I use a metaclass to set a require attribute on all methods of a class
that I define in a dictionary (PermissionIndex)
PermissionIndex = {
,'setatime': ['time']
,'setctime': ['time']
,'setmtime': ['time']
,'getsize': ['visible','read']
,'getcwd': ['visible','read']
,'listdir': ['visible','read']
,'rmdir': ['visible','read','write']
,'remove': ['visible','read','write']
,'unlink': ['visible','read','write']
,'stat': ['visible','read']
,'chown': ['perm']
,'chgrp': ['perm']
,'set_group_perms': ['perm']
,'write_lock': ['wlock']
,'read_lock': ['rlock']
,'incr_version':['rlock',wlock','version']
class ACLRequirementDecorator(type):
'''
utility metaclass for setting the storage method acl requirements
from a dictionary.
'''
def __init__(cls, name, bases, dict):
super(ACLRequirementDecorator, cls).__init__(name, bases,
dict)
for k,v in dict.items():
if type(v) == type(lambda x:x):
if k in PermissionIndex.keys():
setattr(v,'require',PermissionIndex[k])
else:
setattr(v,'require',[])
class BaseStorage:
__metaclass__ = ACLRequirementDecorator
def __init__(self):
pass
.....
I really like the way this separates the authorizer, the object doing
the work, and the storage of access control requirements.
I have several apps where I have to hook into ldap for
somethings,mysql for others, etc ... and this approach has worked well
for me.
Credits: The inspiration for that metaclass comes from somewhere I
can't recall now. Metaclasses still make me a little dizzy.
I use this with pylons but also in several other contexts.
Have a great day!
Kai
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"pylons-discuss" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/pylons-discuss?hl=en
-~----------~----~----~----~------~----~------~--~---
