Checkpioint commit. This basically works with user.has_perm, but seems like the wrong way to do it. Instead of implementing has_perm and get_all_permissions on the Backend, I think we should be setting that permission when the user's UserOpenID object is updated.
