Author: mtredinnick
Date: 2006-07-18 21:09:26 -0500 (Tue, 18 Jul 2006)
New Revision: 3360
Modified:
django/trunk/django/contrib/admin/templates/admin/base.html
django/trunk/django/contrib/admin/views/decorators.py
django/trunk/django/contrib/auth/decorators.py
django/trunk/django/contrib/auth/models.py
django/trunk/django/contrib/comments/templates/comments/form.html
django/trunk/django/contrib/comments/templatetags/comments.py
django/trunk/django/contrib/comments/views/comments.py
django/trunk/django/contrib/comments/views/karma.py
django/trunk/django/contrib/flatpages/views.py
django/trunk/django/views/generic/create_update.py
django/trunk/docs/authentication.txt
django/trunk/docs/request_response.txt
Log:
Fixed #2332 -- Introduced is_authenticated() method on User and AnonymousUser
classes. Recommended its use over is_anonymous in the docs. Changed internal
Django use to match this recommendation. Thanks to SmileyChris and Gary Wilson
for the patch.
Modified: django/trunk/django/contrib/admin/templates/admin/base.html
===================================================================
--- django/trunk/django/contrib/admin/templates/admin/base.html 2006-07-19
01:35:58 UTC (rev 3359)
+++ django/trunk/django/contrib/admin/templates/admin/base.html 2006-07-19
02:09:26 UTC (rev 3360)
@@ -20,9 +20,9 @@
<div id="branding">
{% block branding %}{% endblock %}
</div>
- {% if not user.is_anonymous %}{% if user.is_staff %}
+ {% if user.is_authenticated and user.is_staff %}
<div id="user-tools">{% trans 'Welcome,' %} <strong>{% if
user.first_name %}{{ user.first_name|escape }}{% else %}{{ user.username }}{%
endif %}</strong>. {% block userlinks %}<a href="doc/">{% trans 'Documentation'
%}</a> / <a href="password_change/">{% trans 'Change password' %}</a> / <a
href="logout/">{% trans 'Log out' %}</a>{% endblock %}</div>
- {% endif %}{% endif %}
+ {% endif %}
{% block nav-global %}{% endblock %}
</div>
<!-- END Header -->
Modified: django/trunk/django/contrib/admin/views/decorators.py
===================================================================
--- django/trunk/django/contrib/admin/views/decorators.py 2006-07-19
01:35:58 UTC (rev 3359)
+++ django/trunk/django/contrib/admin/views/decorators.py 2006-07-19
02:09:26 UTC (rev 3360)
@@ -46,7 +46,7 @@
member, displaying the login page if necessary.
"""
def _checklogin(request, *args, **kwargs):
- if not request.user.is_anonymous() and request.user.is_staff:
+ if request.user.is_authenticated() and request.user.is_staff:
# The user is valid. Continue to the admin page.
if request.POST.has_key('post_data'):
# User must have re-authenticated through a different window
Modified: django/trunk/django/contrib/auth/decorators.py
===================================================================
--- django/trunk/django/contrib/auth/decorators.py 2006-07-19 01:35:58 UTC
(rev 3359)
+++ django/trunk/django/contrib/auth/decorators.py 2006-07-19 02:09:26 UTC
(rev 3360)
@@ -17,7 +17,7 @@
return _checklogin
return _dec
-login_required = user_passes_test(lambda u: not u.is_anonymous())
+login_required = user_passes_test(lambda u: u.is_authenticated())
login_required.__doc__ = (
"""
Decorator for views that checks that the user is logged in, redirecting
Modified: django/trunk/django/contrib/auth/models.py
===================================================================
--- django/trunk/django/contrib/auth/models.py 2006-07-19 01:35:58 UTC (rev
3359)
+++ django/trunk/django/contrib/auth/models.py 2006-07-19 02:09:26 UTC (rev
3360)
@@ -125,6 +125,11 @@
def is_anonymous(self):
"Always returns False. This is a way of comparing User objects to
anonymous users."
return False
+
+ def is_authenticated(self):
+ """Always return True. This is a way to tell if the user has been
authenticated in templates.
+ """
+ return True
def get_full_name(self):
"Returns the first_name plus the last_name, with a space in between."
