I'd like to finalize some things in tgrepozewho, and get it ready for
a release. I'm not sure what the name should be, but I'm thinking
we may want to change the name to something that's a bit more easily
identifiable for people who don't yet know where to look for
authentication/authorization stuff.
I'll add a hook in the object dispatch which enforces restrictions on
classes so that dispatch can stop as soon as a not-authorized event is
hit. We should be able to make this backwards compatible with TG1's
secure controller -- but my plan is just to check for a callable
grant_access in the controller, and evaluate that callable if it
exists. We can create a SecureResource class with two things:
1) a require property that can be set to an identity predicate. It
will default to requiring login, because that's the most common case::
require = not_anonymous()
2) a grant_access callable that returns True or False, using require.
To create custom security mechanisms for a controller you'd just need
to add a grant_access callable....
What do you think?
--
Mark Ramm-Christensen
email: mark at compoundthinking dot com
blog: www.compoundthinking.com/blog
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"TurboGears Trunk" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/turbogears-trunk?hl=en
-~----------~----~----~----~------~----~------~--~---
