Hello All,
I wrote a simple predicate along with repoze.who.ldap for
authentication. My method is called when the ldap authenticated user is
also a manager privileged user. When I log in as a manager and access,
it returns the json I exposed but if authorization fails, it returns a
404 instead of a 401, unauthorized? Why is it so?
My predicate is:
class is_a_manager(Predicate):
message = 'You do not have enough privileges to access this resource'
def evaluate(self, environ, credentials):
for (key, value) in request.environ['repoze.who.identity'].items():
if key == "x-PrivilegeName" and "manage" not in value:
self.unmet()
and my controller method is:
@expose('json')
@require(is_a_manager())
def check(self):
return 'Got Inside'
Does TG2 + repoze.what have anything to do with the html templating
which I do not intend to use?
Regards,
Abhi
--
You received this message because you are subscribed to the Google Groups
"TurboGears" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/turbogears?hl=en.
