Accessing the requested function via a filter

2 views
Skip to first unread message

tweekgeek

unread,
Jan 14, 2006, 5:06:34 AM1/14/06
to cherrypy-users
Hello everybody. I'm new to both CP and Python, but from what I've
already learned, I think it will be a very enjoyable experience.

I'm trying to write an authentication filter for CP that will let me
define access clearance levels for each function.. For instance,
something like

class Root:
_cpFilterList = [ myAuthClass() ]

def privateInformation(self):
# Do something
pass
privateInformation.exposed = True
privateInformation.authClearance = [1,3]

cherrypy.Root = Root()
cherrypy.server.start()

That's pretty much off the top of my head, so forgive any mistakes...
The above would allow access to the privateInformation page for users
with clearance levels 1 and 3. In the filter class I'd like to be able
to access that "authClearance" property... I see
cherrypy.request.objectPath, which returns a string to the method being
called... But how can I use that get access to "authClearance"?

I can think of other ways of doing this, but this is the easiest I can
see... I thought about passing a variable of access levels and such to
the CP configuration, but that would be less intuitive... I'm planning
a very large site, so I'd like to keep things as simple as I can...

Thanks everyone!

____________________

James Kassemi
http://kassemi.blogspot.com

Ari Turpeinen

unread,
Jan 14, 2006, 6:27:34 AM1/14/06
to cherryp...@googlegroups.com
Hi,

tweekgeek wrote:
> I'm trying to write an authentication filter for CP that will let me
> define access clearance levels for each function.. For instance,
> something like
>
> class Root:
> _cpFilterList = [ myAuthClass() ]
>
> def privateInformation(self):
> # Do something
> pass
> privateInformation.exposed = True
> privateInformation.authClearance = [1,3]

This looks quite similar to what MultiAuth does.
Maybe you should check it out before writing you own?-)
http://projects.dowski.com/projects/multiauth

-Ari Turpeinen

tweekgeek

unread,
Jan 14, 2006, 7:21:42 AM1/14/06
to cherrypy-users
Very nice project. I'm looking through the code now, trying to pick up
exactly how it works. I think I need to do some research into
metaclasses and function decorators.

I can probably modify multiauth to do what I need, but if not, it will
definitely give me all the information I need to continue. Those
function decorators can pretty up the code :)

Thanks Ari

Reply all
Reply to author
Forward
0 new messages