1 files changed, 49 insertions, 0 deletions

diff --git a/ishtar/furnitures/backend.py b/ishtar/furnitures/backend.py
new file mode 100644
index 000000000..d251d81a8
--- /dev/null
+++ b/ishtar/furnitures/backend.py
@@ -0,0 +1,49 @@
+#!/usr/bin/env python
+# -*- coding: utf-8 -*-
+# Copyright (C) 2010  Étienne Loks  <etienne.loks_AT_peacefrogsDOTnet>
+
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as
+# published by the Free Software Foundation, either version 3 of the
+# License, or (at your option) any later version.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+# See the file COPYING for details.
+
+"""
+Permission backend to manage "own" objects
+"""
+
+from django.conf import settings
+from django.contrib.auth.models import User
+
+class ObjectOwnPermBackend(object):
+    supports_object_permissions = True
+    supports_anonymous_user = True
+
+    def authenticate(self, username, password):
+        # managed by the default backend
+        return None
+
+    def has_perm(self, user_obj, perm, obj=None):
+        if not user_obj.is_authenticated():
+            user_obj = User.objects.get(pk=settings.ANONYMOUS_USER_ID)
+
+        if obj is None:
+            # managed by the default backend
+            return False
+
+        try:
+            # only manage "own" permissions
+            assert perm.split('.')[-1].split('_')[-1] == 'own'
+        except (IndexError, AssertionError):
+            return False
+
+        return user_obj.has_perm(perm) and obj.is_own(user_obj)