Implement rights for anonymous as requested by #45

This commit is contained in:
rene 2011-11-14 16:37:12 +01:00
parent 40dc6f56df
commit 9f50863439
12 changed files with 227 additions and 52 deletions

View File

@ -323,7 +323,7 @@ class Application(models.Model):
if self.status == "pub" \ if self.status == "pub" \
and user != self.submitter \ and user != self.submitter \
and user not in self.supporter.all() \ and user not in self.supporter.all() \
and user.profile: and getattr(user, 'profile', None):
actions.append("support") actions.append("support")
except Profile.DoesNotExist: except Profile.DoesNotExist:
pass pass

View File

@ -9,9 +9,9 @@
:copyright: 2011 by the OpenSlides team, see AUTHORS. :copyright: 2011 by the OpenSlides team, see AUTHORS.
:license: GNU GPL, see LICENSE for more details. :license: GNU GPL, see LICENSE for more details.
""" """
from __future__ import with_statement
import csv import csv
from django.shortcuts import redirect from django.shortcuts import redirect
from django.contrib import messages from django.contrib import messages
from django.contrib.auth.decorators import login_required from django.contrib.auth.decorators import login_required
@ -441,6 +441,9 @@ def application_import(request):
return redirect(reverse('application_overview')) return redirect(reverse('application_overview'))
except Profile.DoesNotExist: except Profile.DoesNotExist:
pass pass
except AttributeError:
# AnonymousUser
pass
if request.method == 'POST': if request.method == 'POST':
form = ApplicationImportForm(request.POST, request.FILES) form = ApplicationImportForm(request.POST, request.FILES)

View File

@ -18,6 +18,7 @@ DEBUG = True
TEMPLATE_DEBUG = DEBUG TEMPLATE_DEBUG = DEBUG
AUTH_PROFILE_MODULE = 'participant.Profile' AUTH_PROFILE_MODULE = 'participant.Profile'
AUTHENTICATION_BACKENDS = ('django.contrib.auth.backends.ModelBackend', 'openslides.system.auth.AnonymousAuth',)
LOGIN_URL = '/login/' LOGIN_URL = '/login/'
LOGIN_REDIRECT_URL = '/agenda/' LOGIN_REDIRECT_URL = '/agenda/'
@ -137,4 +138,5 @@ TEMPLATE_CONTEXT_PROCESSORS = (
'django.core.context_processors.request', 'django.core.context_processors.request',
'django.core.context_processors.i18n', 'django.core.context_processors.i18n',
'utils.utils.revision', 'utils.utils.revision',
'openslides.system.auth.anonymous_context_additions',
) )

