On Sat, Jun 13, 2009 at 9:07 AM, Gustavo Narea<[email protected]> wrote:
>
> Hello, Jorge et al.
>
>
> Jorge said:
>> The next error (2) is how clumsy the
>> tg.predicates.is_anonymous().is_met(tg.request.environ) transformation
>> is implemented, I won't go over this again.
>> http://trac.turbogears.org/ticket/2205 Draw your own conclusions.
>>
>> But at least we have the more decent form tg.predicates.is_anonymous()
>> at least for now.
>>
>> <body>
>> <p
>> py:if='tg.predicates.is_anonymous().is_met(tg.request.environ)'>Anonymous
>> </p>
>>
>> <p> The methods below work due to a flag set by TG </p>
>> <p py:if='tg.predicates.is_anonymous()'>Anonymous </p>
>> <p py:if='tg.predicates.not_anonymous()'>Not Anonymous </p>
>>
>> <h1>WARNING: methods below will only work if you are logged in! </h1>
>> <h2> This is due to tg.identity being None if no auth is present </h2>
>>
>> <h3> From repoze.who </h3>
>> <div>User Object: ${tg.identity['repoze.who.userid']}</div>
>>
>> <h3>From repoze.what</h3>
>> <div>User Object: ${tg.identity['user']}</div>
>> <div>Groups List of Strings: ${tg.identity['groups']}</div>
>> <div>Groups List of Objects: ${tg.identity['user'].groups}</div>
>>
>> <div>Permissions List of Strings: ${tg.identity['permissions']}</div>
>> <div>Permissions List of Objects:
>> ${tg.identity['user'].permissions}</div> <div>First Group:
>> ${tg.identity['groups'][0]}</div>
>> <div>First Permission: ${tg.identity['permissions'][0]}</div>
>>
>> <h3> These are real object </h3>
>>
>> <div>User Object: ${str(type(tg.identity['user']))}</div>
>> <div>Groups List Of Strings: ${str(type(tg.identity['groups']))}</div>
>> <div>Groups List Of Objects:
>> ${str(type(tg.identity['user'].groups))}</div> <div>Groups First Object:
>> ${str(type(tg.identity['user'].groups[0]))}</div> <div>Permissions List Of
>> String:
>> ${str(type(tg.identity['permissions']))}</div>
>> <div>Permissions List Of Objects:
>> ${str(type(tg.identity['user'].permissions))}</div>
>>
>> </body>
>>
>> So that was a bunch, how about doing the same thing in the controller?
>> well it's totally different.
>>
>> @expose('identitytest.templates.index')
>> def index(self):
>> """Handle the front-page."""
>> from repoze.what.predicates import has_permission
>> from tg import request
>> yes_or_no = has_permission('manage').is_met(request.environ)
>> print yes_or_no # outputs = the real "boolean object"
>>
>> yes_or_no = has_permission('manage')
>> print yes_or_no # outputs =
>> <repoze.what.predicates.has_permission object at 0xa63666c>
>> #Why? don't know r.what works that way.
>> #there is a flag you can set but it's not set at the
>> controller level, need to ask Gustavo
>
> Here we go once again...
>
> It's not "how repoze.what works". It's all about how Python works.
>
> In Python, an object can act as a boolean if its __nonzero__/__bool__ method
> is set accordingly. For TG2 users, a horrible error-prone monkey-patch has
> been implemented and enabled by default by popular demand:
> http://trac.turbogears.org/ticket/2205
>
I'm sorry but this is circular logic to me. It is a monkey patch
because you decided not to enable it by default, because it's
error-prone (to monkey patch), because someone (I know this predates
r.what) decided the predicates where classes which forced the
__nonzero__ call. It all boils down to the fact that the current
internal state of the system forces ALL of those decisions on us. If
you implement it half way (aka booleanize_predicates) you are creating
several other problems (your error-phone point and the ugly API).
> With it, the __non_zero__ method is set on every predicate, so if you want to
> get its truth value, *Python* *mandates* that you use bool() *unless* it's in
> the context of a boolean evaluation:
> """
> yes_or_not = bool(has_permission('manage'))
>
> if has_permission('manage'): # <-- equals: "bool(has_permission('manage'))"
> do_something()
> """
>
> The "officially supported and recommended" (aka "my") way to do this is 1)
> disable that monkey-patch and 2) Use the is_met()/not_met() functions
> provided by repoze.what-pylons -- they do return a bool:
which gets you a horrible api.
> """
> yes_or_not = is_met(has_permission('manage'))
>
> if is_met(has_permission('manage')):
> do_something()
> """
>
> You'd write a few more characters, but it's safer.
>
how is the other way unsafe?
> Noone should ever expect an instance of a class (e.g., is_anonymous,
> has_permission) to return a bool because object.__init__() calls cannot return
> a value. Unless, of course, the class extends Python's bool, which can't
> obviously happen in a reusable software like repoze.what.
>
> So it all comes down to the way Python works. *Any* attempt to override this
> behavior in the core of repoze.what will result in a unportable software.
> Hence repoze.what-pylons exists.
>
>
>> identity = request.environ.get('repoze.who.identity')
>> # from here you can do everything in the template example as
>> tg.identity is the equivalent
>> return dict()
>>
>> As you can tell there is no "short form" (3) and you need to import
>> items from 2 classes (4) and in order to get the rather simply
>> tg.identity variable from the templates you get a really weird call to
>> the request.environ.
>
> If you want to do it the "raw" way, indeed you have to pass the environ. But
> you can use the is_met() function and make it available in the template:
> <p py:if="is_met(tg.predicates.is_anonymous())">Anonymous</p>
>
> Or if you use the monkey-patch enabled by default, you could even write:
> <p py:if="tg.predicates.is_anonymous()">Anonymous</p>
>
> As you could see, I didn't have to use the environ in the samples above.
>
ok that's one example I forgot to add, thanks :)
> Cheers.
> --
> Gustavo Narea <xri://=Gustavo>.
> | Tech blog: =Gustavo/(+blog)/tech ~ About me: =Gustavo/about |
>
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"TurboGears" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/turbogears?hl=en
-~----------~----~----~----~------~----~------~--~---
