Extending and hoping to clarify Steve's example above, Pyramid users
typically leverage the "predicates" to handle this mapping. by using the
`request_method` predicate to map "GET" to "view", "POST" to "create", etc.
On Monday, May 10, 2021 at 4:27:09 PM UTC-4 grc...@gmail.com wrote:
>
>
excellent !!
I am very happy with pyramid and some things don't make sense *at the
beginning* but the end result is a much cleaner / simpler / modular code.
thank you so much everyone !!
On Monday, May 10, 2021 at 11:03:50 PM UTC+3 mmer...@gmail.com wrote:
> The permission strings are
The permission strings are arbitrary. For examples that are using ACLs (like
the wiki tutorials) the only requirement is that the strings should match up to
ACL entries that you are generating on your context objects. Pyramid does not
care about the values of the strings and you could use
I think that what you seek more understanding on is this thing called
"predicates". A predicate is a test which returns True or False, and which
narrows the set of circumstances in which views or routes may be called.
For example, to limit matching of a view callable to a `route_name` of
thank you for the input everyone.
please correct me if I am wrong , does pyramid know what a ( *view* )
action is ?
does it know that an Edit action ( is a form that is being POSTed or
Restful call to update ?
same goes for create , does it have a way to figure out that create is (
PUT )?
Hello,
you could have a look at the "Authorization" page of the SQLAlchemy +
URL dispatch wiki tutorial:
https://pyramid.readthedocs.io/en/latest/tutorials/wiki2/authorization.html
Basically : you define your permission as string via an ACL mechanism.
Your permissions may be global (e.g. all
If a view has a permission set, Pyramid calls the permits() method of your
security policy.
https://docs.pylonsproject.org/projects/pyramid/en/latest/api/interfaces.html#pyramid.interfaces.ISecurityPolicy
Hi,
Are you asking about the way to protect a view with a permission, or about
the way to grant this permission to a request?
Best regards,
Thierry
--
https://www.ulthar.net -- http://pyams.readthedocs.io
Le dim. 9 mai 2021 à 19:00, pzzcc a écrit :
> Hi,
>
> I am trying to wrap my head
Hi,
I am trying to wrap my head around some pyramid concepts and I am trying to
figure out how does a view config know what a permission like (* view ,
edit , create *) is ?
does it rely on the pyramid_tm r or the routes or what ?
I know how to use them but I need to wrap my head againts