View File

@ -7,7 +7,7 @@ msgid ""
msgstr "" msgstr ""
"Project-Id-Version: PACKAGE VERSION\n" "Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n" "Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2011-11-09 22:57+0100\n" "POT-Creation-Date: 2011-11-10 23:13+0100\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n" "Language-Team: LANGUAGE <LL@li.org>\n"
@ -17,11 +17,11 @@ msgstr ""
"Content-Transfer-Encoding: 8bit\n" "Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=2; plural=(n != 1)\n" "Plural-Forms: nplurals=2; plural=(n != 1)\n"
#: default.settings.py:59 settings.py:59 #: default.settings.py:60 settings.py:60
msgid "German" msgid "German"
msgstr "Deutsch" msgstr "Deutsch"
#: default.settings.py:60 settings.py:60 #: default.settings.py:61 settings.py:61
msgid "English" msgid "English"
msgstr "Englisch" msgstr "Englisch"
@ -53,7 +53,7 @@ msgstr "Ja, mit allen Kindelementen."
msgid "No" msgid "No"
msgstr "Nein" msgstr "Nein"
#: agenda/api.py:67 participant/views.py:164 participant/views.py:242 #: agenda/api.py:67 participant/views.py:165 participant/views.py:268
#: utils/utils.py:40 #: utils/utils.py:40
#, python-format #, python-format
msgid "Do you really want to delete <b>%s</b>?" msgid "Do you really want to delete <b>%s</b>?"
@ -145,9 +145,9 @@ msgstr "Eintrag wurde erfolgreich geändert."
msgid "Agenda item modified" msgid "Agenda item modified"
msgstr "Tagesordnungseintrag geändert" msgstr "Tagesordnungseintrag geändert"
#: agenda/views.py:283 application/views.py:526 participant/views.py:141 #: agenda/views.py:283 application/views.py:526 participant/views.py:142
#: participant/views.py:227 participant/views.py:256 participant/views.py:313 #: participant/views.py:253 participant/views.py:282 participant/views.py:339
#: system/views.py:32 system/views.py:74 #: system/views.py:48 system/views.py:91
msgid "Please check the form for errors." msgid "Please check the form for errors."
msgstr "Bitte kontrollieren Sie das Formular nach Fehlern." msgstr "Bitte kontrollieren Sie das Formular nach Fehlern."
@ -727,7 +727,7 @@ msgstr "FEHLER beim Zurückweisen der Version."
msgid "Do you really want to reject version <b>%s</b>?" msgid "Do you really want to reject version <b>%s</b>?"
msgstr "Soll Version <b>%s</b> wirklich zurückgewiesen werden?" msgstr "Soll Version <b>%s</b> wirklich zurückgewiesen werden?"
#: application/views.py:440 participant/views.py:272 #: application/views.py:440 participant/views.py:298
msgid "" msgid ""
"The import function is available for the superuser (without user profile) " "The import function is available for the superuser (without user profile) "
"only." "only."
@ -1359,62 +1359,67 @@ msgstr "Amt"
msgid "First Password" msgid "First Password"
msgstr "Erstes Passwort" msgstr "Erstes Passwort"
#: participant/views.py:133 #: participant/views.py:134
msgid "New participant was successfully created." msgid "New participant was successfully created."
msgstr "Neue/r Teilnehmer/in wurde erfolgreich angelegt." msgstr "Neue/r Teilnehmer/in wurde erfolgreich angelegt."
#: participant/views.py:135 #: participant/views.py:136
msgid "Participant was successfully modified." msgid "Participant was successfully modified."
msgstr "Teilnehmer/in wurde erfolgreich geändert." msgstr "Teilnehmer/in wurde erfolgreich geändert."
#: participant/views.py:162 #: participant/views.py:163
#, python-format #, python-format
msgid "Participant <b>%s</b> was successfully deleted." msgid "Participant <b>%s</b> was successfully deleted."
msgstr "Teilnehmer/in <b>%s</b> wurde erfolgreich gelöscht." msgstr "Teilnehmer/in <b>%s</b> wurde erfolgreich gelöscht."
#: participant/views.py:174 #: participant/views.py:175
#, python-format #, python-format
msgid "Participant <b>%s</b> is now a normal user." msgid "Participant <b>%s</b> is now a normal user."
