diff options
| author | Chris McDonough <chrism@agendaless.com> | 2009-06-01 07:02:03 +0000 |
|---|---|---|
| committer | Chris McDonough <chrism@agendaless.com> | 2009-06-01 07:02:03 +0000 |
| commit | aff22be3468d594de35b2208bed1299aa9ba5074 (patch) | |
| tree | 7f13ec8144353309c24cee4f1d493c67f4fd91e4 /docs/tutorials | |
| parent | 9fe12960b70f9dc59ac4b3d4d469534e0867df1e (diff) | |
| download | pyramid-aff22be3468d594de35b2208bed1299aa9ba5074.tar.gz pyramid-aff22be3468d594de35b2208bed1299aa9ba5074.tar.bz2 pyramid-aff22be3468d594de35b2208bed1299aa9ba5074.zip | |
Add authorization chapter to bfgwiki2 tutorial.
Diffstat (limited to 'docs/tutorials')
30 files changed, 1936 insertions, 3 deletions
diff --git a/docs/tutorials/bfgwiki/authorization.rst b/docs/tutorials/bfgwiki/authorization.rst index 437cb9c74..ea2366a72 100644 --- a/docs/tutorials/bfgwiki/authorization.rst +++ b/docs/tutorials/bfgwiki/authorization.rst @@ -71,7 +71,7 @@ into its template. We'll add something like this to each view body: .. code-block:: python :linenos: - logged_in = authenticated_user(request) + logged_in = authenticated_userid(request) We'll then change the return value of ``render_template_to_response`` to pass the `resulting `logged_in`` value to the template, e.g.: diff --git a/docs/tutorials/bfgwiki/src/authorization/tutorial/configure.zcml b/docs/tutorials/bfgwiki/src/authorization/tutorial/configure.zcml index df11c18b1..c8c0aa77e 100644 --- a/docs/tutorials/bfgwiki/src/authorization/tutorial/configure.zcml +++ b/docs/tutorials/bfgwiki/src/authorization/tutorial/configure.zcml @@ -5,7 +5,7 @@ <scan package="."/> - <utility provides="repoze.bfg.interfaces.IForbiddenResponseFactory" + <utility provides="repoze.bfg.interfaces.IForbiddenView" component=".login.login"/> </configure> diff --git a/docs/tutorials/bfgwiki2/authorization.rst b/docs/tutorials/bfgwiki2/authorization.rst index 4a51acc93..c8ead9995 100644 --- a/docs/tutorials/bfgwiki2/authorization.rst +++ b/docs/tutorials/bfgwiki2/authorization.rst @@ -11,5 +11,237 @@ allowing anyone with access to the server to view pages. *authentication*. We'll make use of both features to provide security to our application. -XXX not finished +Adding A Context Factory +------------------------ + +We're going to start to use a custom *context factory* within our +``configure.zcml`` file in order to be able to attach security +declarations to our :term:`context` object. When we do this, we can +begin to make use of the declarative security features of +:mod:`repoze.bfg`. + +Let's modify our ``configure.zcml``, following the instructions in the +BFG documentation section named +:ref:`changing_routes_context_factory`. We'll point it at a function +in a new module we create named ``utilities.py``. + +Add the following section to your application's +``configure.zcml``file: + +.. code-block:: xml + :linenos: + + <utility provides="repoze.bfg.interfaces.IRoutesContextFactory" + component=".utilities.RoutesContextFactory"/> + +As a result, our ``configure.zcml`` file will now look like so: + +.. literalinclude:: src/authorization/tutorial/configure.zcml + :linenos: + :language: xml + +Once ``configure.zcml`` has been modified, create a file named +``utilities.py`` and give it the following contents: + +.. literalinclude:: src/authorization/tutorial/utilities.py + :linenos: + :language: python + +The result of our changing of the default routes context factory in +``configure.zcml`` and our addition of a new ``RoutesContextFactory`` +class to ``utilities.py`` allows us to use declarative security +features of :mod:`repoze.bfg`. The ``RoutesContextFactory`` class we +added will be used to construct each of the ``context`` objects passed +to our views. All of our ``context`` objects will possess an +``__acl__`` attribute that allows "Everyone" (a special principal) to +view all request, while allowing only a user named ``editor`` to edit +and add pages. The ``__acl__`` attribute attached to a context is +interpreted specially by :mod:`repoze.bfg` as an access control list +during view execution. See :ref:`assigning_acls` for more information +about what an :term:`ACL` represents. + +.. note: Although we don't use the functionality here, the ``factory`` + used to create route contexts may differ per-route instead of + globally via a ZCML directive. See the ``factory`` attribute in + :ref:`route_zcml_directive` for more info. + +Configuring a ``repoze.bfg`` Authentication Policy +-------------------------------------------------- + +For any :mod:`repoze.bfg` application to perform authorization, we +need to change our ``run.py`` module to add an :term:`authentication +policy`. Adding an authentication policy actually causes the system +to begin to use :term:`authorization`. + +Changing ``run.py`` +~~~~~~~~~~~~~~~~~~~ + +Change your ``run.py`` module to import the +``AuthTktAuthenticationPolicy`` from ``repoze.bfg.authentication``. +Within the body of the ``make_app`` function, construct an instance of +the policy, and pass it as the ``authentication_policy`` argument to +the ``make_app`` function. The first positional argument of an +``AuthTktAuthenticationPolicy`` is a secret used to encrypt cookie +data. Its second argument ("callback") should be a callable that +accepts a userid. If the userid exists in the system, the callback +should return a sequence of group identifiers (or an empty sequence if +the user isn't a member of any groups). If the userid *does not* +exist in the system, the callback should return ``None``. We'll use +"dummy" data to represent user and groups sources. When we're done, +your application's ``run.py`` will look like this. + +.. literalinclude:: src/authorization/tutorial/run.py + :linenos: + :language: python + +BFG's ``make_app`` callable also can accept an authorization policy +parameter. We don't need to specify one, we'll use the default. + +Adding Login and Logout Views +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +We'll add a ``login`` view which renders a login form and processes +the post from the login form, checking credentials. + +We'll also add a ``logout`` view to our application and provide a link +to it. This view will clear the credentials of the logged in user and +redirect back to the front page. + +We'll add a different file (for presentation convenience) to add login +and logout views. Add a file named ``login.py`` to your application +(in the same directory as ``views.py``) with the following content: + +.. literalinclude:: src/authorization/tutorial/login.py + :linenos: + :language: python + +Changing Existing Views +~~~~~~~~~~~~~~~~~~~~~~~ + +Then we need to change each opf our ``view_page``, ``edit_page`` and +``add_page`` views in ``views.py`` to pass a "logged in" parameter +into its template. We'll add something like this to each view body: + +.. code-block:: python + :linenos: + + logged_in = authenticated_userid(request) + +We'll then change the return value of ``render_template_to_response`` +to pass the `resulting `logged_in`` value to the template, e.g.: + +.. code-block:: python + :linenos: + + return render_template_to_response('templates/view.pt', + request = request, + page = context, + content = content, + logged_in = logged_in, + edit_url = edit_url) + +Adding the ``login.pt`` Template +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +Add a ``login.pt`` template to your templates directory. It's +referred to within the login view we just added to ``login.py``. + +.. literalinclude:: src/authorization/tutorial/templates/login.pt + :linenos: + :language: xml + +Change ``view.pt`` and ``edit.pt`` +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +We'll also need to change our ``edit.pt`` and ``view.pt`` templates to +display a "Logout" link if someone is logged in. This link will +invoke the logout view. + +To do so we'll add this to both templates within the ``<div +class="main_content">`` div: + +.. code-block:: xml + :linenos: + + <span tal:condition="logged_in"><a href="${request.application_url}/logout">Logout</a></span> + +Changing ``configure.zcml`` +~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +Change your application's ``configure.zcml`` to add a slightly +inscrutable ``utility`` stanza which "provides" ``IForbiddenView``. +This configures our login view to show up when BFG detects that a view +invocation can not be authorized. Also, add ``permission`` attributes +with the value ``edit`` to the ``edit_page`` and ``add_page`` routes. +This indicates that the views which these routes reference cannot be +invoked without the authenticated user possessing the ``edit`` +permission. When you're done, your ``configure.zcml`` will look like +so: + +.. literalinclude:: src/authorization/tutorial/configure.zcml + :linenos: + :language: xml + +Viewing the Application in a Browser +------------------------------------ + +Once we've set up the WSGI pipeline properly, we can finally examine +our application in a browser. The views we'll try are as follows: + +- Visiting `http://localhost:6543/ <http://localhost:6543/>`_ in a + browser invokes the ``view_wiki`` view. This always redirects to + the ``view_page`` view of the FrontPage page object. It is + executable by any user. + +- Visiting `http://localhost:6543/FrontPage/ + <http://localhost:6543/FrontPage/>`_ in a browser invokes the + ``view_page`` view of the front page page object. + +- Visiting `http://localhost:6543/FrontPage/edit_page + <http://localhost:6543/FrontPage/edit_page>`_ in a browser invokes + the edit view for the front page object. It is executable by only + the ``editor`` user. If a different user (or the anonymous user) + invokes it, a login form will be displayed. Supplying the + credentials with the username ``editor``, password ``editor`` will + show the edit page form being displayed. + +- Visiting `http://localhost:6543/add_page/SomePageName + <http://localhost:6543/add_page/SomePageName>`_ in a browser invokes + the add view for a page. It is executable by only the ``editor`` + user. If a different user (or the anonymous user) invokes it, a + login form will be displayed. Supplying the credentials with the + username ``editor``, password ``editor`` will show the edit page + form being displayed. + +Seeing Our Changes To ``views.py`` and our Templates +---------------------------------------------------- + +Our ``views.py`` module will look something like this when we're done: + +.. literalinclude:: src/authorization/tutorial/views.py + :linenos: + :language: python + +Our ``edit.pt`` template will look something like this when we're done: + +.. literalinclude:: src/authorization/tutorial/templates/edit.pt + :linenos: + :language: xml + +Our ``view.pt`` template will look something like this when we're done: + +.. literalinclude:: src/authorization/tutorial/templates/view.pt + :linenos: + :language: xml + +Revisiting the Application +--------------------------- + +When we revisit the application in a browser, and log in (as a result +of hitting an edit or add page and submitting the login form with the +``editor`` credentials), we'll see a Logout link in the upper right +hand corner. When we click it, we're logged out, and redirected back +to the front page. + + diff --git a/docs/tutorials/bfgwiki2/src/authorization/CHANGES.txt b/docs/tutorials/bfgwiki2/src/authorization/CHANGES.txt new file mode 100644 index 000000000..1544cf53b --- /dev/null +++ b/docs/tutorials/bfgwiki2/src/authorization/CHANGES.txt @@ -0,0 +1,3 @@ +0.1 + + Initial version diff --git a/docs/tutorials/bfgwiki2/src/authorization/README.txt b/docs/tutorials/bfgwiki2/src/authorization/README.txt new file mode 100644 index 000000000..d41f7f90f --- /dev/null +++ b/docs/tutorials/bfgwiki2/src/authorization/README.txt @@ -0,0 +1,4 @@ +tutorial README + + + diff --git a/docs/tutorials/bfgwiki2/src/authorization/ez_setup.py b/docs/tutorials/bfgwiki2/src/authorization/ez_setup.py new file mode 100644 index 000000000..d24e845e5 --- /dev/null +++ b/docs/tutorials/bfgwiki2/src/authorization/ez_setup.py @@ -0,0 +1,276 @@ +#!python +"""Bootstrap setuptools installation + +If you want to use setuptools in your package's setup.py, just include this +file in the same directory with it, and add this to the top of your setup.py:: + + from ez_setup import use_setuptools + use_setuptools() + +If you want to require a specific version of setuptools, set a download +mirror, or use an alternate download directory, you can do so by supplying +the appropriate options to ``use_setuptools()``. + +This file can also be run as a script to install or upgrade setuptools. +""" +import sys +DEFAULT_VERSION = "0.6c9" +DEFAULT_URL = "http://pypi.python.org/packages/%s/s/setuptools/" % sys.version[:3] + +md5_data = { + 'setuptools-0.6b1-py2.3.egg': '8822caf901250d848b996b7f25c6e6ca', + 'setuptools-0.6b1-py2.4.egg': 'b79a8a403e4502fbb85ee3f1941735cb', + 'setuptools-0.6b2-py2.3.egg': '5657759d8a6d8fc44070a9d07272d99b', + 'setuptools-0.6b2-py2.4.egg': '4996a8d169d2be661fa32a6e52e4f82a', + 'setuptools-0.6b3-py2.3.egg': 'bb31c0fc7399a63579975cad9f5a0618', + 'setuptools-0.6b3-py2.4.egg': '38a8c6b3d6ecd22247f179f7da669fac', + 'setuptools-0.6b4-py2.3.egg': '62045a24ed4e1ebc77fe039aa4e6f7e5', + 'setuptools-0.6b4-py2.4.egg': '4cb2a185d228dacffb2d17f103b3b1c4', + 'setuptools-0.6c1-py2.3.egg': 'b3f2b5539d65cb7f74ad79127f1a908c', + 'setuptools-0.6c1-py2.4.egg': 'b45adeda0667d2d2ffe14009364f2a4b', + 'setuptools-0.6c2-py2.3.egg': 'f0064bf6aa2b7d0f3ba0b43f20817c27', + 'setuptools-0.6c2-py2.4.egg': '616192eec35f47e8ea16cd6a122b7277', + 'setuptools-0.6c3-py2.3.egg': 'f181fa125dfe85a259c9cd6f1d7b78fa', + 'setuptools-0.6c3-py2.4.egg': 'e0ed74682c998bfb73bf803a50e7b71e', + 'setuptools-0.6c3-py2.5.egg': 'abef16fdd61955514841c7c6bd98965e', + 'setuptools-0.6c4-py2.3.egg': 'b0b9131acab32022bfac7f44c5d7971f', + 'setuptools-0.6c4-py2.4.egg': '2a1f9656d4fbf3c97bf946c0a124e6e2', + 'setuptools-0.6c4-py2.5.egg': '8f5a052e32cdb9c72bcf4b5526f28afc', + 'setuptools-0.6c5-py2.3.egg': 'ee9fd80965da04f2f3e6b3576e9d8167', + 'setuptools-0.6c5-py2.4.egg': 'afe2adf1c01701ee841761f5bcd8aa64', + 'setuptools-0.6c5-py2.5.egg': 'a8d3f61494ccaa8714dfed37bccd3d5d', + 'setuptools-0.6c6-py2.3.egg': '35686b78116a668847237b69d549ec20', + 'setuptools-0.6c6-py2.4.egg': '3c56af57be3225019260a644430065ab', + 'setuptools-0.6c6-py2.5.egg': 'b2f8a7520709a5b34f80946de5f02f53', + 'setuptools-0.6c7-py2.3.egg': '209fdf9adc3a615e5115b725658e13e2', + 'setuptools-0.6c7-py2.4.egg': '5a8f954807d46a0fb67cf1f26c55a82e', + 'setuptools-0.6c7-py2.5.egg': '45d2ad28f9750e7434111fde831e8372', + 'setuptools-0.6c8-py2.3.egg': '50759d29b349db8cfd807ba8303f1902', + 'setuptools-0.6c8-py2.4.egg': 'cba38d74f7d483c06e9daa6070cce6de', + 'setuptools-0.6c8-py2.5.egg': '1721747ee329dc150590a58b3e1ac95b', + 'setuptools-0.6c9-py2.3.egg': 'a83c4020414807b496e4cfbe08507c03', + 'setuptools-0.6c9-py2.4.egg': '260a2be2e5388d66bdaee06abec6342a', + 'setuptools-0.6c9-py2.5.egg': 'fe67c3e5a17b12c0e7c541b7ea43a8e6', + 'setuptools-0.6c9-py2.6.egg': 'ca37b1ff16fa2ede6e19383e7b59245a', +} + +import sys, os +try: from hashlib import md5 +except ImportError: from md5 import md5 + +def _validate_md5(egg_name, data): + if egg_name in md5_data: + digest = md5(data).hexdigest() + if digest != md5_data[egg_name]: + print >>sys.stderr, ( + "md5 validation of %s failed! (Possible download problem?)" + % egg_name + ) + sys.exit(2) + return data + +def use_setuptools( + version=DEFAULT_VERSION, download_base=DEFAULT_URL, to_dir=os.curdir, + download_delay=15 +): + """Automatically find/download setuptools and make it available on sys.path + + `version` should be a valid setuptools version number that is available + as an egg for download under the `download_base` URL (which should end with + a '/'). `to_dir` is the directory where setuptools will be downloaded, if + it is not already available. If `download_delay` is specified, it should + be the number of seconds that will be paused before initiating a download, + should one be required. If an older version of setuptools is installed, + this routine will print a message to ``sys.stderr`` and raise SystemExit in + an attempt to abort the calling script. + """ + was_imported = 'pkg_resources' in sys.modules or 'setuptools' in sys.modules + def do_download(): + egg = download_setuptools(version, download_base, to_dir, download_delay) + sys.path.insert(0, egg) + import setuptools; setuptools.bootstrap_install_from = egg + try: + import pkg_resources + except ImportError: + return do_download() + try: + pkg_resources.require("setuptools>="+version); return + except pkg_resources.VersionConflict, e: + if was_imported: + print >>sys.stderr, ( + "The required version of setuptools (>=%s) is not available, and\n" + "can't be installed while this script is running. Please