- The authorization chapter of the SQLAlchemy Wiki Tutorial

  (docs/tutorials/bfgwiki2) was changed to demonstrate authorization
  via a group rather than via a direct username.

3 files changed, 4 insertions, 2 deletions

diff --git a/docs/tutorials/bfgwiki2/src/authorization/tutorial/configure.zcml b/docs/tutorials/bfgwiki2/src/authorization/tutorial/configure.zcml
index b87ca6398..e51a67d70 100644
--- a/docs/tutorials/bfgwiki2/src/authorization/tutorial/configure.zcml
+++ b/docs/tutorials/bfgwiki2/src/authorization/tutorial/configure.zcml
@@ -57,6 +57,7 @@
 
   <authtktauthenticationpolicy
     secret="sosecret"
+    callback=".security.groupfinder"
     />
 
   <aclauthorizationpolicy/>
diff --git a/docs/tutorials/bfgwiki2/src/authorization/tutorial/models.py b/docs/tutorials/bfgwiki2/src/authorization/tutorial/models.py
index db2095ad1..607aa6fde 100644
--- a/docs/tutorials/bfgwiki2/src/authorization/tutorial/models.py
+++ b/docs/tutorials/bfgwiki2/src/authorization/tutorial/models.py
@@ -32,7 +32,8 @@ class Page(Base):
        self.data = data
 
 class RootFactory(object):
-    __acl__ = [ (Allow, Everyone, 'view'), (Allow, 'editor', 'edit') ]
+    __acl__ = [ (Allow, Everyone, 'view'),
+                (Allow, 'group:editors', 'edit') ]
     def __init__(self, request):
         self.__dict__.update(request.matchdict)
 
diff --git a/docs/tutorials/bfgwiki2/src/authorization/tutorial/security.py b/docs/tutorials/bfgwiki2/src/authorization/tutorial/security.py
index 791367183..cfd13071e 100644
--- a/docs/tutorials/bfgwiki2/src/authorization/tutorial/security.py
+++ b/docs/tutorials/bfgwiki2/src/authorization/tutorial/security.py
@@ -1,6 +1,6 @@
 USERS = {'editor':'editor',
           'viewer':'viewer'}
-GROUPS = {'editor':['group.editors']}
+GROUPS = {'editor':['group:editors']}
 
 def groupfinder(userid, request):
     if userid in USERS: