Thanks for the reply. The code that calls the request.user object is placed in the views and the Mako templates. I found that checking permission generates that database calls. For each served static file, pyramid checks the permission to the file which generates additional db calls. In my project I use the Pyramid1.0 and a groupfinder method from the cookbook, which uses request.user.groups in its definition.
For example if I put in a browser url like: http://127.0.0.1:6543/static/img/checked.png I can see in logs: 2011-04-18 20:46:44,869 DEBUG [paste.httpserver.ThreadPool] [MainThread] Added task (0 tasks queued) 2011-04-18 20:46:44,870 DEBUG [txn.4368994304][worker 3] new transaction 2011-04-18 20:46:44,872 route matched for url http://127.0.0.1:6543/static/img/checked.png; route_name: 'static/', path_info: '/static/img/checked.png', pattern: 'static/*subpath', matchdict: {'subpath': (u'img', u'checked.png')}, predicates: [] 2011-04-18 20:46:44,877 INFO [sqlalchemy.engine.base.Engine.0x...dad0] [worker 3] BEGIN (implicit) 2011-04-18 20:46:44,879 INFO [sqlalchemy.engine.base.Engine.0x...dad0] [worker 3] SELECT users.id AS users_id,........ / ..some sql statement stuff.. / 2011-04-18 20:46:44,883 INFO [sqlalchemy.engine.base.Engine.0x...dad0] [worker 3] SELECT groups.id AS groups_id, groups.name AS groups_name, groups.description AS groups_description, groups.modified AS groups_modified, groups.created AS groups_created FROM groups, users_groups WHERE %s = users_groups.user_id AND groups.id = users_groups.group_id 2011-04-18 20:46:44,885 debug_authorization of url http://127.0.0.1:6543/static/img/checked.png (view name u'' against context <pyramid.static.StaticURLInfo object at 0x103728bd0>): ACLDenied permission '__no_permission_required__' via ACE '<default deny>' in ACL '<No ACL found on any object in resource lineage>' on context <pyramid.static.StaticURLInfo object at 0x103728bd0> for principals ['system.Everyone', 'system.Authenticated', u'[email protected]', u'group:admin', u'group:moderator', u'group:user'] 2011-04-18 20:46:44,886 DEBUG [txn.4368994304][worker 3] commit <zope.sqlalchemy.datamanager.SessionDataManager object at 0x1012859d0> 2011-04-18 20:46:44,887 DEBUG [txn.4368994304][worker 3] commit The static views config is placed in __init__.py: config.add_static_view('static', 'informator:static') but I also tried the line below (without any good effects anyway): config.add_static_view('static', 'informator:static', permission='__no_permission_required__') Regards, Adam Klekotka On 18 Kwi, 01:02, Wyatt Baldwin <[email protected]> wrote: > Where is the code that calls `request.user`? It sounds you are calling it > unconditionally on *every* request. -- You received this message because you are subscribed to the Google Groups "pylons-discuss" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/pylons-discuss?hl=en.
