> > One of Pyramid's selling points is its built-in authorization. Pylons > never had that, which required me to write my own in one application or use > repoze.who/what. My own system works but is non-scalable: I punted on > multiple groups and just allowed one group per user, so we have to put > users in less-than-ideal groups to avoid the number of groups becoming > n = (number of permissions)! > Repoze.who/what are WSGI-based so they're more complicated/cumbersome than > they have to be (and they didn't exist when I wrote mine). So application > developers definitely prefer a framework-supported authorization system. > > I've watched the Pyramid auth debates from a distance since my application > is still in Pylons. But when I do port it to Pyramid, the issue will come > up whether to fully use the auth API or do something different. Parts of > the auth API do seem a little cumbersome. Yet if I make something else, I'd > want it to be reusable if possible. > > So, would it be possible to implement the alternate API as an add-on or > tween, bypassing the built-in system or making a compatibility stub to it? > Or would the built-in system get in the way too much for that to be > feasable? >
It depends on exactly how alternate you want it. If what you want to do permits it, the best-supported option would be to implement your own Authentication/Authorization policies. https://github.com/Pylons/pyramid/blob/master/pyramid/interfaces.py#L411 ; see implementations in authentication.py and authorization.py. For me it hasn't been awkward enough to make me want to switch, but I have to look it up every time I add security to a new app. -- You received this message because you are subscribed to the Google Groups "pylons-discuss" group. To view this discussion on the web visit https://groups.google.com/d/msg/pylons-discuss/-/v8zDVeUkkCYJ. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/pylons-discuss?hl=en.