msgstr "Teilnehmer/in <b>%s</b> ist jetzt ein normaler Nutzer." msgstr "Teilnehmer/in <b>%s</b> ist jetzt ein normaler Nutzer."
#: participant/views.py:178 #: participant/views.py:179
#, python-format #, python-format
msgid "Participant <b>%s</b> is now administrator." msgid "Participant <b>%s</b> is now administrator."
msgstr "Teilnehmer/in <b>%s</b> ist jetzt ein Administrator." msgstr "Teilnehmer/in <b>%s</b> ist jetzt ein Administrator."
#: participant/views.py:188 #: participant/views.py:189
#, python-format #, python-format
msgid "Participant <b>%s</b> was successfully deactivated." msgid "Participant <b>%s</b> was successfully deactivated."
msgstr "Teilnehmer/in <b>%s</b> wurde erfolgreich deaktiviert." msgstr "Teilnehmer/in <b>%s</b> wurde erfolgreich deaktiviert."
#: participant/views.py:192 #: participant/views.py:193
#, python-format #, python-format
msgid "Participant <b>%s</b> was successfully activated." msgid "Participant <b>%s</b> was successfully activated."
msgstr "Teilnehmer/in <b>%s</b> wurde erfolgreich aktiviert." msgstr "Teilnehmer/in <b>%s</b> wurde erfolgreich aktiviert."
#: participant/views.py:219 #: participant/views.py:231
#, python-format
msgid "Group name \"%s\" is reserved for internal use."
msgstr "Der Gruppenname \"%s\" ist für interne Verwendung reserviert."
#: participant/views.py:245
msgid "New group was successfully created." msgid "New group was successfully created."
msgstr "Neue Gruppe wurde erfolgreich angelegt." msgstr "Neue Gruppe wurde erfolgreich angelegt."
#: participant/views.py:221 #: participant/views.py:247
msgid "Group was successfully modified." msgid "Group was successfully modified."
msgstr "Gruppe wurde erfolgreich geändert." msgstr "Gruppe wurde erfolgreich geändert."
#: participant/views.py:240 #: participant/views.py:266
#, python-format #, python-format
msgid "Group <b>%s</b> was successfully deleted." msgid "Group <b>%s</b> was successfully deleted."
msgstr "Gruppe <b>%s</b> wurde erfolgreich gelöscht." msgstr "Gruppe <b>%s</b> wurde erfolgreich gelöscht."
#: participant/views.py:254 #: participant/views.py:280
msgid "User settings successfully saved." msgid "User settings successfully saved."
msgstr "Nutzereinstellungen wurden erfolgreich gespeichert." msgstr "Nutzereinstellungen wurden erfolgreich gespeichert."
#: participant/views.py:311 #: participant/views.py:337
#, python-format #, python-format
msgid "%d new participants were successfully imported." msgid "%d new participants were successfully imported."
msgstr "%d neue Teilnehmer/innen wurden erfolgreich importiert." msgstr "%d neue Teilnehmer/innen wurden erfolgreich importiert."
#: participant/views.py:315 #: participant/views.py:341
msgid "" msgid ""
"Attention: All existing participants will be removed if you import new " "Attention: All existing participants will be removed if you import new "
"participants." "participants."
@ -1422,14 +1427,14 @@ msgstr ""
"Achtung: Alle existierenden Teilnehmer/innen werden gelöscht, wenn Sie neue " "Achtung: Alle existierenden Teilnehmer/innen werden gelöscht, wenn Sie neue "
"Teilnehmer/innen importieren." "Teilnehmer/innen importieren."
#: participant/views.py:326 #: participant/views.py:352
#, python-format #, python-format
msgid "%s Password was successfully generated." msgid "%s Password was successfully generated."
msgid_plural "%s Passwords were successfully generated." msgid_plural "%s Passwords were successfully generated."
msgstr[0] "Es wurde %s Passwort erfolgreich generiert." msgstr[0] "Es wurde %s Passwort erfolgreich generiert."
msgstr[1] "Es wurden %s Passwörter erfolgreich generiert." msgstr[1] "Es wurden %s Passwörter erfolgreich generiert."
#: participant/views.py:328 #: participant/views.py:354
msgid "" msgid ""
"There are no participants which need a first time password. No passwords " "There are no participants which need a first time password. No passwords "
