On Tue, 2010-10-26 at 10:30 +0200, Wichert Akkerman wrote: > On 10/26/10 09:42 , Wichert Akkerman wrote: > > I tried to use config.set_default_permission with repoze.bfg 1.3b1, but > > it appears to do very little. My code looks like this: > > > > config.set_default_permission("authenticated") > > config.scan() > > config.add_route("shop+category+article+detail", > > "/shop/:category/detail/:id", > > factory=factories.ArticleFactory) > > config.add_route(...) > > > > When I run the app with BFG_DEBUG_AUTHORIZATION=1 no permissions are > > hooked up to the views: > > > > 2010-10-26 09:38:19,943 debug_authorization of url > > http://localhost:5000/shop/top/detail/2323 (view name u'' against > > context<Article id=2323 modified=2010-09-13T17:05:05.844647>): Allowed > > (no permission registered)
Yup, there's a problem here. I'll fix it, thanks for reporting. > > I figured out why: the bfg_view decorator passes a default permission of > None when it calls config.add_view, but config.add_view tests for a > special _marker value to see if it needs to use the default permission. > If there a special reason add_view has to use a marker instead of None? It's to be able to use ``None`` as a permission even when a default permission is in effect (indicating that it's a completely anonymous view regardless of the default permission). - C _______________________________________________ Repoze-dev mailing list Repoze-dev@lists.repoze.org http://lists.repoze.org/listinfo/repoze-dev