Closing a particular section of a Pyramid site
45 views
Skip to first unread message
Andreas Jung
Jan 15, 2013, 7:00:09 AM1/15/13
to pylons-...@googlegroups.com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Let's assume that we have a Pyramid site with several functional
sections. As part of maintenance operations you want to disable a parts
of the site e.g. by disallowing all views under a certain certain
route/path like /personal-data or so. My vision is having a central
place in my application where I can enable/disable the various parts
of the application with a click and this should have an immediate effect
without reconfiguration of app-servers, reverse proxies etc...any ideas
how to do this best with Pyramid?
Andreas
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iQGUBAEBAgAGBQJQ9UTJAAoJEADcfz7u4AZjTTELwJA8/P2b/vuILFUhVtj5fo1T
QTJ0WDFlroPHGBafrblAdLXBcTtcfFM2cqL7Ssgfv5OHqHJQ3oYtorFovKxgAJRf
QJtQAAVn3dlDP3zj/Gi2x8/6uD1geBKAyAJeZRPQGOoP9mt5R3N7ChipFJh8bDMM
kVqx5pyHA592IWwcBQqAI7MZPQT2pU8IlMU93r3ubcZCsSXWea3+1IRthBFC7esN
ndCSnrNMIREJz65a/UbfFJLHIYfd7G82Fe5QV1fAcE0l38eDtD0xWIVq4J/w7NMl
xx7SNk0Zz0aO/JdryKpH9txCs+i/WOSQoxje72uoM22HaoZ/QT7M2AgDfzkPXvpc
rWqMHEHh6E+zL1B4HeA/EtanHOR8h5Twzu1iBHHeLjoVBmumnxrzq4vtZkX98VKS
9DXiaE7ZfW+DUo2Ymn11uPi978QsAIVfOytJ2N/d5nFwNH9N2juH/986yzVNOUrq
fjhyNRb/Y2HQqz/30J7l8tNJM0hMJxg=
=eRvm
-----END PGP SIGNATURE-----
Hash: SHA1
Let's assume that we have a Pyramid site with several functional
sections. As part of maintenance operations you want to disable a parts
of the site e.g. by disallowing all views under a certain certain
route/path like /personal-data or so. My vision is having a central
place in my application where I can enable/disable the various parts
of the application with a click and this should have an immediate effect
without reconfiguration of app-servers, reverse proxies etc...any ideas
how to do this best with Pyramid?
Andreas
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iQGUBAEBAgAGBQJQ9UTJAAoJEADcfz7u4AZjTTELwJA8/P2b/vuILFUhVtj5fo1T
QTJ0WDFlroPHGBafrblAdLXBcTtcfFM2cqL7Ssgfv5OHqHJQ3oYtorFovKxgAJRf
QJtQAAVn3dlDP3zj/Gi2x8/6uD1geBKAyAJeZRPQGOoP9mt5R3N7ChipFJh8bDMM
kVqx5pyHA592IWwcBQqAI7MZPQT2pU8IlMU93r3ubcZCsSXWea3+1IRthBFC7esN
ndCSnrNMIREJz65a/UbfFJLHIYfd7G82Fe5QV1fAcE0l38eDtD0xWIVq4J/w7NMl
xx7SNk0Zz0aO/JdryKpH9txCs+i/WOSQoxje72uoM22HaoZ/QT7M2AgDfzkPXvpc
rWqMHEHh6E+zL1B4HeA/EtanHOR8h5Twzu1iBHHeLjoVBmumnxrzq4vtZkX98VKS
9DXiaE7ZfW+DUo2Ymn11uPi978QsAIVfOytJ2N/d5nFwNH9N2juH/986yzVNOUrq
fjhyNRb/Y2HQqz/30J7l8tNJM0hMJxg=
=eRvm
-----END PGP SIGNATURE-----
Arndt Droullier
Jan 15, 2013, 8:34:43 AM1/15/13
to Pyramid on google groups
You could use view predicates to add custom checks before views are called.
If you use cached configuration values the overhead should be reduced to a minimum.
see predicates or custom_predicates
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Let's assume that we have a Pyramid site with several functional
sections. As part of maintenance operations you want to disable a parts
of the site e.g. by disallowing all views under a certain certain
route/path like /personal-data or so. My vision is having a central
place in my application where I can enable/disable the various parts
of the application with a click and this should have an immediate effect
without reconfiguration of app-servers, reverse proxies etc...any ideas
how to do this best with Pyramid?