"generated." "generated."
@ -1437,12 +1442,12 @@ msgstr ""
"Es sind keine Teilnehmer/innen ohne Erst-Passwort vorhanden. Es wurden keine " "Es sind keine Teilnehmer/innen ohne Erst-Passwort vorhanden. Es wurden keine "
"Passwörter generiert." "Passwörter generiert."
#: participant/views.py:337 #: participant/views.py:363
#, python-format #, python-format
msgid "The Password for <b>%s</b> was successfully reset." msgid "The Password for <b>%s</b> was successfully reset."
msgstr "Das Passwort für <b>%s</b> wurde erfolgreich zurückgesetzt." msgstr "Das Passwort für <b>%s</b> wurde erfolgreich zurückgesetzt."
#: participant/views.py:339 #: participant/views.py:365
#, python-format #, python-format
msgid "Do you really want to reset the password for <b>%s</b>?" msgid "Do you really want to reset the password for <b>%s</b>?"
msgstr "Soll das Passwort für <b>%s</b> wirklich zurückgesetzt werden?" msgstr "Soll das Passwort für <b>%s</b> wirklich zurückgesetzt werden?"
@ -1528,11 +1533,11 @@ msgstr "Aktionen"
msgid "Edit group" msgid "Edit group"
msgstr "Benutzergruppe bearbeiten" msgstr "Benutzergruppe bearbeiten"
#: participant/templates/participant/group_overview.html:15 #: participant/templates/participant/group_overview.html:16
msgid "Delete group" msgid "Delete group"
msgstr "Benutzergruppe löschen" msgstr "Benutzergruppe löschen"
#: participant/templates/participant/group_overview.html:20 #: participant/templates/participant/group_overview.html:22
#: participant/templates/participant/overview.html:84 #: participant/templates/participant/overview.html:84
msgid "No participants available." msgid "No participants available."
msgstr "Keine Teilnehmer/innen vorhanden." msgstr "Keine Teilnehmer/innen vorhanden."
@ -1551,7 +1556,7 @@ msgstr ""
#: participant/templates/participant/login.html:5 #: participant/templates/participant/login.html:5
#: participant/templates/participant/login.html:13 #: participant/templates/participant/login.html:13
#: participant/templates/participant/login.html:43 templates/base.html:26 #: participant/templates/participant/login.html:42 templates/base.html:26
msgid "Login" msgid "Login"
msgstr "Anmelden" msgstr "Anmelden"
@ -1564,6 +1569,10 @@ msgid "Your username and password didn't match. Please try again."
msgstr "" msgstr ""
"Benutzername und Passwort stimmen nicht überein. Bitte noch einmal versuchen." "Benutzername und Passwort stimmen nicht überein. Bitte noch einmal versuchen."
#: participant/templates/participant/login.html:46
msgid "Continue as guest"
msgstr "Weiter als Gast"
#: participant/templates/participant/overview.html:42 utils/pdf.py:263 #: participant/templates/participant/overview.html:42 utils/pdf.py:263
msgid "First Name" msgid "First Name"
msgstr "Vorname" msgstr "Vorname"
@ -1637,79 +1646,95 @@ msgstr "System URL"
msgid "Welcome text (for password PDF)" msgid "Welcome text (for password PDF)"
msgstr "Willkommenstext (für Passwort-PDF-Liste)" msgstr "Willkommenstext (für Passwort-PDF-Liste)"
#: system/forms.py:29 #: system/forms.py:24
msgid "Access for anonymous / guest users"
msgstr "Zugriff für anonyme oder Gast-Nutzer"
#: system/forms.py:24
msgid "Allow access for guest users"
msgstr "Zugriff für Gast-Nutzer aktivieren"
#: system/forms.py:30
msgid "Event name" msgid "Event name"
msgstr "Veranstaltungsname" msgstr "Veranstaltungsname"
#: system/forms.py:30 #: system/forms.py:31
msgid "Short description of event" msgid "Short description of event"
msgstr "Kurzbeschreibung der Veranstaltung" msgstr "Kurzbeschreibung der Veranstaltung"
#: system/forms.py:31 #: system/forms.py:32
msgid "Event date" msgid "Event date"
msgstr "Veranstaltungszeitraum" msgstr "Veranstaltungszeitraum"
#: system/forms.py:32 #: system/forms.py:33
msgid "Event location" msgid "Event location"
