On Sun, Jun 14, 2009 at 7:16 PM, Gustavo Narea<[email protected]> wrote:
>
> Hola, Jorge et al.
>
> Jorge said:
>> On Sat, Jun 13, 2009 at 9:07 AM, Gustavo Narea<[email protected]> wrote:
>> > Hello, Jorge et al.
>> >
>> > Jorge said:
>> >> The next error (2) is how clumsy the
>> >> tg.predicates.is_anonymous().is_met(tg.request.environ) transformation
>> >> is implemented, I won't go over this again.
>> >> http://trac.turbogears.org/ticket/2205 Draw your own conclusions.
>> >>
>> >> But at least we have the more decent form tg.predicates.is_anonymous()
>> >> at least for now.
>> >>
>> >> <body>
>> >> <p
>> >> py:if='tg.predicates.is_anonymous().is_met(tg.request.environ)'>Anonymou
>> >>s </p>
>> >>
>> >> <p> The methods below work due to a flag set by TG </p>
>> >> <p py:if='tg.predicates.is_anonymous()'>Anonymous </p>
>> >> <p py:if='tg.predicates.not_anonymous()'>Not Anonymous </p>
>> >>
>> >> <h1>WARNING: methods below will only work if you are logged in!
>> >> </h1> <h2> This is due to tg.identity being None if no auth is present
>> >> </h2>
>> >>
>> >> <h3> From repoze.who </h3>
>> >> <div>User Object: ${tg.identity['repoze.who.userid']}</div>
>> >>
>> >> <h3>From repoze.what</h3>
>> >> <div>User Object: ${tg.identity['user']}</div>
>> >> <div>Groups List of Strings: ${tg.identity['groups']}</div>
>> >> <div>Groups List of Objects: ${tg.identity['user'].groups}</div>
>> >>
>> >> <div>Permissions List of Strings:
>> >> ${tg.identity['permissions']}</div> <div>Permissions List of Objects:
>> >> ${tg.identity['user'].permissions}</div> <div>First Group:
>> >> ${tg.identity['groups'][0]}</div>
>> >> <div>First Permission: ${tg.identity['permissions'][0]}</div>
>> >>
>> >> <h3> These are real object </h3>
>> >>
>> >> <div>User Object: ${str(type(tg.identity['user']))}</div>
>> >> <div>Groups List Of Strings:
>> >> ${str(type(tg.identity['groups']))}</div> <div>Groups List Of Objects:
>> >> ${str(type(tg.identity['user'].groups))}</div> <div>Groups First Object:
>> >> ${str(type(tg.identity['user'].groups[0]))}</div> <div>Permissions List
>> >> Of String:
>> >> ${str(type(tg.identity['permissions']))}</div>
>> >> <div>Permissions List Of Objects:
>> >> ${str(type(tg.identity['user'].permissions))}</div>
>> >>
>> >> </body>
>> >>
>> >> So that was a bunch, how about doing the same thing in the controller?
>> >> well it's totally different.
>> >>
>> >> @expose('identitytest.templates.index')
>> >> def index(self):
>> >> """Handle the front-page."""
>> >> from repoze.what.predicates import has_permission
>> >> from tg import request
>> >> yes_or_no = has_permission('manage').is_met(request.environ)
>> >> print yes_or_no # outputs = the real "boolean object"
>> >>
>> >> yes_or_no = has_permission('manage')
>> >> print yes_or_no # outputs =
>> >> <repoze.what.predicates.has_permission object at 0xa63666c>
>> >> #Why? don't know r.what works that way.
>> >> #there is a flag you can set but it's not set at the
>> >> controller level, need to ask Gustavo
>> >
>> > Here we go once again...
>> >
>> > It's not "how repoze.what works". It's all about how Python works.
>> >
>> > In Python, an object can act as a boolean if its __nonzero__/__bool__
>> > method is set accordingly. For TG2 users, a horrible error-prone
>> > monkey-patch has been implemented and enabled by default by popular
>> > demand:
>> > http://trac.turbogears.org/ticket/2205
>>
>> I'm sorry but this is circular logic to me. It is a monkey patch
>> because you decided not to enable it by default, because it's
>> error-prone (to monkey patch), because someone (I know this predates
>> r.what) decided the predicates where classes which forced the
>> __nonzero__ call. It all boils down to the fact that the current
>> internal state of the system forces ALL of those decisions on us. If
>> you implement it half way (aka booleanize_predicates) you are creating
>> several other problems (your error-phone point and the ugly API).
>
> As I've said before, the problem is not that __non_zero__ is set dynamically
> (i.e., monkey-patched). The problem is that __nonzero__ should not be set.
>
> From a generic perspective, not specifically about repoze.what:
>
> The only safe way to evaluate a condition represented by an object that is
> shared among threads, is to make this object stateless and evaluate it by
> passing other objects which represent the context of the evaluation.
>
I believe you wanted to say the current implementation of non-zero,
there is nothing wrong with non-zero itself.
> If you want to skip the step where you pass the context, so you could pass it
> implicitly to save code (i.e., with thread-locals being the only way to do so,
> AFAIK), you'll end up with a buggy software: This object won't be stateless
> anymore, in spite of being used in many threads, which is absolutely
> unreliable.
>
>
how are thread locals buggy? if you simply pass the environ to each
call won't that fix all your issues with it? make each predicate take
the environ as first argument and make them functions that return a
boolean or raises NotAutorizedException. What is the flaw there?
>> > With it, the __non_zero__ method is set on every predicate, so if you
>> > want to get its truth value, Python mandates that you use bool() unless
>> > it's in the context of a boolean evaluation:
>> > """
>> > yes_or_not = bool(has_permission('manage'))
>> >
>> > if has_permission('manage'): # <-- equals:
>> > "bool(has_permission('manage'))" do_something()
>> > """
>> >
>> > The "officially supported and recommended" (aka "my") way to do this is
>> > 1) disable that monkey-patch and 2) Use the is_met()/not_met() functions
>> > provided by repoze.what-pylons -- they do return a bool:
>>
>> which gets you a horrible api.
>
> "Para gustos, colores".
>
> If it's a horrible API for you, I won't discuss it. It may a matter of taste
> here, I think. I don't think it is, though.
>
>
>> > """
>> > yes_or_not = is_met(has_permission('manage'))
>> >
>> > if is_met(has_permission('manage')):
>> > do_something()
>> > """
>> >
>> > You'd write a few more characters, but it's safer.
>>
>> how is the other way unsafe?
>
> I've just explained this above.
>
> Cheers.
> --
> Gustavo Narea <xri://=Gustavo>.
> | Tech blog: =Gustavo/(+blog)/tech ~ About me: =Gustavo/about |
>
> >
>
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"TurboGears" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/turbogears?hl=en
-~----------~----~----~----~------~----~------~--~---
