I am using TG2 with PostgreSQL and would like to make use of PostgreSQL's excellent security infrastructure. Specifically, my plan is to use HTTP basic authentication (which I have working now) to grab the authenticated user's group and login via the group's role name. Then, I would like to use sqlalchemy's reflection to pull in models for the views to which I have access (each role has its own schema). Obviously, I still need the default connection from which credentials are gleaned.
TG2 seems to be setup so that the same static database connection is the same for all roles, so I am investigating the options. I have experimented with trying to add the connection to my BaseController so that the new connection is pulled from the sqlalchemy connection pool. The "secured" connection is then accessed via a method on the BaseController. Another approach I looked at is generating all potential role connection in init_model in model/__init__.py but that doesn't seem to make sense considering roles can be added and removed. I would prefer to only have to modify the database in order to get new roles working. Is there a better solution to this that I am potentially missing? Cheers, M -- You received this message because you are subscribed to the Google Groups "TurboGears" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/turbogears?hl=en.
