diff options
| author | Michael Merickel <michael@merickel.org> | 2020-01-17 16:09:27 -0600 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-01-17 16:09:27 -0600 |
| commit | a71df99b57e88788cf9ce3a78fc005f309033bbd (patch) | |
| tree | 56668260a48bef6b194a735de947ee59fd9429f6 /docs/api/authorization.rst | |
| parent | 03d3bbd2791918a844da49eb4449b4953b83a31b (diff) | |
| parent | 592cadd9c20ce410d9ab7b9a748ec59dff001f65 (diff) | |
| download | pyramid-a71df99b57e88788cf9ce3a78fc005f309033bbd.tar.gz pyramid-a71df99b57e88788cf9ce3a78fc005f309033bbd.tar.bz2 pyramid-a71df99b57e88788cf9ce3a78fc005f309033bbd.zip | |
Merge pull request #3563 from mmerickel/move-acl-security-to-authorization
Move acl security to authorization
Diffstat (limited to 'docs/api/authorization.rst')
| -rw-r--r-- | docs/api/authorization.rst | 66 |
1 files changed, 66 insertions, 0 deletions
diff --git a/docs/api/authorization.rst b/docs/api/authorization.rst index c6b3d090e..be040f055 100644 --- a/docs/api/authorization.rst +++ b/docs/api/authorization.rst @@ -10,3 +10,69 @@ .. autoclass:: ACLAuthorizationPolicy +Constants +--------- + +.. attribute:: Everyone + + The special principal id named ``Everyone``. This principal id is + granted to all requests. Its actual value is the string + ``'system.Everyone'``. + + .. versionadded:: 2.0 + + Moved from ``pyramid.security`` into ``pyramid.authorization``. + +.. attribute:: Authenticated + + The special principal id named ``Authenticated``. This principal id + is granted to all requests which contain any other non-Everyone + principal id (according to the :term:`authentication policy`). + Its actual value is the string ``'system.Authenticated'``. + + .. versionadded:: 2.0 + + Moved from ``pyramid.security`` into ``pyramid.authorization``. + +.. attribute:: ALL_PERMISSIONS + + An object that can be used as the ``permission`` member of an ACE + which matches all permissions unconditionally. For example, an + ACE that uses ``ALL_PERMISSIONS`` might be composed like so: + ``('Deny', 'system.Everyone', ALL_PERMISSIONS)``. + + .. versionadded:: 2.0 + + Moved from ``pyramid.security`` into ``pyramid.authorization``. + +.. attribute:: DENY_ALL + + A convenience shorthand ACE that defines ``('Deny', + 'system.Everyone', ALL_PERMISSIONS)``. This is often used as the + last ACE in an ACL in systems that use an "inheriting" security + policy, representing the concept "don't inherit any other ACEs". + + .. versionadded:: 2.0 + + Moved from ``pyramid.security`` into ``pyramid.authorization``. + +Return Values +------------- + +.. autoclass:: ACLDenied + :members: msg + + .. automethod:: __new__ + + .. versionadded:: 2.0 + + Moved from ``pyramid.security`` into ``pyramid.authorization``. + +.. autoclass:: ACLAllowed + :members: msg + + .. automethod:: __new__ + + .. versionadded:: 2.0 + + Moved from ``pyramid.security`` into ``pyramid.authorization``. |