On Fri, 2011-06-24 at 15:21 +0200, Vlad K. wrote:
> pyramid.security.has_permission() takes three params, the 'context' of
> which is redundant for URL dispatch apps with no non-default context
> (isn't it?).
If you never use the factory= or traverse= arguments to to add_route and
you never use *traverse in a URL pattern, it will always be the default
context. But it isn't always the default context.
> In templates, we often display various UI parts depending
> on the permissions the user has. For instance:
>
> % if has_permission("admin", request.context, request):
> ...
> % endif
>
> The shortcut can be made a method of request, thusly:
>
> % if request.has_permission("admin"):
> ...
> % endif
>
>
> Where the method would supply self as request and self.context as
> context, unless overrides via context param which is None by default.
You're free to define such a feature yourself. The framework won't
provide it, though. You can use
"pyramid.threadlocal.get_current_request()" in the function you create
if passing the request bothers you.
from pyramid.threadlocal import get_current_request
from pyramid.security import has_permission
def my_has_permission(perm):
request = get_current_request()
return has_permission(perm, request.context, request)
> Alternatively, a get_permissions() method can be added (either to the
> Request object or as pyramid.security method) which would return a list
> of permissions for performance reasons (so we don't call a method every
> time):
>
>
> <%!
> from pyramid.security import get_permissions()
> %>
>
> ...
>
> <%
> perms = get_permissions(request)
> %>
>
> ...
>
> % if "foo" in perms:
> <a href="/secure/foo">Foo Only</a>
> % endif
> % if "bar" in perms:
> <a href="/secure/bar">Bar Only</a>
> % endif
>
> ...
>
> I know there has been talk about entire authz and authn subsystems
> overhaul (via Identity IIRC?) for 2.0, but one of the strong points
> either for the overhaul or not, would be an easy and fast way to get a
> list of permissions for the current user (and context).
Also just a matter of creating a wrapper object of some kind I guess.
from pyramid.security import has_permission
class Perms(object):
def __init__(self, request):
self.request = request
def __contains__(self, perm):
request = self.request
return has_permission(perm, request, request.context)
perms = Perms()
In either case, pass in "perms" or "my_has_permssion" to the template in
the return dictionary in a rendered view or make it a global using a
before render subscriber as per
http://docs.pylonsproject.org/projects/pyramid_cookbook/dev/templates.html#using-a-before-render-event-to-expose-an-h-helper-object
- C
--
You received this message because you are subscribed to the Google Groups
"pylons-discuss" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/pylons-discuss?hl=en.
