[TurboGears] Re: Problems with Inheritence

Thu, 27 Oct 2005 20:14:19 -0700 


On 27 Oct, 2005, at 5:44 pm, David Stanek wrote:


Is there any documentation describing how the identity framework  
works? Or maybe a plan for the vision? I have only been able to  
piece together bits while trying to keep up with this list.



David, I apologise for falling behind on the documentation. I posted  
a quick how to on my web site (http://metrocat.org/nerd/2005/10/ 
identity-management-for-turbogears) and will be posting more in the  
coming days. (I just finished a nifty diagram in OmniGraffle. What a  
*really* cool app.)



In my ideal world this would be a very simple framework:

  * Somehow tell TG that this page is protected (probably in the  
*.cfg files)



At the moment you can control access to an entire class or a single  
method. Access control is based on either group membership or  
permissions. And with the IP matching code from CatWalk, you'll be  
able to control access based on originating IP address.



  * Somehow tell TG what module exports the identity interfaces  
(probably in the *.cfg files)



This is currently causing me a great deal of difficulty at the  
moment. At the moment, the Identity code only requires a User class  
that exposes a byUserId method which accepts a string and returns an  
instance.



The User instance may have a property, groups, containing Group  
objects with a groupId property.



The User instance may also have a property, permissions, containing  
Permission objects with a permissionId property.



These User, Group and Permission objects to not need to be the same  
as that provided by turbogears.identity.model.



My goal is to allow you to specify an alternate model module which  
can provide classes which implement this "interface".



  * Define a generic interface or set of interfaces that are hooked  
where authentication is needed



I'm fairly certain the function decorators and SecureResource mixin- 
class provide this functionality.



  * Provide a sane out of the box implementation of the interfaces


I like to think so.


--
Jeff Watkins
http://metrocat.org/


"Just because you have the right to do something, doesn't mean it's  
the right thing to do."

-- Fred Friendly, former president of CBS News















    











					Reply via email to