I'm trying to clarify how to implement groups within the BFG auth framework.
I am using repoze.who for auth, but I was unable to find a "group" provider
for it. But looking at the RepozeWhoIdentityACLSecurityPolicy class it
appeared that I could just implement a repoze.who metadata provider which
enumerates the groups and adds them to a "groups" attribute.

Thats fine, and seems to work in terms of the __acl__ array, but in the
examples on the bfgdocs site groups have a prefix, ie:

(Allow, 'group:editors', 'edit'),

So my questions are:
1) is the "group:" prefix defined somewhere, or is it just used here for
illistrative purposes?
2) am I implementing the groups properly?
3) is there a standard module which one would normally use to implement
4) does this BFG Blog example actually exist as an entire project?


Repoze-dev mailing list

Reply via email to