On Mon, 26 Sep 2011 23:29:07 -0500, Michael Merickel wrote:
> On Mon, Sep 26, 2011 at 1:36 PM, Benjamin Sims
> <[email protected]>wrote:
>
>> That is, a way to check that a user is not authenticated in order to
>> restrict access to a login form?
>
>
> Restricting access is done via Pyramid's use of ACLs (mapping a user's
> principals to permissions). This means that you need a way to map a
> principal X to permission 'not_logged_in'. Principal X could be
> pyramid.security.Everyone, but obviously that also includes
> Authenticated users ...
How about some combination of the "Authenticated" principal and DENY:
__acl__ = [(pyramid.security.DENY,
pyramid.security.Authenticated,
('login',))]
--
You received this message because you are subscribed to the Google Groups
"pylons-discuss" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/pylons-discuss?hl=en.
