diff options
| author | Chris McDonough <chrism@plope.com> | 2011-08-10 20:20:05 -0400 |
|---|---|---|
| committer | Chris McDonough <chrism@plope.com> | 2011-08-10 20:20:05 -0400 |
| commit | 995466c6bc0da04f50d2db83af653362a0dadd6f (patch) | |
| tree | e5e57108a3d751d9e02cbf06ad5eca8902f4a100 /docs/narr/security.rst | |
| parent | 9a8ba2f09fe3791febbfec2ac383c091aacfbf5b (diff) | |
| parent | 3e3fcdf1376218a4fa6dcffec4f27a41c63d1675 (diff) | |
| download | pyramid-995466c6bc0da04f50d2db83af653362a0dadd6f.tar.gz pyramid-995466c6bc0da04f50d2db83af653362a0dadd6f.tar.bz2 pyramid-995466c6bc0da04f50d2db83af653362a0dadd6f.zip | |
fix merge conflicts
Diffstat (limited to 'docs/narr/security.rst')
| -rw-r--r-- | docs/narr/security.rst | 19 |
1 files changed, 12 insertions, 7 deletions
diff --git a/docs/narr/security.rst b/docs/narr/security.rst index c7a07b857..a61578e21 100644 --- a/docs/narr/security.rst +++ b/docs/narr/security.rst @@ -168,6 +168,9 @@ normal application operations, the requesting user will need to possess the to invoke the ``blog_entry_add_view`` view. If he does not, the :term:`Forbidden view` will be invoked. +.. index:: + pair: permission; default + .. _setting_a_default_permission: Setting a Default Permission @@ -197,9 +200,9 @@ When a default permission is registered: permission is ignored for that view registration, and the view-configuration-named permission is used. -- If a view configuration names an explicit permission as the string - ``__no_permission_required__``, the default permission is ignored, - and the view is registered *without* a permission (making it +- If a view configuration names the permission + :data:`pyramid.security.NO_PERMISSION_REQUIRED`, the default permission + is ignored, and the view is registered *without* a permission (making it available to all callers regardless of their credentials). .. warning:: @@ -207,11 +210,13 @@ When a default permission is registered: When you register a default permission, *all* views (even :term:`exception view` views) are protected by a permission. For all views which are truly meant to be anonymously accessible, you will need to associate the view's - configuration with the ``__no_permission_required__`` permission. + configuration with the :data:`pyramid.security.NO_PERMISSION_REQUIRED` + permission. .. index:: single: ACL single: access control list + pair: resource; ACL .. _assigning_acls: @@ -513,7 +518,7 @@ which ACL permitted or denied the authorization based on authentication information. This behavior can also be turned on in the application ``.ini`` file -by setting the ``debug_authorization`` key to ``true`` within the +by setting the ``pyramid.debug_authorization`` key to ``true`` within the application's configuration section, e.g.: .. code-block:: ini @@ -521,7 +526,7 @@ application's configuration section, e.g.: [app:main] use = egg:MyProject#app - debug_authorization = true + pyramid.debug_authorization = true With this debug flag turned on, the response sent to the browser will also contain security debugging information in its body. @@ -562,7 +567,7 @@ that implements the following interface: .. code-block:: python :linenos: - class AuthenticationPolicy(object): + class IAuthenticationPolicy(object): """ An object representing a Pyramid authentication policy. """ def authenticated_userid(self, request): |