From c9b7bb380e8700ad35131d37508c2c3758ce61c2 Mon Sep 17 00:00:00 2001
From: Tanner Prestegard <tanner.prestegard@ligo.org>
Date: Wed, 22 Aug 2018 13:13:46 -0500
Subject: [PATCH] Moving and updating old custom model backend

New custom model backend, which includes the table/object
permissions backend and does not authenticate.
---
 config/settings/base.py             |  2 +-
 gracedb/ligoauth/backends.py        | 10 ++++++++++
 gracedb/ligoauth/middleware/auth.py |  4 ----
 3 files changed, 11 insertions(+), 5 deletions(-)

diff --git a/config/settings/base.py b/config/settings/base.py
index 8a21cd457..299be0ee5 100644
--- a/config/settings/base.py
+++ b/config/settings/base.py
@@ -259,7 +259,7 @@ AUTHENTICATION_BACKENDS = (
     'ligoauth.middleware.auth.LigoX509Backend',
     'ligoauth.middleware.auth.LigoShibBackend',
     'ligoauth.middleware.auth.LigoBasicBackend',
-    'ligoauth.middleware.auth.ModelBackend',
+    'ligoauth.backends.GraceDbModelBackend',
 #   'ligoauth.middleware.auth.RemoteUserBackend',
 #   'ligodjangoauth.LigoShibbolethAuthBackend',
 #   'django.contrib.auth.backends.ModelBackend',
diff --git a/gracedb/ligoauth/backends.py b/gracedb/ligoauth/backends.py
index a665d9374..8b4d408d4 100644
--- a/gracedb/ligoauth/backends.py
+++ b/gracedb/ligoauth/backends.py
@@ -17,3 +17,13 @@ class ModelPermissionsForObjectBackend(backends.ModelBackend):
         #   Now, logic is: check for table-level permissions in either case
         return super(ModelPermissionsForObjectBackend, self).has_perm(user_obj,
             perm, obj=None)
+
+
+class GraceDbModelBackend(ModelPermissionsForObjectBackend):
+    """
+    Main permission-checking backend for GraceDB.  We remove the ability
+    for this backend to authenticate users, since that is handled by other
+    auth backends.
+    """
+    def authenticate(self, request, username=None, password=None, **kwargs):
+        return None
diff --git a/gracedb/ligoauth/middleware/auth.py b/gracedb/ligoauth/middleware/auth.py
index 4c55a4fe0..f52facbba 100644
--- a/gracedb/ligoauth/middleware/auth.py
+++ b/gracedb/ligoauth/middleware/auth.py
@@ -304,7 +304,3 @@ class LigoBasicBackend:
             return User.objects.get(id=user_id)
         except User.DoesNotExist:
             return None
-
-class ModelBackend(DefaultModelBackend):
-    def authenticate(self, username=None, password=None, **kwargs):
-        return None
-- 
GitLab