> I don't know how you intend to implement the controller level security > but I'd like to have some kind of SecureResource ala tg1 that would be > an option and could be totally swapped out of a project that does not > need identity.
My thoughts were described here: http://tinyurl.com/5v7o3z Basically I think dispatch should just look for a callable on the controller that returns True if permission should be granted. That callable could evaluate a require property, and the SecureResource controller should have a method that does just that. But it could do anything,as long at it returns True if that request ought to be allowed through, and False otherwise. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "TurboGears Trunk" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/turbogears-trunk?hl=en -~----------~----~----~----~------~----~------~--~---
