Hello Kris,

Thank you very much for taking the time to report this.

It's really difficult to understand the code in your second email
given that the most of the whitespace was stripped, but I can see
you're proposing to change the repoze.who metadata plugin.
Unfortunately, it isn't a metadata plugin's responsibility to do that
sort of things and any change to implement that feature would have to
be made in the adapters themselves instead, which would result in a
backwards incompatible change.

The purpose of this user-groups-permissions model is to help get
people up and running with a simple and intuitive pattern, but using
it is optional. In your case, it seems to me like you'd be better off
creating a predicate to check whether the current user has a
particular privilege/permission, without using the built-in groups and
permissions support.


 - Gustavo.

On Fri, Dec 23, 2011 at 2:13 AM, Kris Reeves <myn...@gmail.com> wrote:
> Brief update, got my code working. This is how I altered it:
>     def add_metadata(self, environ, identity):        """        Load
> the groups and permissions of the authenticated user.
> It will load such data into the :mod:`repoze.who` ``identity`` and
>     the :mod:`repoze.what` ``credentials`` dictionaries.
>  :param environ: The WSGI environment.        :param identity: The
> :mod:`repoze.who`'s ``identity`` dictionary.                """
> logger = environ.get('repoze.who.logger')        # Finding the groups
> and permissions:        groups, permissions =
> self._find_groups(identity)
> identity.setdefault('groups', set()).update(groups)
> identity.setdefault('permissions', set()).update(permissions)
>       # Adding the groups and permissions to the repoze.what
> credentials for        # forward compatibility:        if
> 'repoze.what.credentials' not in environ:
> environ['repoze.what.credentials'] = {}
> environ['repoze.what.credentials']['groups'] = identity['groups']
>   environ['repoze.what.credentials']['permissions'] =
> identity['permissions']        # Adding the userid:        userid =
> identity['repoze.who.userid']
> environ['repoze.what.credentials']['repoze.what.userid'] = userid
>   # Adding the adapters:        environ['repoze.what.adapters'] = {
>         'groups': self.group_adapters,            'permissions':
> self.permission_adapters            }        # Logging        logger
> and logger.info('User belongs to the following groups: %s' %
>                     str(groups))        logger and logger.info('User
> has the following permissions: %s' %
> str(permissions))
> ---
> I'm not certain if environ['repoze.what.credentials']['groups'] should
> be a reference or a copy of identity['groups'] - but given the
> comment, I don't see a problem with it. I'm not 100% sure how it
> behaved before since they were both set from the groups/permissions
> variables (which are temporary?)
> _______________________________________________
> Repoze-dev mailing list
> Repoze-dev@lists.repoze.org
> http://lists.repoze.org/listinfo/repoze-dev

Gustavo Narea.
Aspiring Software Craftsman.
Repoze-dev mailing list

Reply via email to