install\n" + " a more recent version first, using 'easy_install -U setuptools'." + "\n\n(Currently using %r)" + ) % (version, e.args[0]) + sys.exit(2) + else: + del pkg_resources, sys.modules['pkg_resources'] # reload ok + return do_download() + except pkg_resources.DistributionNotFound: + return do_download() + +def download_setuptools( + version=DEFAULT_VERSION, download_base=DEFAULT_URL, to_dir=os.curdir, + delay = 15 +): + """Download setuptools from a specified location and return its filename + + `version` should be a valid setuptools version number that is available + as an egg for download under the `download_base` URL (which should end + with a '/'). `to_dir` is the directory where the egg will be downloaded. + `delay` is the number of seconds to pause before an actual download attempt. + """ + import urllib2, shutil + egg_name = "setuptools-%s-py%s.egg" % (version,sys.version[:3]) + url = download_base + egg_name + saveto = os.path.join(to_dir, egg_name) + src = dst = None + if not os.path.exists(saveto): # Avoid repeated downloads + try: + from distutils import log + if delay: + log.warn(""" +--------------------------------------------------------------------------- +This script requires setuptools version %s to run (even to display +help). I will attempt to download it for you (from +%s), but +you may need to enable firewall access for this script first. +I will start the download in %d seconds. + +(Note: if this machine does not have network access, please obtain the file + + %s + +and place it in this directory before rerunning this script.) +---------------------------------------------------------------------------""", + version, download_base, delay, url + ); from time import sleep; sleep(delay) + log.warn("Downloading %s", url) + src = urllib2.urlopen(url) + # Read/write all in one block, so we don't create a corrupt file + # if the download is interrupted. + data = _validate_md5(egg_name, src.read()) + dst = open(saveto,"wb"); dst.write(data) + finally: + if src: src.close() + if dst: dst.close() + return os.path.realpath(saveto) + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +def main(argv, version=DEFAULT_VERSION): + """Install or upgrade setuptools and EasyInstall""" + try: + import setuptools + except ImportError: + egg = None + try: + egg = download_setuptools(version, delay=0) + sys.path.insert(0,egg) + from setuptools.command.easy_install import main + return main(list(argv)+[egg]) # we're done here + finally: + if egg and os.path.exists(egg): + os.unlink(egg) + else: + if setuptools.__version__ == '0.0.1': + print >>sys.stderr, ( + "You have an obsolete version of setuptools installed. Please\n" + "remove it from your system entirely before rerunning this script." + ) + sys.exit(2) + + req = "setuptools>="+version + import pkg_resources + try: + pkg_resources.require(req) + except pkg_resources.VersionConflict: + try: + from setuptools.command.easy_install import main + except ImportError: + from easy_install import main + main(list(argv)+[download_setuptools(delay=0)]) + sys.exit(0) # try to force an exit + else: + if argv: + from setuptools.command.easy_install import main + main(argv) + else: + print "Setuptools version",version,"or greater has been installed." + print '(Run "ez_setup.py -U setuptools" to reinstall or upgrade.)' + +def update_md5(filenames): + """Update our built-in md5 registry""" + + import re + + for name in filenames: + base = os.path.basename(name) + f = open(name,'rb') + md5_data[base] = md5(f.read()).hexdigest() + f.close() + + data = [" %r: %r,\n" % it for it in md5_data.items()] + data.sort() + repl = "".join(data) + + import inspect + srcfile = inspect.getsourcefile(sys.modules[__name__]) + f = open(srcfile, 'rb'); src = f.read(); f.close() + + match = re.search("\nmd5_data = {\n([^}]+)}", src) + if not match: + print >>sys.stderr, "Internal error!" + sys.exit(2) + + src = src[:match.start(1)] + repl + src[match.end(1):] + f = open(srcfile,'w') + f.write(src) + f.close() + + +if __name__=='__main__': + if len(sys.argv)>2 and sys.argv[1]=='--md5update': + update_md5(sys.argv[2:]) + else: + main(sys.argv[1:]) + + + + + + diff --git a/docs/tutorials/bfgwiki2/src/authorization/setup.cfg b/docs/tutorials/bfgwiki2/src/authorization/setup.cfg new file mode 100644 index 000000000..807ea6b0e --- /dev/null +++ b/docs/tutorials/bfgwiki2/src/authorization/setup.cfg @@ -0,0 +1,6 @@ +[nosetests] +match=^test +nocapture=1 +cover-package=tutorial +with-coverage=1 +cover-erase=1 diff --git a/docs/tutorials/bfgwiki2/src/authorization/setup.py b/docs/tutorials/bfgwiki2/src/authorization/setup.py new file mode 100644 index 000000000..86be6c960 --- /dev/null +++ b/docs/tutorials/bfgwiki2/src/authorization/setup.py @@ -0,0 +1,52 @@ +import os +import sys + +from ez_setup import use_setuptools +use_setuptools() + +from setuptools import setup, find_packages + +here = os.path.abspath(os.path.dirname(__file__)) +README = open(os.path.join(here, 'README.txt')).read() +CHANGES = open(os.path.join(here, 'CHANGES.txt')).read() + +requires = [ + 'repoze.bfg', + 'SQLAlchemy', + 'transaction', + 'repoze.tm2', + 'zope.sqlalchemy', + 'docutils' + ] + +if sys.version_info[:3] < (2,5,0): + requires.append('pysqlite') + +setup(name='tutorial', + version='0.1', + description='tutorial', + long_description=README + '\n\n' + CHANGES, + classifiers=[ + "Development Status :: 3 - Alpha", + "Intended Audience :: Developers", + "Programming Language :: Python", + "Topic :: Internet :: WWW/HTTP", + "Topic :: Internet :: WWW/HTTP :: Dynamic Content", + "Topic :: Internet :: WWW/HTTP :: WSGI", + "Topic :: Internet :: WWW/HTTP :: WSGI :: Application", + ], + author='', + author_email='', + url='', + keywords='web wsgi bfg zope', + packages=find_packages(), + include_package_data=True, + zip_safe=False, + test_suite='tutorial', + install_requires = requires, + entry_points = """\ + [paste.app_factory] + app = tutorial.run:app + """ + ) + diff --git a/docs/tutorials/bfgwiki2/src/authorization/tutorial.ini b/docs/tutorials/bfgwiki2/src/authorization/tutorial.ini new file mode 100644 index 000000000..d89616316 --- /dev/null +++ b/docs/tutorials/bfgwiki2/src/authorization/tutorial.ini @@ -0,0 +1,20 @@ +[DEFAULT] +debug = true + +[app:sql] +use = egg:tutorial#app +reload_templates = true +debug_authorization = false +debug_notfound = false +db_string = sqlite:///%(here)s/tutorial.db + +[pipeline:main] +pipeline = + egg:Paste#evalerror + egg:repoze.tm2#tm + sql + +[server:main] +use = egg:Paste#http +host = 0.0.0.0 +port = 6543 diff --git a/docs/tutorials/bfgwiki2/src/authorization/tutorial/__init__.py b/docs/tutorials/bfgwiki2/src/authorization/tutorial/__init__.py new file mode 100644 index 000000000..cbdfd3ac6 --- /dev/null +++ b/docs/tutorials/bfgwiki2/src/authorization/tutorial/__init__.py @@ -0,0 +1,2 @@ +# A package + diff --git a/docs/tutorials/bfgwiki2/src/authorization/tutorial/configure.zcml b/docs/tutorials/bfgwiki2/src/authorization/tutorial/configure.zcml new file mode 100644 index 000000000..8fd6140ab --- /dev/null +++ b/docs/tutorials/bfgwiki2/src/authorization/tutorial/configure.zcml @@ -0,0 +1,58 @@ +<configure xmlns="http://namespaces.repoze.org/bfg"> + + <!