Protecting a single view with permission based on context

[Thierry Florac]

Hi,

In an application using ZODB traversal, I need to create a view whose required permission depends on the state of the "context" object to which the view is applied.

Can I just create an "un-protected" view (without static permission) and check the permission in the view initialization code (and raise an HTTPForbidden exception if the required permission is missing), or is there a more elegant way to handle such a use case?

Best regards,

Thierry

-- 

  https://www.ulthar.net -- http://pyams.readthedocs.io

[Michael Merickel]

Does the permission actually need to change or can the context object just return an appropriate ACL based on its state? If you can have the context object be smarter then problem solved with a single permission. Otherwise yes you can certainly just handle it imperatively in the view code.

--
You received this message because you are subscribed to the Google Groups "pylons-discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email to pylons-discus...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/pylons-discuss/CAPX_VWAChxFOKJrLUs8L%3DRUz6r6u9xQn2fwCFSqZTBA1ehK%2BAQ%40mail.gmail.com.

--

Michael

[Thierry Florac]

Thanks Michael!

Actually the permission may change because the view (a form) applies to a an object whose permissions depends to it's own parent's status, and I don't want to make these objects inter-dependant (the "child" doesn't have to know the class of it's parent!); I also use a quite complex ACL factory integrated with my security policy (using permissions, roles, groups and more...) which I don't really want to override for this use case.

I've finally made the view "un-protected" in the "view_config" declaration, and included some code in the view based on a generic interface and it works perfectly!

Best regards,

Thierry

-- 

  https://www.ulthar.net -- http://pyams.readthedocs.io

To view this discussion on the web visit https://groups.google.com/d/msgid/pylons-discuss/CAKdhhwHTU4H2nKSm7b3j4SNA2T1bG8AT4Yhnx%2BjcQACA_HHb3g%40mail.gmail.com.