I think that what you seek more understanding on is this thing called
"predicates". A predicate is a test which returns True or False, and which
narrows the set of circumstances in which views or routes may be called.
For example, to limit matching of a view callable to a `route_name` of `home`
and to the `POST` HTTP `request_method`, you would set the predicates in a view
decorator as follows.
@view_config(
route_name='home',
request_method='POST'
)
def home(request):
return Response('Welcome!')
More information on view predicates.
https://docs.pylonsproject.org/projects/pyramid/en/latest/narr/viewconfig.html#view-configuration-parameters
--steve
On 5/10/21 12:32 PM, pzzcc wrote:
> thank you for the input everyone.
>
> please correct me if I am wrong , does pyramid know what a ( *view* ) action
> is ?
>
> does it know that an Edit action ( is a form that is being POSTed or Restful
> call to update ?
>
> same goes for create , does it have a way to figure out that create is ( PUT
> )?
>
>
> *in other words , if I go to a view and change the view config to have a
> permssion of ( update ) instead of ( edit ) ,*
> *
> *
> *and then go to principals and update them accordingly , Pyramid it self
> wont care, would it ? *
> *
> *
> *can a view have more than one permission like ( update , create , view ) ? *
> *
> *
> /I am trying to figure out how it works so I can write a better code because
> I have gone through the wiki tutorial , it is *great* but it leaves you with
> a lot of question to be able to understand how things are put together ./
> *
> *
>
> On Monday, May 10, 2021 at 12:30:03 PM UTC+3 Eldav wrote:
>
> Hello,
>
> you could have a look at the "Authorization" page of the SQLAlchemy +
> URL dispatch wiki tutorial:
>
>
> https://pyramid.readthedocs.io/en/latest/tutorials/wiki2/authorization.html
> <https://pyramid.readthedocs.io/en/latest/tutorials/wiki2/authorization.html>
>
> Basically : you define your permission as string via an ACL mechanism.
> Your permissions may be global (e.g. all members of the "managers"
> group get the "manage" permission), or defined via a route factory.
> Route factories allow for policies such as: every authenticated user
> can "view" a page, its author can "edit" it. They also allow you to
> simplify the code of your views.
>
> Hope this helps,
>
> Laurent.
>
> Le dim. 9 mai 2021 à 20:17, Thierry Florac <[email protected]> a écrit :
> >
> > Hi,
> > Are you asking about the way to protect a view with a permission, or
> about the way to grant this permission to a request?
> > Best regards,
> > Thierry
> > --
> > https://www.ulthar.net <https://www.ulthar.net> --
> http://pyams.readthedocs.io <http://pyams.readthedocs.io>
> >
> >
> > Le dim. 9 mai 2021 à 19:00, pzzcc <[email protected]> a écrit :
> >>
> >> Hi,
> >>
> >> I am trying to wrap my head around some pyramid concepts and I am
> trying to figure out how does a view config know what a permission like (
> view , edit , create ) is ?
> >>
> >> does it rely on the pyramid_tm r or the routes or what ?
> >>
> >> I know how to use them but I need to wrap my head againts some
> concepts.
> >>
> >> thanks.
> >>
> >> --
> >> You received this message because you are subscribed to the Google
> Groups "pylons-discuss" group.
> >> To unsubscribe from this group and stop receiving emails from it, send
> an email to [email protected].
> >> To view this discussion on the web visit
> https://groups.google.com/d/msgid/pylons-discuss/2b676239-b805-40d6-9ae2-1e4c60a9a7dcn%40googlegroups.com
>
> <https://groups.google.com/d/msgid/pylons-discuss/2b676239-b805-40d6-9ae2-1e4c60a9a7dcn%40googlegroups.com>.
> >
> > --
> > You received this message because you are subscribed to the Google
> Groups "pylons-discuss" group.
> > To unsubscribe from this group and stop receiving emails from it, send
> an email to [email protected].
> > To view this discussion on the web visit
> https://groups.google.com/d/msgid/pylons-discuss/CAPX_VWCYnWP_Rrbgk1ZBP1JBUN8KNztgj5%3DJ_Q_8%2B_uvAXAv_A%40mail.gmail.com
>
> <https://groups.google.com/d/msgid/pylons-discuss/CAPX_VWCYnWP_Rrbgk1ZBP1JBUN8KNztgj5%3DJ_Q_8%2B_uvAXAv_A%40mail.gmail.com>.
>
> --
> You received this message because you are subscribed to the Google Groups
> "pylons-discuss" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to [email protected]
> <mailto:[email protected]>.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/pylons-discuss/97b621fe-4b8b-4a44-884a-079813495ff4n%40googlegroups.com
>
> <https://groups.google.com/d/msgid/pylons-discuss/97b621fe-4b8b-4a44-884a-079813495ff4n%40googlegroups.com?utm_medium=email&utm_source=footer>.
--
You received this message because you are subscribed to the Google Groups
"pylons-discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/pylons-discuss/f6cd380b-102b-d63b-e4a7-075d29d8362b%40gmail.com.