-- this must be included for the view declarations to work --> + <include package="repoze.bfg.includes" /> + + <subscriber for="repoze.bfg.interfaces.INewRequest" + handler=".run.handle_teardown"/> + + <route + path="login" + name="login" + view=".login.login" + /> + + <route + path="logout" + name="logout" + view=".login.logout" + /> + + <route path="static/*subpath" + name="static" + view=".views.static_view" + /> + + <route + path="" + name="view_wiki" + view=".views.view_wiki" + /> + + <route + path=":pagename" + name="view_page" + view=".views.view_page" + /> + + <route + path=":pagename/edit_page" + name="edit_page" + view=".views.edit_page" + permission="edit" + /> + + <route + path="add_page/:pagename" + name="add_page" + view=".views.add_page" + permission="edit" + /> + + <utility provides="repoze.bfg.interfaces.IRoutesContextFactory" + component=".utilities.RoutesContextFactory"/> + + <utility provides="repoze.bfg.interfaces.IForbiddenView" + component=".login.login"/> + +</configure> diff --git a/docs/tutorials/bfgwiki2/src/authorization/tutorial/login.py b/docs/tutorials/bfgwiki2/src/authorization/tutorial/login.py new file mode 100644 index 000000000..28c3e05b4 --- /dev/null +++ b/docs/tutorials/bfgwiki2/src/authorization/tutorial/login.py @@ -0,0 +1,44 @@ +from webob.exc import HTTPFound + +from routes import url_for + +from repoze.bfg.chameleon_zpt import render_template_to_response + +from repoze.bfg.security import remember +from repoze.bfg.security import forget + +from tutorial.run import USERS + +def login(context, request): + login_url = url_for('login') + referrer = request.environ.get('HTTP_REFERER', '/') + if referrer == login_url: + referrer = '/' # never use the login form itself as came_from + came_from = request.params.get('came_from', referrer) + message = '' + login = '' + password = '' + if 'form.submitted' in request.params: + login = request.params['login'] + password = request.params['password'] + if USERS.get(login) == password: + headers = remember(request, login) + return HTTPFound(location = came_from, + headers = headers) + message = 'Failed login' + + return render_template_to_response( + 'templates/login.pt', + message = message, + url = request.application_url + '/login', + came_from = came_from, + login = login, + password = password, + request =request, + ) + +def logout(context, request): + headers = forget(request) + return HTTPFound(location = url_for('view_wiki'), + headers = headers) + diff --git a/docs/tutorials/bfgwiki2/src/authorization/tutorial/models.py b/docs/tutorials/bfgwiki2/src/authorization/tutorial/models.py new file mode 100644 index 000000000..3e63c3734 --- /dev/null +++ b/docs/tutorials/bfgwiki2/src/authorization/tutorial/models.py @@ -0,0 +1,43 @@ +import transaction + +from sqlalchemy import create_engine +from sqlalchemy import Column +from sqlalchemy import Integer +from sqlalchemy import Text + +from sqlalchemy.exc import IntegrityError + +from sqlalchemy.orm import scoped_session +from sqlalchemy.orm import sessionmaker + +from sqlalchemy.ext.declarative import declarative_base + +from zope.sqlalchemy import ZopeTransactionExtension + +DBSession = scoped_session(sessionmaker(extension=ZopeTransactionExtension())) +Base = declarative_base() + +class Page(Base): + """ The SQLAlchemy declarative model class for a Page object. """ + __tablename__ = 'pages' + id = Column(Integer, primary_key=True) + name = Column(Text, unique=True) + data = Column(Text) + + def __init__(self, name, data): + self.name = name + self.data = data + +def initialize_sql(db, echo=False): + engine = create_engine(db, echo=echo) + DBSession.configure(bind=engine) + Base.metadata.bind = engine + Base.metadata.create_all(engine) + try: + session = DBSession() + page = Page('FrontPage', 'initial data') + session.add(page) + transaction.commit() + except IntegrityError: + # already created + pass diff --git a/docs/tutorials/bfgwiki2/src/authorization/tutorial/run.py b/docs/tutorials/bfgwiki2/src/authorization/tutorial/run.py new file mode 100644 index 000000000..0f2068bba --- /dev/null +++ b/docs/tutorials/bfgwiki2/src/authorization/tutorial/run.py @@ -0,0 +1,40 @@ +from repoze.bfg.router import make_app +from repoze.bfg.authentication import AuthTktAuthenticationPolicy + +import tutorial +from tutorial.models import DBSession +from tutorial.models import initialize_sql + +class Cleanup: + def __init__(self, cleaner): + self.cleaner = cleaner + def __del__(self): + self.cleaner() + +def handle_teardown(event): + environ = event.request.environ + environ['tutorial.sasession'] = Cleanup(DBSession.remove) + +def app(global_config, **kw): + """ This function returns a repoze.bfg.router.Router object. + + It is usually called by the PasteDeploy framework during ``paster serve``. + """ + db_string = kw.get('db_string') + if db_string is None: + raise ValueError("No 'db_string' value in application configuration.") + initialize_sql(db_string) + + authpolicy = AuthTktAuthenticationPolicy('seekr!t', callback=groupfinder) + + return make_app(None, tutorial, authentication_policy=authpolicy, + options=kw) + +USERS = {'editor':'editor', + 'viewer':'viewer'} +GROUPS = {'editor':['group.editors']} + +def groupfinder(userid): + if userid in USERS: + return GROUPS.get(userid, []) + diff --git a/docs/tutorials/bfgwiki2/src/authorization/tutorial/templates/edit.pt b/docs/tutorials/bfgwiki2/src/authorization/tutorial/templates/edit.pt new file mode 100644 index 000000000..5e56f1fd6 --- /dev/null +++ b/docs/tutorials/bfgwiki2/src/authorization/tutorial/templates/edit.pt @@ -0,0 +1,31 @@ +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" + "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> +<html + xmlns="http://www.w3.org/1999/xhtml" + xmlns:tal="http://xml.zope.org/namespaces/tal"> + +<head> + <meta content="text/html; charset=utf-8" http-equiv="Content-Type"/> + <title>bfg tutorial wiki (based on TurboGears 20-Minute Wiki) Editing: ${page.name}</title> + <link rel="stylesheet" type="text/css" + href="${request.application_url}/static/style.css" /> +</head> + +<body> + +<div class="main_content"> + <div style="float:right; width: 10em;"> Viewing + <span tal:replace="page.name">Page Name Goes Here</span> <br/> + You can return to the <a href="${request.application_url}">FrontPage</a>. + <span tal:condition="logged_in"><a href="${request.application_url}/logout">Logout</a></span> + </div> + + <div> + <form action="${save_url}" method="post"> + <textarea name="body" tal:content="page.data" rows="10" cols="60"/> + <input type="submit" name="form.submitted" value="Save"/> + </form> + </div> +</div> +</body> +</html> diff --git a/docs/tutorials/bfgwiki2/src/authorization/tutorial/templates/login.pt b/docs/tutorials/bfgwiki2/src/authorization/tutorial/templates/login.pt new file mode 100644 index 000000000..a9e086461 --- /dev/null +++ b/docs/tutorials/bfgwiki2/src/authorization/tutorial/templates/login.pt @@ -0,0 +1,32 @@ +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" + "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> +<html + xmlns="http://www.w3.org/1999/xhtml" + xmlns:tal="http://xml.zope.org/namespaces/tal"> + +<head> + <meta content="text/html; charset=utf-8" http-equiv="Content-Type"/> + <title>bfg tutorial wiki (based on TurboGears 20-Minute Wiki)</title> + <link rel="stylesheet" type="text/css" + href="${request.application_url}/static/style.css" /> +</head> + +<body> + +<h1>Log In</h1> + +<div tal:replace="message"/> + +<div class="main_content"> + <form action="${url}" method="post"> + <input type="hidden" name="came_from" value="${came_from}"/> + <input type="text" name="login" value="${login}"/> + <br/> + <input type="password" name="password" value="${password}"/> + <br/> + <input type="submit" name="form.submitted" value="Log In"/> + </form> +</div> + +</body> +</html> diff --git a/docs/tutorials/bfgwiki2/src/authorization/tutorial/templates/mytemplate.pt b/docs/tutorials/bfgwiki2/src/authorization/tutorial/templates/mytemplate.pt new file mode 100644 index 000000000..767252554 --- /dev/null +++ b/docs/tutorials/bfgwiki2/src/authorization/tutorial/templates/mytemplate.pt @@ -0,0 +1,99 @@ +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml" + xmlns:tal="http://xml.zope.org/namespaces/tal"> +<head> +<meta http-equiv="content-type" content="text/html; charset=utf-8" /> +<title>${project} Application</title> +<meta name="keywords" content="python web application" /> +<meta name="description" content="repoze.bfg web application" /> +<link href="${request.application_url}/static/default.css" rel="stylesheet" type="text/css" /> +</head> +<body> +<!-- start header --> +<div id="logo"> + <h2><code>${project}</code>, a <code>repoze.bfg</code> application</h2> +</div> +<div id="header"> + <div id="menu"> + </div> +</div> +<!-- end header --> +<div id="wrapper"> + <!-- start page --> + <div id="page"> + <!-- start content --> + <div id="content"> + <div class="post"> + <h1 class="title">Welcome to <code>${project}</code>, an + application generated by the <a + href="http://bfg.repoze.org">repoze.bfg</a> web + application framework.</h1> + </div> + </div> + <!-- end content --> + <!