msgstr "Veranstaltungsort" msgstr "Veranstaltungsort"
#: system/forms.py:33 #: system/forms.py:34
msgid "Event organizer" msgid "Event organizer"
msgstr "Veranstalter" msgstr "Veranstalter"
#: system/forms.py:39 #: system/forms.py:40
msgid "Countdown (in seconds)" msgid "Countdown (in seconds)"
msgstr "Countdown (in Sekunden)" msgstr "Countdown (in Sekunden)"
#: system/forms.py:45 #: system/forms.py:46
msgid "Number of (minimum) required supporters for a application" msgid "Number of (minimum) required supporters for a application"
msgstr "Mindestanzahl erforderlicher Unterstützer/innen für einen Antrag" msgstr "Mindestanzahl erforderlicher Unterstützer/innen für einen Antrag"
#: system/forms.py:46 #: system/forms.py:47
msgid "Application preamble" msgid "Application preamble"
msgstr "Antragseinleitung" msgstr "Antragseinleitung"
#: system/forms.py:47 system/forms.py:58 #: system/forms.py:48 system/forms.py:59
msgid "Number of ballot papers (selection)" msgid "Number of ballot papers (selection)"
msgstr "Anzahl der Wahlscheine (Vorauswahl)" msgstr "Anzahl der Wahlscheine (Vorauswahl)"
#: system/forms.py:47 system/forms.py:58 #: system/forms.py:48 system/forms.py:59
msgid "Number of all delegates" msgid "Number of all delegates"
msgstr "Anzahl aller Delegierten" msgstr "Anzahl aller Delegierten"
#: system/forms.py:47 system/forms.py:58 #: system/forms.py:48 system/forms.py:59
msgid "Number of all participants" msgid "Number of all participants"
msgstr "Anzahl aller Teilnehmer/innen" msgstr "Anzahl aller Teilnehmer/innen"
#: system/forms.py:47 system/forms.py:58 #: system/forms.py:48 system/forms.py:59
msgid "Use the following custum number" msgid "Use the following custum number"
msgstr "Verwende die folgende benutzerdefinierte Anzahl" msgstr "Verwende die folgende benutzerdefinierte Anzahl"
#: system/forms.py:48 system/forms.py:59 #: system/forms.py:49 system/forms.py:60
msgid "Custom number of ballot papers" msgid "Custom number of ballot papers"
msgstr "Benutzerdefinierte Anzahl von Wahlscheinen" msgstr "Benutzerdefinierte Anzahl von Wahlscheinen"
#: system/forms.py:49 #: system/forms.py:50
msgid "Title for PDF document (all applications)" msgid "Title for PDF document (all applications)"
msgstr "Titel für PDF-Dokuemt (alle Anträge)" msgstr "Titel für PDF-Dokuemt (alle Anträge)"
#: system/forms.py:50 #: system/forms.py:51
msgid "Preamble text for PDF document (all applications)" msgid "Preamble text for PDF document (all applications)"
msgstr "Einleitungstext für PDF-Dokument (alle Anträge)" msgstr "Einleitungstext für PDF-Dokument (alle Anträge)"
#: system/forms.py:56 #: system/forms.py:57
msgid "Title for PDF document (all elections)" msgid "Title for PDF document (all elections)"
msgstr "Titel für PDF-Dokument (alle Wahlen)" msgstr "Titel für PDF-Dokument (alle Wahlen)"
#: system/forms.py:57 #: system/forms.py:58
msgid "Preamble text for PDF document (all elections)" msgid "Preamble text for PDF document (all elections)"
msgstr "Einleitungstext für PDF-Dokument (alle Wahlen) " msgstr "Einleitungstext für PDF-Dokument (alle Wahlen) "
#: system/views.py:30 #: system/views.py:42
msgid ""
"Anonymous access enabled. Please modify the \"Anonymous\" group to fit your "
"required permissions."
msgstr ""
"Anonymer Zugriff aktiviert. Bitte setzen Sie die Rechte der Gruppe \"Anonymous\" "
"passend zum gewünschten Zugriffslevel."
#: system/views.py:46
msgid "System settings successfully saved." msgid "System settings successfully saved."
msgstr "Systemeinstellungen erfolgreich gespeichert." msgstr "Systemeinstellungen erfolgreich gespeichert."
#: system/views.py:72 #: system/views.py:89
msgid "General settings successfully saved." msgid "General settings successfully saved."
msgstr "Allgemeine Einstellungen erfolgreich gespeichert." msgstr "Allgemeine Einstellungen erfolgreich gespeichert."

