> > I'm looking for a function to fit in this usage: > > {% macro nav_item(request, route_name, text) -%} > {% if request.view_execution_permitted(route_name) %} > <li> > <a href="{{ request.route_url(route_name) }}">{{ text }}</a> > </li> > {% endif %} > {%- endmacro %} > > > My problems are the following: > > 1. view_execution_permitted doesn't work like this, unlike other security > functions, for example request.has_permission(). Why? >
For this I don't have enough insight to answer. > > 2. Going the hard way and making a custom wrapper around > view_execution_permitted, > and adding it to request via add_request_method, I'm still stuck in how > to use view_execution_permitted, for the following reason: > > > 2.1. It needs a context. What is a context? I never had to use any > context in URL Dispatch with SessionAuthenticationPolicy, and it really > isn't explained on the website. I tried Googling view_execution_permitted > and grepping for code in Github, but I couldn't find anything, except a > Github issue ticket saying: "view_execution_permitted does not work with > URL dispatch", which didn't help me. > https://github.com/Pylons/pyramid/issues/673 > If you are using only URL dispatching the context is always Root object. Root object defines site wide root __acl__. You can get this as request.root http://docs.pylonsproject.org/projects/pyramid/en/latest/api/request.html > > 2.2. It needs a name. Is this route_name? I hope so? > One route can point to multiple views due to predicates (method=POST, etc). Thus, this is most likely the same name you give for add_view() and view_config() > > Maybe I don't even need view_execution_permitted. I just want a simple > request.is_allowed_route(route_name). How can I do it? > I simply check for the permission I know the target has using request.has_permission(): https://websauna.org/docs/narrative/user/permissions.html?highlight=permissions#checking-permissions-in-templates > > -- > You received this message because you are subscribed to the Google Groups > "pylons-discuss" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to pylons-discuss+unsubscr...@googlegroups.com. > To post to this group, send email to pylons-discuss@googlegroups.com. > To view this discussion on the web visit https://groups.google.com/d/ > msgid/pylons-discuss/a5285237-b1a5-44e5-bd5e-3fd0e4b11c44% > 40googlegroups.com > <https://groups.google.com/d/msgid/pylons-discuss/a5285237-b1a5-44e5-bd5e-3fd0e4b11c44%40googlegroups.com?utm_medium=email&utm_source=footer> > . > For more options, visit https://groups.google.com/d/optout. > -- Mikko Ohtamaa http://opensourcehacker.com http://twitter.com/moo9000 -- You received this message because you are subscribed to the Google Groups "pylons-discuss" group. To unsubscribe from this group and stop receiving emails from it, send an email to pylons-discuss+unsubscr...@googlegroups.com. To post to this group, send email to pylons-discuss@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/pylons-discuss/CAK8RCUt7de%3DGuJA-O7viusQ_c3ox-nsuHrPGh-L-433pnnf71A%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.