-- start sidebar --> + <div id="sidebar"> + <ul> + <li id="search"> + <h2>Search<br/> <code>repoze.bfg</code> Documentation</h2> + <form method="get" + action="http://bfg.repoze.org/searchresults"> + <fieldset> + <input type="text" id="q" name="text" value="" /> + <input type="submit" id="x" value="Search" /> + </fieldset> + </form> + </li> + <li> + <h2><code>repoze.bfg</code> links</h2> + <ul> + <li><a + href="http://docs.repoze.org/bfg/#narrative-documentation">Narrative + Documentation</a> + </li> + <li> + <a + href="http://docs.repoze.org/bfg/#api-documentation">API + Documentation</a> + </li> + <li> + <a + href="http://docs.repoze.org/bfg/#tutorials">Tutorials</a> + </li> + <li> + <a + href="http://docs.repoze.org/bfg/#change-history">Change + History</a> + </li> + <li> + <a + href="http://docs.repoze.org/bfg/#sample-applications">Sample + Applications</a> + </li> + <li> + <a + href="http://docs.repoze.org/bfg/#support-and-development">Support + and Development</a> + </li> + <li> + <a + href="irc://irc.freenode.net#repoze">IRC Channel</a> + </li> + </ul> + </li> + </ul> + </div> + <!-- end sidebar --> + <div style="clear: both;"> </div> + </div> +</div> +<!-- end page --> +<!-- start footer --> +<div id="footer"> + <p id="legal">( c ) 2008. All Rights Reserved. Template design + by <a href="http://www.freecsstemplates.org/">Free CSS + Templates</a>.</p> +</div> +<!-- end footer --> +</body> +</html> diff --git a/docs/tutorials/bfgwiki2/src/authorization/tutorial/templates/mytemplate.pt.py b/docs/tutorials/bfgwiki2/src/authorization/tutorial/templates/mytemplate.pt.py new file mode 100644 index 000000000..678ee58fe --- /dev/null +++ b/docs/tutorials/bfgwiki2/src/authorization/tutorial/templates/mytemplate.pt.py @@ -0,0 +1,110 @@ +registry = dict(version='6.3') +def bind(): + from cPickle import loads as _loads + _init_stream = _loads('cchameleon.core.generation\ninitialize_stream\np1\n.') + _lookup_attr = _loads('cchameleon.core.codegen\nlookup_attr\np1\n.') + _init_scope = _loads('cchameleon.core.utils\necontext\np1\n.') + _re_amp = _loads("cre\n_compile\np1\n(S'&(?!([A-Za-z]+|#[0-9]+);)'\np2\nI0\ntRp3\n.") + _init_default = _loads('cchameleon.core.generation\ninitialize_default\np1\n.') + _lookup_name = _loads('cchameleon.core.codegen\nlookup_name\np1\n.') + _init_tal = _loads('cchameleon.core.generation\ninitialize_tal\np1\n.') + def render(econtext): + macros = econtext.get('macros') + _slots = econtext.get('_slots') + target_language = econtext.get('target_language') + u'_init_stream()' + (_out, _write) = _init_stream() + u'_init_tal()' + (_attributes, repeat) = _init_tal() + u'_init_default()' + _default = _init_default() + u'None' + default = None + u'None' + _domain = None + u'project' + _write(u'<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">\n<html xmlns="http://www.w3.org/1999/xhtml">\n<head><title>') + _tmp1 = econtext['project'] + _tmp = _tmp1 + if (_tmp.__class__ not in (str, unicode) and hasattr(_tmp, '__html__')): + _write(_tmp.__html__()) + elif _tmp is not None: + if not (isinstance(_tmp, unicode)): + _tmp = str(_tmp) + if '&' in _tmp: + if ';' in _tmp: + _tmp = _re_amp.sub('&', _tmp) + else: + _tmp = _tmp.replace('&', '&') + if '<' in _tmp: + _tmp = _tmp.replace('<', '<') + if '>' in _tmp: + _tmp = _tmp.replace('>', '>') + _write(_tmp) + _write(u' Application</title>\n<meta name="keywords" content="python web application" />\n<meta name="description" content="repoze.bfg web application" />\n<link') + default = u'${request.application_url}/static/default.css' + "join(value('request.application_url'), u'/static/default.css')" + _tmp1 = ('%s%s' % (_lookup_attr(econtext['request'], 'application_url'), u'/static/default.css')) + default = None + if _tmp1 is _default: + _tmp1 = u'${request.application_url}/static/default.css' + if (_tmp1 is None or _tmp1 is False): + pass + else: + if not (isinstance(_tmp1, unicode)): + _tmp1 = str(_tmp1) + if '&' in _tmp1: + if ';' in _tmp1: + _tmp1 = _re_amp.sub('&', _tmp1) + else: + _tmp1 = _tmp1.replace('&', '&') + if '<' in _tmp1: + _tmp1 = _tmp1.replace('<', '<') + if '>' in _tmp1: + _tmp1 = _tmp1.replace('>', '>') + if '"' in _tmp1: + _tmp1 = _tmp1.replace('"', '"') + _write((' href="' + _tmp1) + '"') + u'project' + _write(u' rel="stylesheet" type="text/css" />\n</head>\n<body>\n<!-- start header -->\n<div id="logo">\n <h2><code>') + _tmp1 = econtext['project'] + _tmp = _tmp1 + if (_tmp.__class__ not in (str, unicode) and hasattr(_tmp, '__html__')): + _write(_tmp.__html__()) + elif _tmp is not None: + if not (isinstance(_tmp, unicode)): + _tmp = str(_tmp) + if '&' in _tmp: + if ';' in _tmp: + _tmp = _re_amp.sub('&', _tmp) + else: + _tmp = _tmp.replace('&', '&') + if '<' in _tmp: + _tmp = _tmp.replace('<', '<') + if '>' in _tmp: + _tmp = _tmp.replace('>', '>') + _write(_tmp) + u'project' + _write(u'</code>, a <code>repoze.bfg</code> application</h2>\n</div>\n<div id="header">\n <div id="menu">\n </div>\n</div>\n<!-- end header -->\n<div id="wrapper">\n <!-- start page -->\n <div id="page">\n <!-- start content -->\n <div id="content">\n <div class="post">\n\t<h1 class="title">Welcome to <code>') + _tmp1 = econtext['project'] + _tmp = _tmp1 + if (_tmp.__class__ not in (str, unicode) and hasattr(_tmp, '__html__')): + _write(_tmp.__html__()) + elif _tmp is not None: + if not (isinstance(_tmp, unicode)): + _tmp = str(_tmp) + if '&' in _tmp: + if ';' in _tmp: + _tmp = _re_amp.sub('&', _tmp) + else: + _tmp = _tmp.replace('&', '&') + if '<' in _tmp: + _tmp = _tmp.replace('<', '<') + if '>' in _tmp: + _tmp = _tmp.replace('>', '>') + _write(_tmp) + _write(u'</code>, an\n\tapplication generated by the <a href="http://bfg.repoze.org">repoze.bfg</a> web\n\tapplication framework.</h1>\n </div>\n </div>\n <!-- end content -->\n <!-- start sidebar -->\n <div id="sidebar">\n <ul>\n\t<li id="search">\n\t <h2>Search<br /> <code>repoze.bfg</code> Documentation</h2>\n\t <form method="get" action="http://bfg.repoze.org/searchresults">\n\t <fieldset>\n\t <input type="text" id="q" name="text" value="" />\n\t <input type="submit" id="x" value="Search" />\n\t </fieldset>\n\t </form>\n\t</li>\n\t<li>\n\t <h2><code>repoze.bfg</code> links</h2>\n\t <ul>\n\t <li><a href="http://docs.repoze.org/bfg/#narrative-documentation">Narrative\n\t Documentation</a>\n </li>\n\t <li>\n <a href="http://docs.repoze.org/bfg/#api-documentation">API\n Documentation</a>\n </li>\n\t <li>\n <a href="http://docs.repoze.org/bfg/#tutorials">Tutorials</a>\n </li>\n\t <li>\n <a href="http://docs.repoze.org/bfg/#change-history">Change\n History</a>\n </li>\n\t <li>\n <a href="http://docs.repoze.org/bfg/#sample-applications">Sample\n Applications</a>\n </li>\n\t <li>\n <a href="http://docs.repoze.org/bfg/#support-and-development">Support\n and Development</a>\n </li>\n\t <li>\n <a href="irc://irc.freenode.net#repoze">IRC Channel</a>\n </li>\n\t </ul>\n\t</li>\n </ul>\n </div>\n <!-- end sidebar -->\n <div style="clear: both;"> </div>\n </div>\n</div>\n<!-- end page -->\n<!-- start footer -->\n<div id="footer">\n <p id="legal">( c ) 2008. All Rights Reserved. Template design\n by <a href="http://www.freecsstemplates.org/">Free CSS\n Templates</a>.</p>\n</div>\n<!-- end footer -->\n</body>\n</html>') + return _out.getvalue() + return render + +registry[(None, True, '1488bdb950901f8f258549439ef6661a49aae984')] = bind() diff --git a/docs/tutorials/bfgwiki2/src/authorization/tutorial/templates/static/default.css b/docs/tutorials/bfgwiki2/src/authorization/tutorial/templates/static/default.css new file mode 100644 index 000000000..41b3debde --- /dev/null +++ b/docs/tutorials/bfgwiki2/src/authorization/tutorial/templates/static/default.css @@ -0,0 +1,380 @@ +/* +Design by Free CSS Templates +http://www.freecsstemplates.org +Released for free under a Creative Commons Attribution 2.5 License +*/ + +body { + margin: 0; + padding: 0; + background: url(images/img01.gif) repeat-x left top; + font-size: 13px; + font-family: "Trebuchet MS", Georgia, "Times New Roman", Times, serif; + text-align: justify; + color: #FFFFFF; +} + +h1, h2, h3 { + margin: 0; + text-transform: lowercase; + font-weight: normal; + color: #FFFFFF; +} + +h1 { + letter-spacing: -1px; + font-size: 32px; +} + +h2 { + font-size: 23px; +} + +p, ul, ol { + margin: 0 0 2em 0; + text-align: justify; + line-height: 26px; +} + +a:link { + color: #8BD80E; +} + +a:hover, a:active { + text-decoration: none; + color: #8BD80E; +} + +a:visited { + color: #8BD80E; +} + +img { + border: none; +} + +img.left { + float: left; + margin-right: 15px; +} + +img.right { + float: right; + margin-left: 15px; +} + +/* Form */ + +form { + margin: 0; + padding: 0; +} + +fieldset { + margin: 0; + padding: 0; + border: none; +} + +legend { + display: none; +} + +input, textarea, select { + font-family: "Trebuchet