Re: [Repoze-dev] Predicates Question

2009-02-19 Thread Gustavo Narea 
Hi, Iain.

On Thursday February 19, 2009 14:49:29 Iain Campbell wrote:
> 2009/2/19 Gustavo Narea :
> > @ActionProtector is used with other decorators in TG2 and there's no
> > problem at all, so I'd say the problem is on the @Service decorator. To
> > confirm this, try the following decorator:
>
> Thanks, I'll give this a go. I've got around it in the meantime by
> passing the environ directly:
>
> has_permission(permission).check_authorization(environ)
>
> rather than using the decorators. I'll let you know how I get on.

The problem with that code is it will raise an exception, which is not like 
Paste's HTTPUnauthorized (401) or HTTPForbidden (403). On the contrary, those 
decorators deny authorization is a useful way, the Pylons way (abort()).

It should be possible to do the above, though. I'll fix it in a future 
version, in the short-term.

Cheers.
-- 
Gustavo Narea .

Get rid of unethical constraints! Get freedomware:
http://www.getgnulinux.org/
___
Repoze-dev mailing list
Repoze-dev@lists.repoze.org
http://lists.repoze.org/listinfo/repoze-dev

Re: [Repoze-dev] Predicates Question

2009-02-19 Thread Iain Campbell 
Hi Gustavo,

2009/2/19 Gustavo Narea :
>
> @ActionProtector is used with other decorators in TG2 and there's no problem
> at all, so I'd say the problem is on the @Service decorator. To confirm this,
> try the following decorator:

Thanks, I'll give this a go. I've got around it in the meantime by
passing the environ directly:

has_permission(permission).check_authorization(environ)

rather than using the decorators. I'll let you know how I get on.

Thanks,

Iain

-- 
www.kandaba.com

web | iptv | mobile
development & consultancy

t: +44 (0) 203 051 7792
m: +44 (0) 7815 821 678
gtalk: i...@kandaba.com
___
Repoze-dev mailing list
Repoze-dev@lists.repoze.org
http://lists.repoze.org/listinfo/repoze-dev

Re: [Repoze-dev] Predicates Question

2009-02-19 Thread Gustavo Narea 
On Thursday February 19, 2009 10:26:29 Iain Campbell wrote:
> > can anyone say if there's a disadvantage to doing things this way?
>
> I've answered my own question - it works once logged in but breaks my
> login/logout... Apologies for the clutter.

Other than that, I don't know what other consequences it may have. I think 
you'll get a better answer on the Pylons mailing list.
-- 
Gustavo Narea .

Get rid of unethical constraints! Get freedomware:
http://www.getgnulinux.org/
___
Repoze-dev mailing list
Repoze-dev@lists.repoze.org
http://lists.repoze.org/listinfo/repoze-dev

Re: [Repoze-dev] Predicates Question

2009-02-19 Thread Gustavo Narea 
Hello,

I've never used Appcelerator, so I may not be able to help much, but I can 
tell you that when @Service runs the wrapped method there's no request 
available.

@ActionProtector is used with other decorators in TG2 and there's no problem 
at all, so I'd say the problem is on the @Service decorator. To confirm this, 
try the following decorator:
"""
from decorator import decorator
from pylons import request

def mydec():
@decorator
def wrapper(func, *args, **kwargs):
print request.environ
return func(*args, **kwargs)
return wrapper
"""

Then replace @ActionProtector with @mydec:
"""
# ...
@Service(request="app.collection.create.request",
 response="app.collection.create.response")
@mydec()
def create(msg, session, msgtype):
# ...
"""

Then you should get the same exception, which will mean that it's a problem in 
@Service.

Please let us know what happens.

Cheers!

