diff options
| author | Chris McDonough <chrism@agendaless.com> | 2010-06-23 14:24:54 +0000 |
|---|---|---|
| committer | Chris McDonough <chrism@agendaless.com> | 2010-06-23 14:24:54 +0000 |
| commit | c26a4a59465d95432a45f6ac0c8c55803f055832 (patch) | |
| tree | dff754a7d9fc88f294480404f9d146e630b997a3 /docs/tutorials/bfgwiki/src/authorization | |
| parent | 7200cba168f05c86810f57e5345e4a94ca8e9102 (diff) | |
| download | pyramid-c26a4a59465d95432a45f6ac0c8c55803f055832.tar.gz pyramid-c26a4a59465d95432a45f6ac0c8c55803f055832.tar.bz2 pyramid-c26a4a59465d95432a45f6ac0c8c55803f055832.zip | |
do an indirection through a group at the behest of alex marandon
Diffstat (limited to 'docs/tutorials/bfgwiki/src/authorization')
4 files changed, 7 insertions, 6 deletions
diff --git a/docs/tutorials/bfgwiki/src/authorization/tutorial/configure.zcml b/docs/tutorials/bfgwiki/src/authorization/tutorial/configure.zcml index 5297b9ee3..50b68ef35 100644 --- a/docs/tutorials/bfgwiki/src/authorization/tutorial/configure.zcml +++ b/docs/tutorials/bfgwiki/src/authorization/tutorial/configure.zcml @@ -12,6 +12,7 @@ <authtktauthenticationpolicy secret="sosecret" + callback=".security.groupfinder" /> <aclauthorizationpolicy/> diff --git a/docs/tutorials/bfgwiki/src/authorization/tutorial/login.py b/docs/tutorials/bfgwiki/src/authorization/tutorial/login.py index 08b3db359..8620dc705 100644 --- a/docs/tutorials/bfgwiki/src/authorization/tutorial/login.py +++ b/docs/tutorials/bfgwiki/src/authorization/tutorial/login.py @@ -10,8 +10,8 @@ from tutorial.models import Wiki from tutorial.security import USERS @bfg_view(context=Wiki, name='login', renderer='templates/login.pt') -def login(context, request): - login_url = model_url(context, request, 'login') +def login(request): + login_url = model_url(request.context, request, 'login') referrer = request.url if referrer == login_url: referrer = '/' # never use the login form itself as came_from @@ -37,8 +37,8 @@ def login(context, request): ) @bfg_view(context=Wiki, name='logout') -def logout(context, request): +def logout(request): headers = forget(request) - return HTTPFound(location = model_url(context, request), + return HTTPFound(location = model_url(request.context, request), headers = headers) diff --git a/docs/tutorials/bfgwiki/src/authorization/tutorial/models.py b/docs/tutorials/bfgwiki/src/authorization/tutorial/models.py index 976f5e3e9..08e1da7e4 100644 --- a/docs/tutorials/bfgwiki/src/authorization/tutorial/models.py +++ b/docs/tutorials/bfgwiki/src/authorization/tutorial/models.py @@ -7,7 +7,7 @@ from repoze.bfg.security import Everyone class Wiki(PersistentMapping): __name__ = None __parent__ = None - __acl__ = [ (Allow, Everyone, 'view'), (Allow, 'editor', 'edit') ] + __acl__ = [ (Allow, Everyone, 'view'), (Allow, 'group:editors', 'edit') ] class Page(Persistent): def __init__(self, data): diff --git a/docs/tutorials/bfgwiki/src/authorization/tutorial/security.py b/docs/tutorials/bfgwiki/src/authorization/tutorial/security.py index 791367183..cfd13071e 100644 --- a/docs/tutorials/bfgwiki/src/authorization/tutorial/security.py +++ b/docs/tutorials/bfgwiki/src/authorization/tutorial/security.py @@ -1,6 +1,6 @@ USERS = {'editor':'editor', 'viewer':'viewer'} -GROUPS = {'editor':['group.editors']} +GROUPS = {'editor':['group:editors']} def groupfinder(userid, request): if userid in USERS: |