MS", Arial, Helvetica, sans-serif; + font-size: 13px; + color: #333333; +} + +#wrapper { + margin: 0; + padding: 0; + background: #000000; +} + +/* Header */ + +#header { + width: 713px; + margin: 0 auto; + height: 42px; +} + +/* Menu */ + +#menu { + float: left; + width: 713px; + height: 50px; + background: url(images/img02.gif) no-repeat left top; +} + +#menu ul { + margin: 0; + padding: 0px 0 0 10px; + list-style: none; + line-height: normal; +} + +#menu li { + display: block; + float: left; +} + +#menu a { + display: block; + float: left; + background: url(images/img04.gif) no-repeat right 55%; + margin-top: 5px; + margin-right: 3px; + padding: 8px 17px; + text-decoration: none; + font-size: 13px; + color: #000000; +} + +#menu a:hover { + color: #000000; +} + +#menu .current_page_item a { + color: #000000; +} + +/** LOGO */ + +#logo { + width: 713px; + height: 80px; + margin: 0 auto; +} + +#logo h1, #logo h2 { + float: left; + margin: 0; + padding: 30px 0 0 0px; + line-height: normal; +} + +#logo h1 { + font-family: Georgia, "Times New Roman", Times, serif; + font-size:40px; +} + +#logo h1 a { + text-decoration: none; + color: #4C4C4C; +} + +#logo h1 a:hover { text-decoration: underline; } + +#logo h2 { + float: left; + padding: 45px 0 0 18px; + font: 18px Georgia, "Times New Roman", Times, serif; + color: #8BD80E; +} + +#logo p a { + text-decoration: none; + color: #8BD80E; +} + +#logo p a:hover { text-decoration: underline; } + + + +/* Page */ + +#page { + width: 663px; + margin: 0 auto; + background: #4C4C4C url(images/img03.gif) no-repeat left bottom; + padding: 0 25px; +} + +/* Content */ + +#content { + float: left; + width: 410px; + +} + +/* Post */ + +.post { + padding: 15px 0px; + margin-bottom: 20px; +} + +.post .title { + margin-bottom: 20px; + padding-bottom: 5px; +} + +.post h1 { + padding: 0px 0 0 0px; + background: url(images/img08.jpg) no-repeat left top; + font-size: 24px; + color: #FFFFFF; +} + +.post h2 { + padding: 0px 0 0 0px; + font-size: 22px; + color: #FFFFFF; +} + +.post .entry { +} + +.post .meta { + padding: 15px 15px 30px 0px; + font-family: Arial, Helvetica, sans-serif; + font-size: 11px; +} + +.post .meta p { + margin: 0; + padding-top: 15px; + line-height: normal; + color: #FFFFFF; +} + +.post .meta .byline { + float: left; +} + +.post .meta .links { + float: right; +} + +.post .meta .more { + padding: 0 10px 0 18px; +} + +.post .meta .comments { +} + +.post .meta b { + display: none; +} + + +/* Sidebar */ + +#sidebar { + width: 210px; + float: right; + margin: 0; + padding: 0; +} + +#sidebar ul { + margin: 0; + padding: 0; + list-style: none; +} + +#sidebar li { + margin-bottom: 40px; +} + +#sidebar li ul { +} + +#sidebar li li { + margin: 0; +} + +#sidebar h2 { + width: 250px; + padding: 8px 0 0 0px; + margin-bottom: 10px; + background: url(images/img07.jpg) no-repeat left top; + font-size: 20px; + color: #FFFFFF; +} + +/* Search */ + +#search { + +} + +#search h2 { + margin-bottom: 20px; +} + +#s { + width: 140px; + margin-right: 5px; + padding: 3px; + border: 1px solid #BED99C; +} + +#x { + padding: 3px; + border: none; + background: #8BD80E; + text-transform: lowercase; + font-size: 11px; + color: #FFFFFF; +} + +/* Boxes */ + +.box1 { + padding: 20px; +} + +.box2 { + color: #BABABA; +} + +.box2 h2 { + margin-bottom: 15px; + font-size: 16px; + color: #FFFFFF; +} + +.box2 ul { + margin: 0; + padding: 0; + list-style: none; +} + +.box2 a:link, .box2 a:hover, .box2 a:active, .box2 a:visited { + color: #EDEDED; +} + +/* Footer */ +#footer-wrap { +} + +#footer { + margin: 0 auto; + padding: 20px 0 10px 0; + background: #000000; +} + +html>body #footer { + height: auto; +} + +#footer p { + font-size: 11px; +} + +#legal { + clear: both; + padding-top: 17px; + text-align: center; + color: #FFFFFF; +} + +#legal a { + font-weight: normal; + color: #FFFFFF; +} diff --git a/docs/tutorials/bfgwiki2/src/authorization/tutorial/templates/static/images/img01.gif b/docs/tutorials/bfgwiki2/src/authorization/tutorial/templates/static/images/img01.gif Binary files differnew file mode 100644 index 000000000..5f082bd99 --- /dev/null +++ b/docs/tutorials/bfgwiki2/src/authorization/tutorial/templates/static/images/img01.gif diff --git a/docs/tutorials/bfgwiki2/src/authorization/tutorial/templates/static/images/img02.gif b/docs/tutorials/bfgwiki2/src/authorization/tutorial/templates/static/images/img02.gif Binary files differnew file mode 100644 index 000000000..45a3ae976 --- /dev/null +++ b/docs/tutorials/bfgwiki2/src/authorization/tutorial/templates/static/images/img02.gif diff --git a/docs/tutorials/bfgwiki2/src/authorization/tutorial/templates/static/images/img03.gif b/docs/tutorials/bfgwiki2/src/authorization/tutorial/templates/static/images/img03.gif Binary files differnew file mode 100644 index 000000000..d92ea38f9 --- /dev/null +++ b/docs/tutorials/bfgwiki2/src/authorization/tutorial/templates/static/images/img03.gif diff --git a/docs/tutorials/bfgwiki2/src/authorization/tutorial/templates/static/images/img04.gif b/docs/tutorials/bfgwiki2/src/authorization/tutorial/templates/static/images/img04.gif Binary files differnew file mode 100644 index 000000000..950c4af9d --- /dev/null +++ b/docs/tutorials/bfgwiki2/src/authorization/tutorial/templates/static/images/img04.gif diff --git a/docs/tutorials/bfgwiki2/src/authorization/tutorial/templates/static/images/spacer.gif b/docs/tutorials/bfgwiki2/src/authorization/tutorial/templates/static/images/spacer.gif Binary files differnew file mode 100644 index 000000000..5bfd67a2d --- /dev/null +++ b/docs/tutorials/bfgwiki2/src/authorization/tutorial/templates/static/images/spacer.gif diff --git a/docs/tutorials/bfgwiki2/src/authorization/tutorial/templates/static/style.css b/docs/tutorials/bfgwiki2/src/authorization/tutorial/templates/static/style.css new file mode 100644 index 000000000..0a4b5767e --- /dev/null +++ b/docs/tutorials/bfgwiki2/src/authorization/tutorial/templates/static/style.css @@ -0,0 +1,109 @@ +html, body { + color: black; + background-color: #ddd; + font: x-small "Lucida Grande", "Lucida Sans Unicode", geneva, verdana, sans-serif; + margin: 0; + padding: 0; +} + +td, th {padding:3px;border:none;} +tr th {text-align:left;background-color:#f0f0f0;color:#333;} +tr.odd td {background-color:#edf3fe;} +tr.even td {background-color:#fff;} + +#header { + height: 80px; + width: 777px; + background: blue URL('../images/header_inner.png') no-repeat; + border-left: 1px solid #aaa; + border-right: 1px solid #aaa; + margin: 0 auto 0 auto; +} + +a.link, a, a.active { + color: #369; +} + + +#main_content { + color: black; + font-size: 127%; + background-color: white; + width: 757px; + margin: 0 auto 0 auto; + border-left: 1px solid #aaa; + border-right: 1px solid #aaa; + padding: 10px; +} + +#sidebar { + border: 1px solid #aaa; + background-color: #eee; + margin: 0.5em; + padding: 1em; + float: right; + width: 200px; + font-size: 88%; +} + +#sidebar h2 { + margin-top: 0; +} + +#sidebar ul { + margin-left: 1.5em; + padding-left: 0; +} + +h1,h2,h3,h4,h5,h6,#getting_started_steps { + font-family: "Century Schoolbook L", Georgia, serif; + font-weight: bold; +} + +h2 { + font-size: 150%; +} + +#footer { + border: 1px solid #aaa; + border-top: 0px none; + color: #999; + background-color: white; + padding: 10px; + font-size: 80%; + text-align: center; + width: 757px; + margin: 0 auto 1em auto; +} + +.code { + font-family: monospace; +} + +span.code { + font-weight: bold; + background: #eee; +} + +#status_block { + margin: 0 auto 0.5em auto; + padding: 15px 10px 15px 55px; + background: #cec URL('../images/ok.png') left center no-repeat; + border: 1px solid #9c9; + width: 450px; + font-size: 120%; + font-weight: bolder; +} + +.notice { + margin: 0.5em auto 0.5em auto; + padding: 15px 10px 15px 55px; + width: 450px; + background: #eef URL('../images/info.png') left center no-repeat; + border: 1px solid #cce; +} + +.fielderror { + color: red; + font-weight: bold; +} diff --git a/docs/tutorials/bfgwiki2/src/authorization/tutorial/templates/static/templatelicense.txt b/docs/tutorials/bfgwiki2/src/authorization/tutorial/templates/static/templatelicense.txt new file mode 100644 index 000000000..ccb6b06ab --- /dev/null +++ b/docs/tutorials/bfgwiki2/src/authorization/tutorial/templates/static/templatelicense.txt @@ -0,0 +1,243 @@ +Creative Commons </> + +Creative Commons Legal Code + +*Attribution 2.5* + +CREATIVE