On Jul 10, 2006, at 8:17 PM, Tobias Brandvik wrote:
>
> Hi,
>
> I'm trying to use identity to make sure that users can only edit their
> own documents. The way I've set it up (using 0.9a6) is to create a
> separate permission for each user. So if the user "johndoe" has the
> permission "johndoe" then they are free to do what they want with
> their
> own stuff.
>
> My root controller inherits from identity.SecureResource as suggested
> in the wiki. I then have a method require_user_permission() in the
> controller:
>
> def require_user_permission(self):
> if identity.current.anonymous:
> raise identity.IdentityException()
> if (identity.current.id not in identity.current.permissions):
> raise identity.IdentityException()
>
> This method is called at the beginning of every exposed method that
> requires identification. If I understand the wiki correctly, these
> exceptions should be caught by the controller (since it derives from
> SecureResource) and then dealt with by redirecting to the login page.
> However, when I run it the exception is not caught and I get an error:
>
> File "/Users/tobiasbrandvik/Desktop/demo/demo/controllers.py", line
> 57,
> in document
> self.require_user_permission()
> File "/Users/tobiasbrandvik/Desktop/demo/demo/controllers.py", line
> 41, in require_user_permission
> raise identity.IdentityException()
> IdentityException: <bound method Root.document of
> <demo.controllers.Root object at 0x20bb550>>
>
> If I use decorators to check for something simpler than individual
> permissions, everything is ok and I get redirected to the login page.
>
> Any pointers on what I'm doing wrong would be welcome!
>
> Regards,
> Tobias.
You can use TG's error handling to trap arbitrary exceptions raised
inside your controller methods, something like:
from turbogears.errorhandling import dispatch_error
@dispatch_error.when("isinstance(tg_exceptions, IdentityException)",
order=10)
def handle_unauthorized_access(self, tg_source, tg_errors,
tg_exceptions, *args,
**kw):
# Do your stuff here
HTH,
Alberto
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"TurboGears" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at http://groups.google.com/group/turbogears
-~----------~----~----~----~------~----~------~--~---