Wyatt Baldwin
Jan 15, 2013, 12:10:36 PM1/15/13
to pylons-...@googlegroups.com, li...@zopyx.com
On Tuesday, January 15, 2013 4:00:09 AM UTC-8, Andreas Jung wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Let's assume that we have a Pyramid site with several functional
sections. As part of maintenance operations you want to disable a parts
of the site e.g. by disallowing all views under a certain certain
route/path like /personal-data or so. My vision is having a central
place in my application where I can enable/disable the various parts
of the application with a click and this should have an immediate effect
without reconfiguration of app-servers, reverse proxies etc...any ideas
how to do this best with Pyramid?
You could implement something like this with a tween. Just have a list of URL paths somewhere (in memory or a database or Redis or whatever is suitable for your purposes) that you want to disable. The tween would simply check PATH_INFO against the list and return a standard 503 response before the request ever reaches your app.
I'm suggesting a tween (as opposed to WSGI middleware) because a tween has access to the Pyramid environment, which can be used to generate a page that lists all of your app's URLs with check boxes for disabling individual pages or subsections.
Andreas Jung
Jan 15, 2013, 12:11:53 PM1/15/13
to pylons-...@googlegroups.com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Writing a tween makes sense...at least of the conceptual point of view :-)
Hash: SHA1
Thanks
Andreas
> Google Groups "pylons-discuss" group. To view this discussion on the
> web visit
> https://groups.google.com/d/msg/pylons-discuss/-/ZE3b-ZeoruQJ. To
> post to this group, send email to pylons-...@googlegroups.com. To
> unsubscribe from this group, send email to
> pylons-discus...@googlegroups.com. For more options, visit
> this group at http://groups.google.com/group/pylons-discuss?hl=en.
- --
ZOPYX Limited | Python | Zope | Plone | MongoDB
Hundskapfklinge 33 | Consulting & Development
D-72074 T�bingen | Electronic Publishing Solutions
www.zopyx.com | Scalable Web Solutions
- --------------------------------------------------
Produce & Publish - www.produce-and-publish.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
AabpnD+EdDJxp5FFyAzNzQhnAoXR7411/Cpeskk4HHckoaqj1DGBhbVczklDSwTE
J3R4BkwybjklO4kyhQAnfKfGEiNfgcjjeLv26VCWNhn4s1fR8UcEHLeKUYLGGPkv
FAA48yCrPw1y/XZmA/ecq8x7HUaIgwnL8k3iZ7KBUT9IfNXHWyYny8SP3tRmXhG7
OVPbGmw/aalIvaTVFexg7Fd0UkZ5F8FwuMIYjNZlnkXcP7G4/Qdz8pMOJgLVvo6g
iL0cVEsQUVqKo/ogQA6YbHOvQKt8ELyztJlPckk+F0u9eAaJVPL2F4UIdTRgqiOz
WomhvdUrnSQK134g20EVhPf3R+ULDnuUC6buQNQ6KNAmWikmoAAMMsOd/vo1oqrG
S6Lob1SC4Twwq69fjvd0sshfkZce86QlEOKz6J6OXYyX3m5qYcHeT3+3w5sQWn3x
4kbN5oPum/dg1UO3D3jZTExr96Gidz8=
=FQJr
-----END PGP SIGNATURE-----
Chris McDonough
Jan 15, 2013, 12:20:01 PM1/15/13
to pylons-...@googlegroups.com
On Tue, 2013-01-15 at 18:11 +0100, Andreas Jung wrote:
> Writing a tween makes sense...at least of the conceptual point of view :-)
>
> Thanks
> Andreas
I'll also note that the Pyramid ACLAuthorizationPolicy allows for use of
> Writing a tween makes sense...at least of the conceptual point of view :-)
>
> Thanks
> Andreas
a "Deny" action. If you have no more granular assertions higher (closer
to the leafs) in the tree, and you're using ACLs, you can do something
like add the following ACL to /personal_data:
(Deny, group.Users, ALL_PERMISSIONS)
If /personal_data/foo has an ACL that explicitly allows the user or one
of the user's groups for some permission, this won't help, however.
- C
Michael Merickel
Jan 15, 2013, 1:04:35 PM1/15/13
to Pylons
I would try to think about this as "some button on my site is modifying the ACL for the /personal-data resource". It is easy to create dynamic ACLs which can query your data store to determine if something is enabled or not. From there the ACL controls who has access with little effort on your part.
--
You received this message because you are subscribed to the Google Groups "pylons-discuss" group.
Jonathan Vanasco
Jan 15, 2013, 11:23:17 PM1/15/13
to pylons-...@googlegroups.com, li...@zopyx.com
Entering "maintenance mode" just creates a "downtime" file... `touch /webserver/controls/downtime`
Leaving maintenance removes it.
My nginx config handles app requests differently based on the presence of these files.
Reply all
Reply to author
Forward
0 new messages