�authenticate	�
zBaseBackend.authenticatec
Crr	r
)r�user_idr
r
r�get_userrzBaseBackend.get_userNc
C�t�Sr	�
�set�r�user_obj�objr
r
r�get_user_permissions�
z BaseBackend.get_user_permissionsc
Crr	rrr
r
r�get_group_permissionsrz!BaseBackend.get_group_permissionscCs h|j|
|d
��
|j
|
|d
��
S�N)
r)rrrr
r
r�get_all_permissionss


��zBaseBackend.get_all_permissionscCs||j|
|d
�vSr)
r�rr�permrr
r
r�has_perms
zBaseBackend.has_permr	)	�__name__�
__module__�__qualname__rrrrrr r
r
r
rrs



rcs�eZ
dZd
Zddd�
Zdd�Zdd�Zd	d
�Zdd�Zdd
d�
Z	ddd�
Z
d�f
dd�	Zd�f
dd�	Zdd�Z
ddd�
Zdd�Z�ZS)�ModelBackendz9
    Authenticates against settings.AUTH_USER_MODEL.
    NcKs||dur
|�t
j�
}|dus|durdSzt
j�|�
}Wnt
jy-


t
��|�

YdSw|�|�
r:|�|�
r<|SdSdSr	)	�get�	UserModel�USERNAME_FIELD�_default_manager�get_by_natural_key�DoesNotExist�set_password�check_password�user_can_authenticate)rr�username�passwordr
�userr
r
rr$s






�
�zModelBackend.authenticatecCst|
d
d�}|p|duS)z{
        Reject users with is_active=False. Custom user models that don't have
        that attribute are allowed.
        �	is_activeN)
�getattr)rr0r1r
r
rr-3s
z"ModelBackend.user_can_authenticatecCs
|
j�
�Sr	)�user_permissions�all)rrr
r
r�_get_user_permissions;s

z"ModelBackend._get_user_permissionscCs0t�j
�d
�
}d|��}tjjdi||
i
�
�
S)N�groupsz	group__%sr
)r�_meta�	get_field�related_query_namer�objects�filter)rr�user_groups_field�user_groups_queryr
r
r�_get_group_permissions>s


z#ModelBackend._get_group_permissionscCs�|
jr
|
j
s
|d
u
r
t�Sd|}t|
|�s;|
jrtj��}n	t|d|�|
�
}|�	dd��
�}t|
|dd�|D�
�
t|
|�S)z�
        Return the permissions of `user_obj` from `from_name`. `from_name` can
        be either "group" or "user" to return permissions from
        `_get_group_permissions` or `_get_user_permissions` respectively.
        Nz_%s_perm_cachez_get_%s_permissions�content_type__app_label�codenamec
Ssh|]
\}
}d|
|f�qS)
z%s.%sr
)�.0�ct�namer
r
r�	<setcomp>Ssz0ModelBackend._get_permissions.<locals>.<setcomp>)r1�is_anonymousr�hasattr�is_superuserrr:r4r2�values_list�order_by�setattr)rrr�	from_name�perm_cache_name�permsr
r
r�_get_permissionsCs








zModelBackend._get_permissionscC�|�|
|d
�S)zs
        Return a set of permission strings the user `user_obj` has from their
        `user_permissions`.
        r0�
rNrr
r
rrV�z!ModelBackend.get_user_permissionscCrO)zq
        Return a set of permission strings the user `user_obj` has from the
        groups they belong.
        �grouprPrr
r
rr]rQz"ModelBackend.get_group_permissionscs8|
jr
|
j
s
|du
r
t�St|
d
�st��|
�
|
_|
jS)N�_perm_cache)r1rErrF�superrrSr�
�	__class__r
rrds






