policy for rum's root page
0 views
Skip to first unread message
Michael Brickenstein
Sep 27, 2010, 8:40:31 AM9/27/10
to rum-discuss
Hi!
This message only affects users with a custom policy.
I made the root page of rum ("/") support the rum policy.
Whenever a user accesses it the policy is checked.
It makes sense in applications that users cannot see it
while they can access parts of your CRUD app.
E.g. one of my apps displays information about active events on a
customized
root page (just overloaded home.html),
which I protect against unwanted access.
So if you are using your own policy and would like to restore
the old behaviour (allow / for anyone),
add the following lines to your app:
from rum.policy import anyone
from rum import BuiltinResource
policy.register(anyone, obj=BuiltinResource, action='show')
If you would like to protect this page too (if it is not already
protected
enough by a mounting app), just replace the predicate anyone by
an appropriate predicate.
Cheers,
Michael
This message only affects users with a custom policy.
I made the root page of rum ("/") support the rum policy.
Whenever a user accesses it the policy is checked.
It makes sense in applications that users cannot see it
while they can access parts of your CRUD app.
E.g. one of my apps displays information about active events on a
customized
root page (just overloaded home.html),
which I protect against unwanted access.
So if you are using your own policy and would like to restore
the old behaviour (allow / for anyone),
add the following lines to your app:
from rum.policy import anyone
from rum import BuiltinResource
policy.register(anyone, obj=BuiltinResource, action='show')
If you would like to protect this page too (if it is not already
protected
enough by a mounting app), just replace the predicate anyone by
an appropriate predicate.
Cheers,
Michael
Michael Brickenstein
Sep 27, 2010, 8:41:51 AM9/27/10
to rum-discuss
The functionality is available only in rum's tip
and I am confident that it is the last compatibility change before rum
0.4.
Cheers,
Michael
and I am confident that it is the last compatibility change before rum
0.4.
Cheers,
Michael
Reply all
Reply to author
Forward
0 new messages