On Dec 11, 10:48 am, Chris McDonough <[email protected]> wrote: > On Sat, 2011-12-10 at 22:39 -0800, rihad wrote: > > Sorry if a bit irrelevant. The changelog says: "The SQLAlchemy + URL > > Dispatch Wiki Tutorial has been updated.". But what I believe to be a > > bug that I mentioned > > here:http://groups.google.com/group/pylons-devel/browse_thread/thread/d81a... > > has remained seemingly unnoticed. > > Neither thing you mention there seems to be a bug. The line: > > url = request.application_url + '/login' > > Is constructed for the benefit of the template, which uses it as a form > post target. It can't be url = request.url, as the current URL when the > login view is invoked may not be the login form. The line: > > config.add_view('tutorial.login.login', route_name='login', > renderer='tutorial:templates/login.pt') > Oh, I missed this part, probably it's new. But even without it, the code I suggested works. I was incorrect in my first posting, in fact context=HTTPForbidden is needed to match the login view both before AND after the submit. The "edit" and "add" views simply fall through to it when the user doesn't have the needed permission. And the url = request.url in the login view works great for that whatever the URL is, keeping the login view to do its tricks under the hood. You can see that I works by commenting the context-less add_view above, and making login POST to the current URL.
-- You received this message because you are subscribed to the Google Groups "pylons-discuss" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/pylons-discuss?hl=en.