COMMONS CORPORATION IS NOT A LAW FIRM AND DOES NOT PROVIDE +LEGAL SERVICES. DISTRIBUTION OF THIS LICENSE DOES NOT CREATE AN +ATTORNEY-CLIENT RELATIONSHIP. CREATIVE COMMONS PROVIDES THIS INFORMATION +ON AN "AS-IS" BASIS. CREATIVE COMMONS MAKES NO WARRANTIES REGARDING THE +INFORMATION PROVIDED, AND DISCLAIMS LIABILITY FOR DAMAGES RESULTING FROM +ITS USE. + +/License/ + +THE WORK (AS DEFINED BELOW) IS PROVIDED UNDER THE TERMS OF THIS CREATIVE +COMMONS PUBLIC LICENSE ("CCPL" OR "LICENSE"). THE WORK IS PROTECTED BY +COPYRIGHT AND/OR OTHER APPLICABLE LAW. ANY USE OF THE WORK OTHER THAN AS +AUTHORIZED UNDER THIS LICENSE OR COPYRIGHT LAW IS PROHIBITED. + +BY EXERCISING ANY RIGHTS TO THE WORK PROVIDED HERE, YOU ACCEPT AND AGREE +TO BE BOUND BY THE TERMS OF THIS LICENSE. THE LICENSOR GRANTS YOU THE +RIGHTS CONTAINED HERE IN CONSIDERATION OF YOUR ACCEPTANCE OF SUCH TERMS +AND CONDITIONS. + +*1. Definitions* + + 1. *"Collective Work"* means a work, such as a periodical issue, + anthology or encyclopedia, in which the Work in its entirety in + unmodified form, along with a number of other contributions, + constituting separate and independent works in themselves, are + assembled into a collective whole. A work that constitutes a + Collective Work will not be considered a Derivative Work (as + defined below) for the purposes of this License. + 2. *"Derivative Work"* means a work based upon the Work or upon the + Work and other pre-existing works, such as a translation, musical + arrangement, dramatization, fictionalization, motion picture + version, sound recording, art reproduction, abridgment, + condensation, or any other form in which the Work may be recast, + transformed, or adapted, except that a work that constitutes a + Collective Work will not be considered a Derivative Work for the + purpose of this License. For the avoidance of doubt, where the + Work is a musical composition or sound recording, the + synchronization of the Work in timed-relation with a moving image + ("synching") will be considered a Derivative Work for the purpose + of this License. + 3. *"Licensor"* means the individual or entity that offers the Work + under the terms of this License. + 4. *"Original Author"* means the individual or entity who created the + Work. + 5. *"Work"* means the copyrightable work of authorship offered under + the terms of this License. + 6. *"You"* means an individual or entity exercising rights under this + License who has not previously violated the terms of this License + with respect to the Work, or who has received express permission + from the Licensor to exercise rights under this License despite a + previous violation. + +*2. Fair Use Rights.* Nothing in this license is intended to reduce, +limit, or restrict any rights arising from fair use, first sale or other +limitations on the exclusive rights of the copyright owner under +copyright law or other applicable laws. + +*3. License Grant.* Subject to the terms and conditions of this License, +Licensor hereby grants You a worldwide, royalty-free, non-exclusive, +perpetual (for the duration of the applicable copyright) license to +exercise the rights in the Work as stated below: + + 1. to reproduce the Work, to incorporate the Work into one or more + Collective Works, and to reproduce the Work as incorporated in the + Collective Works; + 2. to create and reproduce Derivative Works; + 3. to distribute copies or phonorecords of, display publicly, perform + publicly, and perform publicly by means of a digital audio + transmission the Work including as incorporated in Collective Works; + 4. to distribute copies or phonorecords of, display publicly, perform + publicly, and perform publicly by means of a digital audio + transmission Derivative Works. + 5. + + For the avoidance of doubt, where the work is a musical composition: + + 1. *Performance Royalties Under Blanket Licenses*. Licensor + waives the exclusive right to collect, whether individually + or via a performance rights society (e.g. ASCAP, BMI, + SESAC), royalties for the public performance or public + digital performance (e.g. webcast) of the Work. + 2. *Mechanical Rights and Statutory Royalties*. Licensor waives + the exclusive right to collect, whether individually or via + a music rights agency or designated agent (e.g. Harry Fox + Agency), royalties for any phonorecord You create from the + Work ("cover version") and distribute, subject to the + compulsory license created by 17 USC Section 115 of the US + Copyright Act (or the equivalent in other jurisdictions). + 6. *Webcasting Rights and Statutory Royalties*. For the avoidance of + doubt, where the Work is a sound recording, Licensor waives the + exclusive right to collect, whether individually or via a + performance-rights society (e.g. SoundExchange), royalties for the + public digital performance (e.g. webcast) of the Work, subject to + the compulsory license created by 17 USC Section 114 of the US + Copyright Act (or the equivalent in other jurisdictions). + +The above rights may be exercised in all media and formats whether now +known or hereafter devised. The above rights include the right to make +such modifications as are technically necessary to exercise the rights +in other media and formats. All rights not expressly granted by Licensor +are hereby reserved. + +*4. Restrictions.*The license granted in Section 3 above is expressly +made subject to and limited by the following restrictions: + + 1. You may distribute, publicly display, publicly perform, or + publicly digitally perform the Work only under the terms of this + License, and You must include a copy of, or the Uniform Resource + Identifier for, this License with every copy or phonorecord of the + Work You distribute, publicly display, publicly perform, or + publicly digitally perform. You may not offer or impose any terms + on the Work that alter or restrict the terms of this License or + the recipients' exercise of the rights granted hereunder. You may + not sublicense the Work. You must keep intact all notices that + refer to this License and to the disclaimer of warranties. You may + not distribute, publicly display, publicly perform, or publicly + digitally perform the Work with any technological measures that + control access or use of the Work in a manner inconsistent with + the terms of this License Agreement. The above applies to the Work + as incorporated in a Collective Work, but this does not require + the Collective Work apart from the Work itself to be made subject + to the terms of this License. If You create a Collective Work, + upon notice from any Licensor You must, to the extent practicable, + remove from the Collective Work any credit as required by clause + 4(b), as requested. If You create a Derivative Work, upon notice + from any Licensor You must, to the extent practicable, remove from + the Derivative Work any credit as required by clause 4(b), as + requested. + 2. If you distribute, publicly display, publicly perform, or publicly + digitally perform the Work or any Derivative Works or Collective + Works, You must keep intact all copyright notices for the Work and + provide, reasonable to the medium or means You are utilizing: (i) + the name of the Original Author (or pseudonym, if applicable) if + supplied, and/or (ii) if the Original Author and/or Licensor + designate another party or parties (e.g. a sponsor institute, + publishing entity, journal) for attribution in Licensor's + copyright notice, terms of service or by other reasonable means, + the name of such party or parties; the title of the Work if + supplied; to the extent reasonably practicable, the Uniform + Resource Identifier, if any, that Licensor specifies to be + associated with the Work, unless such URI does not refer to the + copyright notice or licensing information for the Work; and in the + case of a Derivative Work, a credit identifying the use of the + Work in the Derivative Work (e.g., "French translation of the Work + by Original Author," or "Screenplay based on original Work by + Original Author"). Such credit may be implemented in any + reasonable manner; provided, however, that in the case of a + Derivative Work or Collective Work, at a minimum such credit will + appear where any other comparable authorship credit appears and in + a manner at least as prominent as such other comparable authorship + credit. + +*5. Representations, Warranties and Disclaimer* + +UNLESS OTHERWISE MUTUALLY AGREED TO BY THE PARTIES IN WRITING, LICENSOR +OFFERS THE WORK AS-IS AND MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY +KIND CONCERNING THE WORK, EXPRESS, IMPLIED, STATUTORY OR OTHERWISE, +INCLUDING, WITHOUT LIMITATION, WARRANTIES OF TITLE, MERCHANTIBILITY, +FITNESS FOR A PARTICULAR PURPOSE, NONINFRINGEMENT, OR THE ABSENCE OF +LATENT OR OTHER DEFECTS, ACCURACY, OR THE PRESENCE OF ABSENCE OF ERRORS, +WHETHER OR NOT DISCOVERABLE. SOME JURISDICTIONS DO NOT ALLOW THE +EXCLUSION OF IMPLIED WARRANTIES, SO SUCH EXCLUSION MAY NOT APPLY TO YOU. + +*6. Limitation on Liability.