On 03/15/2011 02:38 PM, David Gardner wrote:
On 03/13/2011 04:21 PM, Billy wrote:
I can't seem to get a default permission for the static folder set
within my project. I've attempted a few different methods of setting
up the authorization policy and defaults but I continue to get
ACLDenied permission output in the debug.
Setup for authentication policy and the static view:
authn_policy = AuthTktAuthenticationPolicy('supersecret',
callback=groupfinder)
authz_policy = ACLAuthorizationPolicy()
config = Configurator(settings=settings,
root_factory='myproject.models.RootFactory',
authentication_policy=authn_policy,
authorization_policy=authz_policy)
config.set_request_factory(RequestWithUserAttribute)
config.add_static_view(name='static',
path='myproject:static',
permssion='__no_permission_required__')
An example of the debug_authorization messages I'm receiving. This
occurs for every static file being served:
debug_authorization of url http://localhost:6543/static/images/image.png
(view name u'' against context<pyramid.static.StaticURLInfo object at
0xb0ecd6c>): ACLDenied permission '__no_permission_required__' via ACE
'<default deny>' in ACL'<No ACL found on any object in resource
lineage>' on context<pyramid.static.StaticURLInfo object at
0xb0ecd6c> for principals ['system.Everyone']
I just ran into the same problem myself, I'm new to Pyramid so I don't
really know what I am doing here.
It looks like the static views are ignoring the root_factory ACL. (Side
note you have a type-o up there on permission)
So I hacked this into config.py:add_static_view()
spec = self._make_spec(path)
info = self.registry.queryUtility(IStaticURLInfo)
if info is None:
info = StaticURLInfo(self)
if '__acl__' in kw:
info.__acl__ = kw['__acl__']
self.registry.registerUtility(info, IStaticURLInfo)
info.add(name, spec, **kw)
Then in my __init__.py:
config.add_static_view('static', 'myproj:static', permission='valid_uuid',
__acl__ = [ (Allow, 'valid_uuid', 'valid_uuid'),
(Allow, 'current_uuid',
'current_uuid') ])
I'm curious is this a bug, or am I just doing something weird/wrong?
--
David Gardner
Pipeline Tools Programmer
Jim Henson Creature Shop
[email protected]
--
You received this message because you are subscribed to the Google Groups
"pylons-discuss" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/pylons-discuss?hl=en.
