Hello,
I have a controller with default authorization criteria given by:
class AdminController(BaseController):
allow_only = authorize.in_group('admin')
But I want to share a few methods within AdminController with groups
other than 'admin'. Is there a way I can override the default
authorization criterion
of methods within AdminController w/o adding a @require() to every
single method
within AdminController? I was hoping that adding a @require()
decorator while keeping
the allow_only would be a solution, but it is not:
# Both 'admin' and 'store_manager' groups need this method. Don;t
want to repeat myself in the
# ManagerController, so share the method...
@require(Any(in_group('store_manager'), in_group('admin'), msg='Only
administrators or managers can edit Customers'))
def editCustomer(self, id=-1, **kw):
# Does not work. Still requires user to be in 'admin' group.'
No a big deal to but in a @require in front of every method, but
wanted to see if there was an
easier way.
Thanks,
Shane
--
You received this message because you are subscribed to the Google Groups
"TurboGears" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/turbogears?hl=en.
