Hi.
Did you now some class for pylons to controll access for each view?
Thanks, for the info! :)
+1
A:
Hi,
You can use Authkit ( http://authkit.org ) and "authorize" decorator:
from authkit.authorize.pylons_adaptors import authorize
from authkit.permissions import RemoteUser
class MainController(BaseController):
@authorize(RemoteUser())
def index(self):
pass
You can write your own permission class, ex. (this is part of some old project, check it if you want use it):
class HasPerm(RequestPermission):
def __init__(self, perms, all=False, error=None):
if isinstance(perms, str):
perms = [perms]
self.all = all
self.perms = perms
self.error = error
self.full_access = "ADMIN"
def check(self, app, environ, start_response):
if not environ.has_key('REMOTE_USER'):
if self.error:
raise self.error
raise NotAuthenticatedError('Not authenticated')
user = Session.query(User)
user = user.filter_by(name=environ['REMOTE_USER']).first()
if not user:
raise NotAuthorizedError('No such user')
if user.blocked:
raise NotAuthorizedError('User blocked')
user_perms = [x.name for x in user.permissions]
if self.full_access in user_perms:
return app(environ, start_response)
for p in self.perms:
checked_perm = model.Permission.get_by(name=p)
if not checked_perm:
raise NotAuthorizedError("There is no permission")
if checked_perm.name in user_perms and not self.all:
return app(environ, start_response)
if checked_perm.name not in user_perms and self.all:
raise NotAuthorizedError("User has no permission")
raise NotAuthorizedError("User has no permission")
Maciej Kucharz
2010-07-28 22:34:58