View File

@ -12,7 +12,9 @@
<tr class="{% cycle '' 'odd' %}"> <tr class="{% cycle '' 'odd' %}">
<td>{{ group.name }}</td> <td>{{ group.name }}</td>
<td><a href="{% url user_group_edit group.id %}"><img src="/static/images/icons/document-edit.png" title="{%trans 'Edit group' %}"></a> <td><a href="{% url user_group_edit group.id %}"><img src="/static/images/icons/document-edit.png" title="{%trans 'Edit group' %}"></a>
{% if group.name != 'Anonymous' %}
<a href="{% url user_group_delete group.id %}"><img src="/static/images/icons/edit-delete.png" title="{%trans 'Delete group' %}"></a> <a href="{% url user_group_delete group.id %}"><img src="/static/images/icons/edit-delete.png" title="{%trans 'Delete group' %}"></a>
{% endif %}
</td> </td>
</tr> </tr>
{% empty %} {% empty %}

View File

@ -25,7 +25,6 @@
}); });
</script> </script>
{% endif %} {% endif %}
<form method="post" action="{% url user_login %}"> <form method="post" action="{% url user_login %}">
{% csrf_token %} {% csrf_token %}
<table> <table>
@ -42,7 +41,20 @@
<button type="submit"> <button type="submit">
<span class="icon ok">{%trans 'Login' %}</span> <span class="icon ok">{%trans 'Login' %}</span>
</button> </button>
{% if os_enable_anonymous_login %}
<button id="anonymous_login">
<span class="icon ok">{%trans 'Continue as guest' %}</span>
</button>
{% endif %}
<input type="hidden" name="next" value="{{ next }}" /> <input type="hidden" name="next" value="{{ next }}" />
</p> </p>
</form> </form>
{% if os_enable_anonymous_login %}
<script>
$("#anonymous_login").live('click', function () {
window.location.href = '{% url item_overview %}';
return false;
});
</script>
{% endif %}
{% endblock %} {% endblock %}

View File

@ -32,6 +32,7 @@ from participant.api import gen_username
from participant.forms import UserNewForm, UserEditForm, ProfileForm, UsersettingsForm, UserImportForm, GroupForm, AdminPasswordChangeForm from participant.forms import UserNewForm, UserEditForm, ProfileForm, UsersettingsForm, UserImportForm, GroupForm, AdminPasswordChangeForm
from utils.utils import template, permission_required, gen_confirm_form from utils.utils import template, permission_required, gen_confirm_form
from utils.pdf import print_userlist, print_passwords from utils.pdf import print_userlist, print_passwords
from system.api import config_get
from django.db.models import Avg, Max, Min, Count from django.db.models import Avg, Max, Min, Count
@ -195,7 +196,10 @@ def user_set_active(request, user_id):
@permission_required('participant.can_manage_participant') @permission_required('participant.can_manage_participant')
@template('participant/group_overview.html') @template('participant/group_overview.html')
def get_group_overview(request): def get_group_overview(request):
if config_get('system_enable_anonymous', False):
groups = Group.objects.all() groups = Group.objects.all()
else:
groups = Group.objects.exclude(name='Anonymous')
return { return {
'groups': groups, 'groups': groups,
} }
@ -214,7 +218,29 @@ def group_edit(request, group_id=None):
if request.method == 'POST': if request.method == 'POST':
form = GroupForm(request.POST, instance=group) form = GroupForm(request.POST, instance=group)
if form.is_valid(): if form.is_valid():
group_name = form.cleaned_data['name'].lower()
try:
anonymous_group = Group.objects.get(name='Anonymous')
except Group.DoesNotExist:
anonymous_group = None
# special handling for anonymous auth
if group is None and group_name.strip().lower() == 'anonymous':
# don't allow to create this group
messages.error(request, _('Group name "%s" is reserved for internal use.') % group_name)
return {
'form' : form,
'group': group
}
group = form.save() group = form.save()
if anonymous_group is not None and \
anonymous_group.id == group.id:
# prevent name changes - XXX: I'm sure this could be done as *one* group.save()
group.name = 'Anonymous'
group.save()
if group_id is None: if group_id is None:
messages.success(request, _('New group was successfully created.')) messages.success(request, _('New group was successfully created.'))
else: else:
@ -273,6 +299,9 @@ def user_import(request):
return redirect(reverse('user_overview')) return redirect(reverse('user_overview'))
except Profile.DoesNotExist: except Profile.DoesNotExist:
pass pass
except AttributeError:
# AnonymousUser
pass
if request.method == 'POST': if request.method == 'POST':
form = UserImportForm(request.POST, request.FILES) form = UserImportForm(request.POST, request.FILES)