@@ -293,3 +298,6 @@
def is_anonymous(self):
return True
+
+ def is_authenticated(self):
+ return False
Modified: django/trunk/django/contrib/comments/templates/comments/form.html
===================================================================
--- django/trunk/django/contrib/comments/templates/comments/form.html
2006-07-19 01:35:58 UTC (rev 3359)
+++ django/trunk/django/contrib/comments/templates/comments/form.html
2006-07-19 02:09:26 UTC (rev 3360)
@@ -2,10 +2,10 @@
{% if display_form %}
<form {% if photos_optional or photos_required %}enctype="multipart/form-data"
{% endif %}action="/comments/post/" method="post">
-{% if user.is_anonymous %}
+{% if user.is_authenticated %}
+<p>{% trans "Username:" %} <strong>{{ user.username }}</strong> (<a
href="/accounts/logout/">{% trans "Log out" %}</a>)</p>
+{% else %}
<p><label for="id_username">{% trans "Username:" %}</label> <input type="text"
name="username" id="id_username" /><br />{% trans "Password:" %} <input
type="password" name="password" id="id_password" /> (<a
href="/accounts/password_reset/">{% trans "Forgotten your password?" %}</a>)</p>
-{% else %}
-<p>{% trans "Username:" %} <strong>{{ user.username }}</strong> (<a
href="/accounts/logout/">{% trans "Log out" %}</a>)</p>
{% endif %}
{% if ratings_optional or ratings_required %}
Modified: django/trunk/django/contrib/comments/templatetags/comments.py
===================================================================
--- django/trunk/django/contrib/comments/templatetags/comments.py
2006-07-19 01:35:58 UTC (rev 3359)
+++ django/trunk/django/contrib/comments/templatetags/comments.py
2006-07-19 02:09:26 UTC (rev 3360)
@@ -114,7 +114,7 @@
comment_list = get_list_function(**kwargs).order_by(self.ordering +
'submit_date').select_related()
if not self.free:
- if context.has_key('user') and not context['user'].is_anonymous():
+ if context.has_key('user') and context['user'].is_authenticated():
user_id = context['user'].id
context['user_can_moderate_comments'] =
Comment.objects.user_is_moderator(context['user'])
else:
Modified: django/trunk/django/contrib/comments/views/comments.py
===================================================================
--- django/trunk/django/contrib/comments/views/comments.py 2006-07-19
01:35:58 UTC (rev 3359)
+++ django/trunk/django/contrib/comments/views/comments.py 2006-07-19
02:09:26 UTC (rev 3360)
@@ -63,7 +63,7 @@
validator_list=get_validator_list(8),
),
])
- if not user.is_anonymous():
+ if user.is_authenticated():
self["username"].is_required = False
self["username"].validator_list = []
self["password"].is_required = False
Modified: django/trunk/django/contrib/comments/views/karma.py
===================================================================
--- django/trunk/django/contrib/comments/views/karma.py 2006-07-19 01:35:58 UTC
(rev 3359)
+++ django/trunk/django/contrib/comments/views/karma.py 2006-07-19 02:09:26 UTC
(rev 3360)
@@ -15,7 +15,7 @@
rating = {'up': 1, 'down': -1}.get(vote, False)
if not rating:
raise Http404, "Invalid vote"
- if request.user.is_anonymous():
+ if not request.user.is_authenticated():
raise Http404, _("Anonymous users cannot vote")
try:
comment = Comment.objects.get(pk=comment_id)
Modified: django/trunk/django/contrib/flatpages/views.py
===================================================================
--- django/trunk/django/contrib/flatpages/views.py 2006-07-19 01:35:58 UTC
(rev 3359)
+++ django/trunk/django/contrib/flatpages/views.py 2006-07-19 02:09:26 UTC
(rev 3360)
@@ -22,7 +22,7 @@
f = get_object_or_404(FlatPage, url__exact=url,
sites__id__exact=settings.SITE_ID)
# If registration is required for accessing this page, and the user isn't
# logged in, redirect to the login page.
- if f.registration_required and request.user.is_anonymous():
+ if f.registration_required and not request.user.is_authenticated():
from django.contrib.auth.views import redirect_to_login
return redirect_to_login(request.path)
if f.template_name:
Modified: django/trunk/django/views/generic/create_update.py
===================================================================
--- django/trunk/django/views/generic/create_update.py 2006-07-19 01:35:58 UTC
(rev 3359)
+++ django/trunk/django/views/generic/create_update.py 2006-07-19 02:09:26 UTC
(rev 3360)
@@ -20,7 +20,7 @@
the form wrapper for the object
"""
if extra_context is None: extra_context = {}
- if login_required and request.user.is_anonymous():
+ if login_required and not request.user.is_authenticated():
return redirect_to_login(request.path)
manipulator = model.AddManipulator(follow=follow)
@@ -39,7 +39,7 @@
# No errors -- this means we can save the data!
new_object = manipulator.save(new_data)
- if not request.user.is_anonymous():
+ if request.user.is_authenticated():
request.user.message_set.create(message="The %s was created
successfully." % model._meta.verbose_name)
# Redirect to the new object: first by trying post_save_redirect,
@@ -86,7 +86,7 @@
the original object being edited
"""
if extra_context is None: extra_context = {}
- if login_required and request.user.is_anonymous():
+ if login_required and not request.user.is_authenticated():
return redirect_to_login(request.path)
# Look up the object to be edited
@@ -113,7 +113,7 @@
if not errors:
object = manipulator.save(new_data)
- if not request.user.is_anonymous():
+ if request.user.is_authenticated():
request.user.message_set.create(message="The %s was updated
successfully." % model._meta.verbose_name)
