Default Permission?
1 view
Skip to first unread message
Radityo
Dec 8, 2008, 9:35:47 PM12/8/08
to TurboGears Trunk
In TG2b1 with tg.authorize I can do this:
class SomeSecureController(SecureController):
require = authorize.has_permission('onePermission')
@expose('my_package.template.index')
def index(self):
# do something here
@expose('my_package.template.add')
@authorize.require(authorize.has_permission('specialPerm'))
def do_things(self, **kw):
# do other things here
But since TG2b2 with repoze.what it will throw an error:
>> @require(predicates.has_permission('specialPerm'))
TypeError: 'has_permission' object is not callable
To implement the same permission checking, since TG2b2 I have to write
it like this:
class SomeSecureController(BaseController):
@expose('my_package.template.index')
@require(predicates.has_permission('onePermission'))
def index(self):
# do something here
@expose('my_package.template.add')
@require(predicates.has_all_permission('onePermission',
'specialPerm'))
def do_things(self, **kw):
# do other things here
I kinda like the behavior of the first code, where you can define a
default permission requirement and then define additional permissions
as necessary.Is there a way to define a default permission requirement
with repoze.what?
class SomeSecureController(SecureController):
require = authorize.has_permission('onePermission')
@expose('my_package.template.index')
def index(self):
# do something here
@expose('my_package.template.add')
@authorize.require(authorize.has_permission('specialPerm'))
def do_things(self, **kw):
# do other things here
But since TG2b2 with repoze.what it will throw an error:
>> @require(predicates.has_permission('specialPerm'))
TypeError: 'has_permission' object is not callable
To implement the same permission checking, since TG2b2 I have to write
it like this:
class SomeSecureController(BaseController):
@expose('my_package.template.index')
@require(predicates.has_permission('onePermission'))
def index(self):
# do something here
@expose('my_package.template.add')
@require(predicates.has_all_permission('onePermission',
'specialPerm'))
def do_things(self, **kw):
# do other things here
I kinda like the behavior of the first code, where you can define a
default permission requirement and then define additional permissions
as necessary.Is there a way to define a default permission requirement
with repoze.what?
Gustavo Narea
Dec 9, 2008, 2:19:22 AM12/9/08
to turbogea...@googlegroups.com, Radityo
Hello.
Please don't use SecureController, that functionality is available in the
BaseController itself as of the second beta. SecureController in b1 is
outdated (it uses repoze.what the old way; hence the exception) and since it's
no longer necessary, you may want to remove it and use BaseController instead.
More info:
http://trac.turbogears.org/wiki/2.0/changelog#a1.9.7b2October29th2008:
Cheers.
--
Gustavo Narea <http://gustavonarea.net/>.
Get rid of unethical constraints! Get freedomware:
http://www.getgnulinux.org/
Please don't use SecureController, that functionality is available in the
BaseController itself as of the second beta. SecureController in b1 is
outdated (it uses repoze.what the old way; hence the exception) and since it's
no longer necessary, you may want to remove it and use BaseController instead.
More info:
http://trac.turbogears.org/wiki/2.0/changelog#a1.9.7b2October29th2008:
Cheers.
Gustavo Narea <http://gustavonarea.net/>.
Get rid of unethical constraints! Get freedomware:
http://www.getgnulinux.org/
Radityo
Dec 9, 2008, 7:01:59 PM12/9/08
to TurboGears Trunk
Actually, I did convert all my controller to BaseController. The
exception accured when my controller subclass BaseController and
using @require decorator and require property in the same controller.
Currently I use predicates.has_all_permissions to replace what I did
in TG2b1, but I wish there's a way to define a default permission for
a controller and only use @require(predicates.has_permission('xx')) on
only a few method where additional permission is required.
Ronggo
exception accured when my controller subclass BaseController and
using @require decorator and require property in the same controller.
Currently I use predicates.has_all_permissions to replace what I did
in TG2b1, but I wish there's a way to define a default permission for
a controller and only use @require(predicates.has_permission('xx')) on
only a few method where additional permission is required.
Ronggo
Gustavo Narea
Dec 10, 2008, 1:49:04 PM12/10/08
to turbogea...@googlegroups.com, Radityo
Hello.
Can you please open a ticket and include the traceback? I'll work on that in
the sprint this weekend.
Cheers.
Can you please open a ticket and include the traceback? I'll work on that in
the sprint this weekend.
Cheers.
Radityo
Dec 10, 2008, 7:29:14 PM12/10/08
to TurboGears Trunk
Reply all
Reply to author
Forward
0 new messages