Hi, Iain.

On Thursday February 19, 2009 14:49:29 Iain Campbell wrote:
> 2009/2/19 Gustavo Narea <m...@gustavonarea.net>:
> > @ActionProtector is used with other decorators in TG2 and there's no
> > problem at all, so I'd say the problem is on the @Service decorator. To
> > confirm this, try the following decorator:
> Thanks, I'll give this a go. I've got around it in the meantime by
> passing the environ directly:
> has_permission(permission).check_authorization(environ)
> rather than using the decorators. I'll let you know how I get on.

The problem with that code is it will raise an exception, which is not like 
Paste's HTTPUnauthorized (401) or HTTPForbidden (403). On the contrary, those 
decorators deny authorization is a useful way, the Pylons way (abort()).

It should be possible to do the above, though. I'll fix it in a future 
version, in the short-term.

Gustavo Narea <http://gustavonarea.net/>.

Get rid of unethical constraints! Get freedomware:
Repoze-dev mailing list

Reply via email to