On Dec 29 2010, 6:47 am, Juliusz Gonera <[email protected]> wrote: > I am writing an admin panel for a system which already has its database > and user management. There are no groups in the current setup, users > only have one field specifying their "type" (e.g. user, admin, > superuser). There are also sets of permissions for each user (not user > type). Is repoze.what suitable for such system? Or should I just stick > to repoze.who and develop my own authorization?
You can still use repoze.what if you want to. You get useful generic predicates like not_anonymous (http://what.repoze.org/docs/1.0/Manual/ Predicates/Builtin.html#single-predicate-checkers), decorators for attaching authorization requirements to controllers and actions, and a standard approach for checking authorization within a routine (http:// what.repoze.org/docs/1.0/Manual/Predicates/Evaluating.html#finding-if- it-s-met-or-not). For handling types and permissions, you can write your own predicates (http://what.repoze.org/docs/1.0/Manual/Predicates/Writing.html) that check these directly, or you can write your own source adapters that take your types and permissions and present them as repoze.what groups and permissions (instead of using repoze.what.quickstart). (I haven't yet found much documentation on writing your own source adapters; can anyone help out)? -- Josh Kelley -- You received this message because you are subscribed to the Google Groups "pylons-discuss" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/pylons-discuss?hl=en.
