On 4/30/09 2:45 AM, Nigel Sim wrote:
> Thats fine, and seems to work in terms of the __acl__ array, but in the
> examples on the bfgdocs site groups have a prefix, ie:
> (Allow, 'group:editors', 'edit'),
> So my questions are:
> 1) is the "group:" prefix defined somewhere, or is it just used here for
> illistrative purposes?
Just for illustrative purposes. You could choose to put them in the repoze.who
identity dict with that prefix, for example, if you didn't want them to
with "real" usernames.
> 2) am I implementing the groups properly?
> 3) is there a standard module which one would normally use to implement
You've found them all I think.. at least if you're willing to "push down" the
groups from repoze.who.
> 4) does this BFG Blog example actually exist as an entire project?
I'm afraid not. You can get an idea of how you might implement security by
looking at the "repoze.cluegun" application or the "bfgsite" application at
Repoze-dev mailing list