On Thursday February 19, 2009 10:12:07 Iain Campbell wrote:
> Hi,
>
> I'm using repoze.what with Pylons and Appcelerator.
>
> Predicates are working fine for protecting controller actions, but
> when I try to protect an Appcelerator service, I get:
>
> TypeError: No object (name: request) has been registered for this thread
>
> There's more information and the full traceback here:
>
> http://community.appcelerator.org/message/8909#8909
>
> So, I think I've now solved this in repoze.what.plugins.pylonshq.utils:
>
> from pylons import request as req, response
> request = req._current_obj()
>
> which seems to set the request up and check the auth correctly.
>
> Being a bit of a newbie to all of this, can anyone say if there's a
> disadvantage to doing things this way? I've tested on my standard
> controller actions too and everything appears to work fine...
>
> Thanks,
>
> Iain

-- 
Gustavo Narea .

Get rid of unethical constraints! Get freedomware:
http://www.getgnulinux.org/
___
Repoze-dev mailing list
Repoze-dev@lists.repoze.org
http://lists.repoze.org/listinfo/repoze-dev

Re: [Repoze-dev] Predicates Question

2009-02-19 Thread Iain Campbell 
2009/2/19 Iain Campbell :
>
> can anyone say if there's a disadvantage to doing things this way?

I've answered my own question - it works once logged in but breaks my
login/logout... Apologies for the clutter.

I.

-- 
www.kandaba.com

web | iptv | mobile
development & consultancy

t: +44 (0) 203 051 7792
m: +44 (0) 7815 821 678
gtalk: i...@kandaba.com
___
Repoze-dev mailing list
Repoze-dev@lists.repoze.org
http://lists.repoze.org/listinfo/repoze-dev

Re: [Repoze-dev] Predicates Question

2009-02-19 Thread Iain Campbell 
Sorry all, I meant to say I think I've solved it in:

repoze.what.plugins.pylonshq.protectors.py

not in utils.py...

Thanks.

-- Forwarded message --
From: Iain Campbell 
Date: 2009/2/19
Subject: Predicates Question
To: repoze-dev@lists.repoze.org


Hi,

I'm using repoze.what with Pylons and Appcelerator.

Predicates are working fine for protecting controller actions, but
when I try to protect an Appcelerator service, I get:

TypeError: No object (name: request) has been registered for this thread

There's more information and the full traceback here:

http://community.appcelerator.org/message/8909#8909

So, I think I've now solved this in repoze.what.plugins.pylonshq.utils:

from pylons import request as req, response
request = req._current_obj()

which seems to set the request up and check the auth correctly.

Being a bit of a newbie to all of this, can anyone say if there's a
disadvantage to doing things this way? I've tested on my standard
controller actions too and everything appears to work fine...

Thanks,

Iain

--
www.kandaba.com

web | iptv | mobile
development & consultancy

t: +44 (0) 203 051 7792
m: +44 (0) 7815 821 678
gtalk: i...@kandaba.com



-- 
www.kandaba.com

web | iptv | mobile
development & consultancy

t: +44 (0) 203 051 7792
m: +44 (0) 7815 821 678
gtalk: i...@kandaba.com
___
Repoze-dev mailing list
Repoze-dev@lists.repoze.org
http://lists.repoze.org/listinfo/repoze-dev

[Repoze-dev] Predicates Question

2009-02-19 Thread Iain Campbell 
Hi,

I'm using repoze.what with Pylons and Appcelerator.

Predicates are working fine for protecting controller actions, but
when I try to protect an Appcelerator service, I get:

TypeError: No object (name: request) has been registered for this thread

There's more information and the full traceback here:

http://community.appcelerator.org/message/8909#8909

So, I think I've now solved this in repoze.what.plugins.pylonshq.utils:

from pylons import request as req, response
request = req._current_obj()

which seems to set the request up and check the auth correctly.

Being a bit of a newbie to all of this, can anyone say if there's a
disadvantage to doing things this way? I've tested on my standard
controller actions too and everything appears to work fine...

Thanks,

Iain

-- 
www.kandaba.com

web | iptv | mobile
development & consultancy

t: +44 (0) 203 051 7792
m: +44 (0) 7815 821 678
gtalk: i...@kandaba.com
___
Repoze-dev mailing list
Repoze-dev@lists.repoze.org
http://lists.repoze.org/listinfo/repoze-dev