george hu wrote:
> Okay, now I tried to change the RootFactory class as this:
>     def __init__(self,environ):
>       matchdict = environ['bfg.routes.matchdict']
>       page = matchdict.get('pagename',None)
>       if page == "APage":
>          self.__acl__=[(Allow,Everyone,'view'),(Allow,'editor','edit')]
> What I want is to popup a login page for a specific pagename (APage) and 
> when it is authenticated it brings me to the edit page. It did when I 
> tried to access APage. But it did this on other pages and I couldn't 
> access the edit page even I provided correct user/password. Should I add 
> a new factory directive in ZCML say GetPage and create a Factory class 
> GetPage in  and put
> page = session.query(Page).filter_by(name=matchdict['pagename']).one()
> also the acl part in it and return the page?

I don't know what this means in terms of your specific application, but the 
context you return (the result of the "factory") should have "the right" ACL 
based on the elements that are matched in the matchdict.  So for instance, for 
the URL pattern "/pages/:pagename"

- For the URL /pages/1, "pagename" is "1".

- For the URL /pages/2, "pagename" is "2".

Let's say when the pagename is "1" you want to allow editors to edit and 
everyone else to view.  But when the pagename is any other page name, you want 
to allow only editors to view and edit.  This means that you'd do something 

class TheFactory(object):
     def __init__(self, environ):
        matchdict = environ['bfg.routes.matchdict']
        page = matchdict.get('pagename')
        if page == '1':
            self.__acl__ = [(Allow, 'editor', 'edit'),
                            (Allow, Everyone, 'view')]
            self.__acl__ = [(Allow, 'editor', 'view'),
                            (Allow, Everyone, 'view')]

Obviously this won't scale for arbitrary values of "pagename" over time, so 
you'll want to keep some sort of lookup table in your database that maps page 
names to "acl names" or so, so you can attach the correct ACL.  Use the table 
within the factory to compute the acl and attach it.

- C
Repoze-dev mailing list

Reply via email to