pyramid: forging identity programmatically (i.e. getting admin rights)
28 views
Skip to first unread message
kris
Mar 24, 2015, 7:28:07 PM3/24/15
to pylons-...@googlegroups.com
Is there a way to change the identity or add/delete groups during a request?
It seems that you cannot change the requests authenticated_userid or effective_principals during the request.
I have some code that needs admin priviledges briefly during the request processing..
Thanks,
Kris
Laurence Rowe
Mar 28, 2015, 5:08:11 PM3/28/15
to pylons-...@googlegroups.com
I do this in a subrequest on which I set the remote_user to an internal user which is given admin privileges. (I combine the RemoteUserAuthenticationPolicy with my other authentication policies using pyramid_multiauth.)
https://github.com/ENCODE-DCC/encoded/blob/b84ef781ed6068eab96c9e06983b770ca8e11154/src/encoded/embedding.py
The null_renderer used is here: https://github.com/ENCODE-DCC/encoded/blob/b84ef781ed6068eab96c9e06983b770ca8e11154/src/encoded/renderers.py#L106
The null_renderer used is here: https://github.com/ENCODE-DCC/encoded/blob/b84ef781ed6068eab96c9e06983b770ca8e11154/src/encoded/renderers.py#L106
Laurence
Reply all
Reply to author
Forward
0 new messages