On 08/31/2012 11:37 AM, Robert Forkel wrote:
I guess I'm doing something similar. At least as far as having
resource specific permissions. But I've chosen to implement this using
context factories.
Thanks for your reply.
That would work except it is limited to checks at routing / view
mapping. The approach I'm having is a completely separate policy class
that can be queried by any part of the code, specifically:
- view config to get general view permission
- view handlers to get permission based on loaded resource (this would
also work well with traversal)
- templates to know which parts to render (menu options, content boxes,
etc...)
- other parts of the code
with the policy neatly defined in single file / class. So when you query
the policy, you basically ask it to:
1. verify action named X (eg. "article.edit")
2. with source context Y (eg. user profile ID and/or user's role(s) )
3. with target context Z (eg. SQLA article model)
--
.oO V Oo.
Work Hard,
Increase Production,
Prevent Accidents,
and
Be Happy! ;)
--
You received this message because you are subscribed to the Google Groups
"pylons-discuss" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/pylons-discuss?hl=en.
