>
> I'm looking for a function to fit in this usage:
>
> {% macro nav_item(request, route_name, text) -%}
> {% if request.view_execution_permitted(route_name) %}
> <li>
> <a href="{{ request.route_url(route_name) }}">{{ text }}</a>
> </li>
> {% endif %}
> {%- endmacro %}
>
>
> My problems are the following:
>
> 1. view_execution_permitted doesn't work like this, unlike other security
> functions, for example request.has_permission(). Why?
>
For this I don't have enough insight to answer.
>
> 2. Going the hard way and making a custom wrapper around
> view_execution_permitted,
> and adding it to request via add_request_method, I'm still stuck in how
> to use view_execution_permitted, for the following reason:
>
>
> 2.1. It needs a context. What is a context? I never had to use any
> context in URL Dispatch with SessionAuthenticationPolicy, and it really
> isn't explained on the website. I tried Googling view_execution_permitted
> and grepping for code in Github, but I couldn't find anything, except a
> Github issue ticket saying: "view_execution_permitted does not work with
> URL dispatch", which didn't help me.
> https://github.com/Pylons/pyramid/issues/673
>
If you are using only URL dispatching the context is always Root object.
Root object defines site wide root __acl__. You can get this as
request.root
http://docs.pylonsproject.org/projects/pyramid/en/latest/api/request.html
>
> 2.2. It needs a name. Is this route_name? I hope so?
>
One route can point to multiple views due to predicates (method=POST, etc).
Thus, this is most likely the same name you give for add_view() and
view_config()
>
> Maybe I don't even need view_execution_permitted. I just want a simple
> request.is_allowed_route(route_name). How can I do it?
>
I simply check for the permission I know the target has using
request.has_permission():
https://websauna.org/docs/narrative/user/permissions.html?highlight=permissions#checking-permissions-in-templates
>
> --
> You received this message because you are subscribed to the Google Groups
> "pylons-discuss" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to pylons-discuss+unsubscr...@googlegroups.com.
> To post to this group, send email to pylons-discuss@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/
> msgid/pylons-discuss/a5285237-b1a5-44e5-bd5e-3fd0e4b11c44%
> 40googlegroups.com
> <https://groups.google.com/d/msgid/pylons-discuss/a5285237-b1a5-44e5-bd5e-3fd0e4b11c44%40googlegroups.com?utm_medium=email&utm_source=footer>
> .
> For more options, visit https://groups.google.com/d/optout.
>
--
Mikko Ohtamaa
http://opensourcehacker.com
http://twitter.com/moo9000
--
You received this message because you are subscribed to the Google Groups
"pylons-discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to pylons-discuss+unsubscr...@googlegroups.com.
To post to this group, send email to pylons-discuss@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/pylons-discuss/CAK8RCUt7de%3DGuJA-O7viusQ_c3ox-nsuHrPGh-L-433pnnf71A%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.
