I think you maybe didn't follow well, how would you prefer me to illustrate?
I don't actually want to change repoze, other than to make
thequickstart *play nicely with others*. It currently *overwrites*
thecontents of the mdproviders variable rather than add to it. While
therest of repoze supports multiple mdproviders just fine, there's no
wayto take advantage of that when one of the plugins takes it all
foritself :)
Thanks for your reply, I hope I can make myself better understood...
On Thu, Dec 29, 2011 at 3:00 PM, Gustavo Narea <m...@gustavonarea.net> wrote:
> Hello Kris,
>
> Thank you very much for taking the time to report this.
>
> It's really difficult to understand the code in your second email
> given that the most of the whitespace was stripped, but I can see
> you're proposing to change the repoze.who metadata plugin.
> Unfortunately, it isn't a metadata plugin's responsibility to do that
> sort of things and any change to implement that feature would have to
> be made in the adapters themselves instead, which would result in a
> backwards incompatible change.
>
> The purpose of this user-groups-permissions model is to help get
> people up and running with a simple and intuitive pattern, but using
> it is optional. In your case, it seems to me like you'd be better off
> creating a predicate to check whether the current user has a
> particular privilege/permission, without using the built-in groups and
> permissions support.
>
> HTH,
>
>  - Gustavo.
>
>
> On Fri, Dec 23, 2011 at 2:13 AM, Kris Reeves <myn...@gmail.com> wrote:
>> Brief update, got my code working. This is how I altered it:
>>
>>     def add_metadata(self, environ, identity):        """        Load
>> the groups and permissions of the authenticated user.
>> It will load such data into the :mod:`repoze.who` ``identity`` and
>>     the :mod:`repoze.what` ``credentials`` dictionaries.
>>  :param environ: The WSGI environment.        :param identity: The
>> :mod:`repoze.who`'s ``identity`` dictionary.                """
>> logger = environ.get('repoze.who.logger')        # Finding the groups
>> and permissions:        groups, permissions =
>> self._find_groups(identity)
>> identity.setdefault('groups', set()).update(groups)
>> identity.setdefault('permissions', set()).update(permissions)
>>       # Adding the groups and permissions to the repoze.what
>> credentials for        # forward compatibility:        if
>> 'repoze.what.credentials' not in environ:
>> environ['repoze.what.credentials'] = {}
>> environ['repoze.what.credentials']['groups'] = identity['groups']
>>   environ['repoze.what.credentials']['permissions'] =
>> identity['permissions']        # Adding the userid:        userid =
>> identity['repoze.who.userid']
>> environ['repoze.what.credentials']['repoze.what.userid'] = userid
>>   # Adding the adapters:        environ['repoze.what.adapters'] = {
>>         'groups': self.group_adapters,            'permissions':
>> self.permission_adapters            }        # Logging        logger
>> and logger.info('User belongs to the following groups: %s' %
>>                     str(groups))        logger and logger.info('User
>> has the following permissions: %s' %
>> str(permissions))
>>
>> ---
>>
>> I'm not certain if environ['repoze.what.credentials']['groups'] should
>> be a reference or a copy of identity['groups'] - but given the
>> comment, I don't see a problem with it. I'm not 100% sure how it
>> behaved before since they were both set from the groups/permissions
>> variables (which are temporary?)
>> _______________________________________________
>> Repoze-dev mailing list
>> Repoze-dev@lists.repoze.org
>> http://lists.repoze.org/listinfo/repoze-dev
>
>
>
> --
> Gustavo Narea.
> Aspiring Software Craftsman.
> http://gustavonarea.net/
_______________________________________________
Repoze-dev mailing list
Repoze-dev@lists.repoze.org
http://lists.repoze.org/listinfo/repoze-dev

Reply via email to