z ModelBackend.get_all_permissionscs|
jot
�j|
||d
�Sr)r1rTr rrUr
rr ks
zModelBackend.has_permcs"|
jot
�f
d
d�|�|
�
D�
�
S)zU
        Return True if user_obj has any permissions in the given app_label.
        c
3s&�|]}
|
d|
�d
�
��kV
qdS)N�
.)
�index)rAr�
�	app_labelr
r�	<genexpr>rs
��
�z0ModelBackend.has_module_perms.<locals>.<genexpr>)r1�anyr)rrrZr
rYr�has_module_permsns�zModelBackend.has_module_permsTc
Cs�t|
t
�rz	|
�d
�
\}}Wnty


td�
�
wt|
t�s#td�
�
t�}|du
r/|j��St	t
d�
d�
t	t
d�
d�
B}t|
t�rK|t	|
jd�
M}n|t	||d	�M}ttj
�|�
�
}	|rd|	t	d
d�
O}	|du
ro|	t	|d�
M}	|j�|	�
S)
z�
        Return users that have permission "perm". By default, filter out
        inactive users and include superusers.
        rWzDPermission name should be in the form app_label.permission_codename.z>The `perm` argument must be a string or a permission instance.N�pk)
�group__user)
r0�
r^)r@r?T)
rG)
r1)�
isinstance�str�split�
ValueErrorr�	TypeErrorrr(�nonerrr^rr:r;)
rrr1�include_superusersrrZr@r&�permission_q�user_qr
r
r�	with_permws2





��


�









zModelBackend.with_permcCs<z	tj
j|
d
�
}Wntjy


YdSw|�|�
r|SdS)Nr`)r&r(r%r*r-)rrr0r
r
rr�s



�zModelBackend.get_user)NNr	)TTN)r!r"r#�__doc__rr-r5r>rNrrrr r]rjr�
__classcell__r
r
rUrr$s




	$r$c@�eZ
dZd
d�ZdS)�AllowAllUsersModelBackendc
C�d
S�NTr
�rr0r
r
rr-�rz/AllowAllUsersModelBackend.user_can_authenticateN�r!r"r#r-r
r
r
rrn��
rnc@s,eZ
dZd
ZdZdd�Zdd�Zdd�Zd	S)
�RemoteUserBackenda�

    This backend is to be used in conjunction with the ``RemoteUserMiddleware``
    found in the middleware module of this package, and is used when the server
    is handling authentication outside of Django.

    By default, the ``authenticate`` method creates ``User`` objects for
    usernames that don't already exist in the database.  Subclasses can disable
    this behavior by setting the ``create_unknown_user`` attribute to
    ``False``.
    TcCs�|sd
Sd
}|�|�
}|j
r%tjjditj|i
�
�
\}}|r$|�|
|�}nztj�|�
}Wn
tjy7


Yn
w|�	|�
r?|Sd
S)ai

        The username passed as ``remote_user`` is considered trusted. Return
        the ``User`` object with the given username. Create a new ``User``
        object if ``create_unknown_user`` is ``True``.

        Return None if ``create_unknown_user`` is ``False`` and a ``User``
        object with the given username is not found in the database.
        Nr
)
�clean_username�create_unknown_userr&r(�
get_or_creater'�configure_userr)r*r-)rr�remote_userr0r.�createdr
r
rr�s"	






�
�


�zRemoteUserBackend.authenticatec
Cs|
S)
z�
        Perform any cleaning on the "username" prior to using it to get or
        create the user object.  Return the cleaned username.

        By default, return the username unchanged.
        r
)rr.r
r
rru�sz RemoteUserBackend.clean_usernamec
Cs|S)
z
        Configure a user after creation and return the updated user.

        By default, return the user unmodified.
        r
)rrr0r
r
rrx�sz RemoteUserBackend.configure_userN)r!r"r#rkrvrrurxr
r
r
rrt�s
	rtc@rm)�AllowAllUsersRemoteUserBackendc
Crorpr
rqr
r
rr-�rz4AllowAllUsersRemoteUserBackend.user_can_authenticateNrrr
r
r
rr{�rsr{N)�django.contrib.authr�django.contrib.auth.modelsr�django.db.modelsrrrr&rr$rnrtr{r
r
r
r�<module>
s

?