# Do a post-after-redirect so that reload works, etc.
@@ -162,7 +162,7 @@
the original object being deleted
"""
if extra_context is None: extra_context = {}
- if login_required and request.user.is_anonymous():
+ if login_required and not request.user.is_authenticated():
return redirect_to_login(request.path)
# Look up the object to be edited
@@ -180,7 +180,7 @@
if request.method == 'POST':
object.delete()
- if not request.user.is_anonymous():
+ if request.user.is_authenticated():
request.user.message_set.create(message="The %s was deleted." %
model._meta.verbose_name)
return HttpResponseRedirect(post_delete_redirect)
else:
Modified: django/trunk/docs/authentication.txt
===================================================================
--- django/trunk/docs/authentication.txt 2006-07-19 01:35:58 UTC (rev
3359)
+++ django/trunk/docs/authentication.txt 2006-07-19 02:09:26 UTC (rev
3360)
@@ -95,8 +95,12 @@
custom methods:
* ``is_anonymous()`` -- Always returns ``False``. This is a way of
- comparing ``User`` objects to anonymous users.
+ differentiating ``User`` and ``AnonymousUser`` objects. Generally, you
+ should prefer using ``is_authenticated()`` to this method.
+ * ``is_authenticated()`` -- Always returns ``True``. This is a way to
+ tell if the user has been authenticated.
+
* ``get_full_name()`` -- Returns the ``first_name`` plus the ``last_name``,
with a space in between.
@@ -219,6 +223,7 @@
* ``id`` is always ``None``.
* ``is_anonymous()`` returns ``True`` instead of ``False``.
+ * ``is_authenticated()`` returns ``False`` instead of ``True``.
* ``has_perm()`` always returns ``False``.
* ``set_password()``, ``check_password()``, ``save()``, ``delete()``,
``set_groups()`` and ``set_permissions()`` raise ``NotImplementedError``.
@@ -254,12 +259,12 @@
``request.user`` in views. ``request.user`` will give you a ``User`` object
representing the currently logged-in user. If a user isn't currently logged in,
``request.user`` will be set to an instance of ``AnonymousUser`` (see the
-previous section). You can tell them apart with ``is_anonymous()``, like so::
+previous section). You can tell them apart with ``is_authenticated()``, like
so::
- if request.user.is_anonymous():
+ if request.user.is_authenticated():
+ # Do something for authenticated users.
+ else:
# Do something for anonymous users.
- else:
- # Do something for logged-in users.
.. _request objects:
http://www.djangoproject.com/documentation/request_response/#httprequest-objects
.. _session documentation: http://www.djangoproject.com/documentation/sessions/
@@ -323,19 +328,19 @@
~~~~~~~~~~~
The simple, raw way to limit access to pages is to check
-``request.user.is_anonymous()`` and either redirect to a login page::
+``request.user.is_authenticated()`` and either redirect to a login page::
from django.http import HttpResponseRedirect
def my_view(request):
- if request.user.is_anonymous():
+ if not request.user.is_authenticated():
return HttpResponseRedirect('/login/?next=%s' % request.path)
# ...
...or display an error message::
def my_view(request):
- if request.user.is_anonymous():
+ if not request.user.is_authenticated():
return render_to_response('myapp/login_error.html')
# ...
@@ -439,7 +444,7 @@
permission ``polls.can_vote``::
def my_view(request):
- if request.user.is_anonymous() or not
request.user.has_perm('polls.can_vote'):
+ if not (request.user.is_authenticated() and
request.user.has_perm('polls.can_vote')):
return HttpResponse("You can't vote in this poll.")
# ...
@@ -605,10 +610,10 @@
The currently logged-in user, either a ``User`` instance or an``AnonymousUser``
instance, is stored in the template variable ``{{ user }}``::
- {% if user.is_anonymous %}
+ {% if user.is_authenticated %}
+ <p>Welcome, {{ user.username }}. Thanks for logging in.</p>
+ {% else %}
<p>Welcome, new user. Please log in.</p>
- {% else %}
- <p>Welcome, {{ user.username }}. Thanks for logging in.</p>
{% endif %}
Permissions
Modified: django/trunk/docs/request_response.txt
===================================================================
--- django/trunk/docs/request_response.txt 2006-07-19 01:35:58 UTC (rev
3359)
+++ django/trunk/docs/request_response.txt 2006-07-19 02:09:26 UTC (rev
3360)
@@ -106,12 +106,12 @@
A ``django.contrib.auth.models.User`` object representing the currently
logged-in user. If the user isn't currently logged in, ``user`` will be set
to an instance of ``django.contrib.auth.models.AnonymousUser``. You
- can tell them apart with ``is_anonymous()``, like so::
+ can tell them apart with ``is_authenticated()``, like so::
- if request.user.is_anonymous():
+ if request.user.is_authenticated():
+ # Do something for logged-in users.
+ else:
# Do something for anonymous users.
- else:
- # Do something for logged-in users.
``user`` is only available if your Django installation has the
``AuthenticationMiddleware`` activated. For more, see
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/django-updates
-~----------~----~----~----~------~----~------~--~---
