On 05.05.11 10:55, Roy Hyunjin Han wrote: > On Feb 6, 5:53 pm, Timmy <[email protected]> wrote: > > I add a view for the forbidden view: > > > > from pyramid.exceptions import Forbidden > > config.add_view(forbidden_view, context=Forbidden) > > which redirects to a log in screen. > > > > But now i added some admin things which needed 'admin' access, and I > > want to just show a "you don't have thepermission" screen, how do I > > check for that in the forbidden view? > > Hi Timmy, > > I'm also trying to retrieve the permission of the original view after > it is blocked by a forbidden exception so that I can tell the user why > the user can't see the page. > > The closest code that I can find is in > pyramid.security.view_execution_permitted(request.context, request, > viewName) but it does not return the original view's permissions and > route names don't seem to be compatible with view names. > > I think I'm near to finding a solution, though. > > RHH >
You can always check "request.exception.args[0]" to get the complete error message. Although it would be great to have a cleaner way to get the missing permission from the error message (maybe writing a little helper function to parse it would be a solution). See [1] for more on this. As an alternative, I implemented the "User" object as a request attribute as described in the cookbook[2] so that I could tell apart unauthenticated users from unauthorized users and handle them in my forbidden view but I'm sure there are less naive ways to make it work. Of course, this won't help if you want to provide specific error messages for different authorization problems. Mariano [1] http://docs.pylonsproject.org/projects/pyramid/1.0/narr/hooks.html#changing-the-forbidden-view [2] http://docs.pylonsproject.org/projects/pyramid_cookbook/dev/authentication.html -- You received this message because you are subscribed to the Google Groups "pylons-discuss" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/pylons-discuss?hl=en.