View File

@ -0,0 +1,82 @@
from django.contrib.auth.models import Permission
from openslides.system.api import config_get
class AnonymousAuth(object):
"""
Authenticates the AnonymousUser against the Permission-Group 'Anonymous'.
No rights are granted unless the group is defined and contains them.
"""
supports_anonymous_user = True
supports_inactive_user = True
supports_object_permissions = False
def authenticate(self, username=None, password=None):
"""
Authenticate a user based in username / password.
- always return None as anonymous can't login..
"""
return None
def get_group_permissions(self, user_obj, obj=None):
"""
Return the permissions a user is graneted by his group membership(s).
- try to return the permissions for the 'Anonymous' group
"""
if not user_obj.is_anonymous() or obj is not None or \
not config_get('system_enable_anonymous', False):
return set()
perms = Permission.objects.filter(group__name='Anonymous')
if perms is None:
return set()
perms = perms.values_list('content_type__app_label', 'codename').order_by()
return set([u'%s.%s' % (ct, name) for ct, name in perms])
def get_all_permissions(self, user_obj, obj=None):
"""
Return all permissions a user is granted including goup permissions.
- for anonymous it's identical to get_group_permissions
"""
return self.get_group_permissions(user_obj, obj)
def has_perm(self, user_obj, perm, obj=None):
"""
Check if the user as a specific permission
"""
if not user_obj.is_anonymous() or obj is not None or \
not config_get('system_enable_anonymous', False):
return False
return (perm in self.get_all_permissions(user_obj))
def has_module_perm(self, user_obj, app_label):
"""
Check if the user has permissions on the module app_label
"""
if not user_obj.is_anonymous() or \
not config_get('system_enable_anonymous', False):
return False
for perm in self.get_all_permissions(user_obj):
if perm[:perm.index('.')] == app_label:
return True
return False
def get_user(self, user_id):
"""
Return the User object for user_id
- for anonymous it's always None
"""
return None
def anonymous_context_additions(RequestContext):
"""
Add a variable to the request context that will indicate
if anonymous login is possible at all.
"""
return { 'os_enable_anonymous_login' : config_get('system_enable_anonymous', False) }

View File

@ -0,0 +1 @@
from AnonymousAuth import *

View File

@ -21,6 +21,7 @@ class SystemConfigForm(Form):
#user_registration = BooleanField(label=_("User registration"), required=False) #user_registration = BooleanField(label=_("User registration"), required=False)
system_url = CharField(widget=TextInput(), required=False, label=_("System URL")) system_url = CharField(widget=TextInput(), required=False, label=_("System URL"))
system_welcometext = CharField(widget=Textarea(), required=False, label=_("Welcome text (for password PDF)")) system_welcometext = CharField(widget=Textarea(), required=False, label=_("Welcome text (for password PDF)"))
system_enable_anonymous = BooleanField(required=False, label=_("Access for anonymous / guest users"), help_text=_("Allow access for guest users"))
class EventConfigForm(Form): class EventConfigForm(Form):
error_css_class = 'error' error_css_class = 'error'

View File

@ -13,6 +13,7 @@
from django.shortcuts import redirect from django.shortcuts import redirect
from django.core.urlresolvers import reverse from django.core.urlresolvers import reverse
from django.contrib import messages from django.contrib import messages
from django.contrib.auth.models import Group, Permission
from django.utils.translation import ugettext as _ from django.utils.translation import ugettext as _
from utils.utils import template from utils.utils import template
from utils.utils import template, permission_required from utils.utils import template, permission_required
@ -27,6 +28,22 @@ def get_system_config(request):
if form.is_valid(): if form.is_valid():
config_set('system_url', form.cleaned_data['system_url']) config_set('system_url', form.cleaned_data['system_url'])
config_set('system_welcometext', form.cleaned_data['system_welcometext']) config_set('system_welcometext', form.cleaned_data['system_welcometext'])
if form.cleaned_data['system_enable_anonymous']:
config_set('system_enable_anonymous', True)
# check for Anonymous group and (re)create it as needed
try:
anonymous = Group.objects.get(name='Anonymous')
except Group.DoesNotExist:
default_perms = [u'can_see_agenda', u'can_see_projector', u'can_see_application']
anonymous = Group()
anonymous.name = 'Anonymous'
anonymous.save()
anonymous.permissions = Permission.objects.filter(codename__in=default_perms)
anonymous.save()
messages.success(request, _('Anonymous access enabled. Please modify the "Anonymous" group to fit your required permissions.'))
else:
# use '' - False will evaluate to uniced(False) => True..
config_set('system_enable_anonymous', '')
messages.success(request, _('System settings successfully saved.')) messages.success(request, _('System settings successfully saved.'))
else: else:
messages.error(request, _('Please check the form for errors.')) messages.error(request, _('Please check the form for errors.'))
@ -35,6 +52,7 @@ def get_system_config(request):
form = SystemConfigForm(initial={ form = SystemConfigForm(initial={
'system_url': config_get('system_url'), 'system_url': config_get('system_url'),
'system_welcometext': config_get('system_welcometext'), 'system_welcometext': config_get('system_welcometext'),
'system_enable_anonymous': config_get('system_enable_anonymous'),
}) })
return { return {
'form': form, 'form': form,