* EXCEPT TO THE EXTENT REQUIRED BY +APPLICABLE LAW, IN NO EVENT WILL LICENSOR BE LIABLE TO YOU ON ANY LEGAL +THEORY FOR ANY SPECIAL, INCIDENTAL, CONSEQUENTIAL, PUNITIVE OR EXEMPLARY +DAMAGES ARISING OUT OF THIS LICENSE OR THE USE OF THE WORK, EVEN IF +LICENSOR HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. + +*7. Termination* + + 1. This License and the rights granted hereunder will terminate + automatically upon any breach by You of the terms of this License. + Individuals or entities who have received Derivative Works or + Collective Works from You under this License, however, will not + have their licenses terminated provided such individuals or + entities remain in full compliance with those licenses. Sections + 1, 2, 5, 6, 7, and 8 will survive any termination of this License. + 2. Subject to the above terms and conditions, the license granted + here is perpetual (for the duration of the applicable copyright in + the Work). Notwithstanding the above, Licensor reserves the right + to release the Work under different license terms or to stop + distributing the Work at any time; provided, however that any such + election will not serve to withdraw this License (or any other + license that has been, or is required to be, granted under the + terms of this License), and this License will continue in full + force and effect unless terminated as stated above. + +*8. Miscellaneous* + + 1. Each time You distribute or publicly digitally perform the Work or + a Collective Work, the Licensor offers to the recipient a license + to the Work on the same terms and conditions as the license + granted to You under this License. + 2. Each time You distribute or publicly digitally perform a + Derivative Work, Licensor offers to the recipient a license to the + original Work on the same terms and conditions as the license + granted to You under this License. + 3. If any provision of this License is invalid or unenforceable under + applicable law, it shall not affect the validity or enforceability + of the remainder of the terms of this License, and without further + action by the parties to this agreement, such provision shall be + reformed to the minimum extent necessary to make such provision + valid and enforceable. + 4. No term or provision of this License shall be deemed waived and no + breach consented to unless such waiver or consent shall be in + writing and signed by the party to be charged with such waiver or + consent. + 5. This License constitutes the entire agreement between the parties + with respect to the Work licensed here. There are no + understandings, agreements or representations with respect to the + Work not specified here. Licensor shall not be bound by any + additional provisions that may appear in any communication from + You. This License may not be modified without the mutual written + agreement of the Licensor and You. + +Creative Commons is not a party to this License, and makes no warranty +whatsoever in connection with the Work. Creative Commons will not be +liable to You or any party on any legal theory for any damages +whatsoever, including without limitation any general, special, +incidental or consequential damages arising in connection to this +license. Notwithstanding the foregoing two (2) sentences, if Creative +Commons has expressly identified itself as the Licensor hereunder, it +shall have all rights and obligations of Licensor. + +Except for the limited purpose of indicating to the public that the Work +is licensed under the CCPL, neither party will use the trademark +"Creative Commons" or any related trademark or logo of Creative Commons +without the prior written consent of Creative Commons. Any permitted use +will be in compliance with Creative Commons' then-current trademark +usage guidelines, as may be published on its website or otherwise made +available upon request from time to time. + +Creative Commons may be contacted at http://creativecommons.org/ +<http://creativecommons.org>. + +« Back to Commons Deed <./> diff --git a/docs/tutorials/bfgwiki2/src/authorization/tutorial/templates/view.pt b/docs/tutorials/bfgwiki2/src/authorization/tutorial/templates/view.pt new file mode 100644 index 000000000..59c21d4eb --- /dev/null +++ b/docs/tutorials/bfgwiki2/src/authorization/tutorial/templates/view.pt @@ -0,0 +1,28 @@ +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" + "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> +<html + xmlns="http://www.w3.org/1999/xhtml" + xmlns:tal="http://xml.zope.org/namespaces/tal"> + +<head> + <meta content="text/html; charset=utf-8" http-equiv="Content-Type"/> + <title>${page.name} - bfg tutorial wiki (based on TurboGears 20-Minute Wiki)</title> + <link rel="stylesheet" type="text/css" + href="${request.application_url}/static/style.css" /> +</head> + +<body> + +<div class="main_content"> +<div style="float:right; width: 10em;"> Viewing +<span tal:replace="page.name">Page Name Goes Here</span> <br/> +You can return to the <a href="${request.application_url}">FrontPage</a>. +<span tal:condition="logged_in"><a href="${request.application_url}/logout">Logout</a></span> +</div> + +<div tal:replace="structure content">Page text goes here.</div> +<p><a tal:attributes="href edit_url" href="">Edit this page</a></p> +</div> + +</body> +</html> diff --git a/docs/tutorials/bfgwiki2/src/authorization/tutorial/tests.py b/docs/tutorials/bfgwiki2/src/authorization/tutorial/tests.py new file mode 100644 index 000000000..8d163ad20 --- /dev/null +++ b/docs/tutorials/bfgwiki2/src/authorization/tutorial/tests.py @@ -0,0 +1,28 @@ +import unittest +from repoze.bfg import testing + +def _initTestingDB(): + from tutorial.models import initialize_sql + session = initialize_sql('sqlite://') + return session + +class TestMyView(unittest.TestCase): + def setUp(self): + testing.cleanUp() + _initTestingDB() + + def tearDown(self): + testing.cleanUp() + + def _callFUT(self, context, request): + from tutorial.views import my_view + return my_view(context, request) + + def test_it(self): + request = testing.DummyRequest() + context = testing.DummyModel() + renderer = testing.registerDummyRenderer('templates/mytemplate.pt') + response = self._callFUT(context, request) + self.assertEqual(renderer.root.name, 'root') + self.assertEqual(renderer.request, request) + self.assertEqual(renderer.project, 'tutorial') diff --git a/docs/tutorials/bfgwiki2/src/authorization/tutorial/utilities.py b/docs/tutorials/bfgwiki2/src/authorization/tutorial/utilities.py new file mode 100644 index 000000000..cc1e0d515 --- /dev/null +++ b/docs/tutorials/bfgwiki2/src/authorization/tutorial/utilities.py @@ -0,0 +1,10 @@ +from repoze.bfg.security import Allow +from repoze.bfg.security import Everyone + +class RoutesContextFactory(object): + __acl__ = [ (Allow, Everyone, 'view'), (Allow, 'editor', 'edit') ] + def __init__(self, **kw): + self.__dict__.update(kw) + + + diff --git a/docs/tutorials/bfgwiki2/src/authorization/tutorial/views.py b/docs/tutorials/bfgwiki2/src/authorization/tutorial/views.py new file mode 100644 index 000000000..b38a9489e --- /dev/null +++ b/docs/tutorials/bfgwiki2/src/authorization/tutorial/views.py @@ -0,0 +1,83 @@ +import re + +from docutils.core import publish_parts + +from webob.exc import HTTPFound + +from routes import url_for + +from repoze.bfg.chameleon_zpt import render_template_to_response +from repoze.bfg.view import static +from repoze.bfg.security import authenticated_userid + +from tutorial.models import DBSession +from tutorial.models import Page + +# regular expression used to find WikiWords +wikiwords = re.compile(r"\b([A-Z]\w+[A-Z]+\w+)") + +static_view = static('templates/static') + +def view_wiki(context, request): + return HTTPFound(location = url_for('view_page', pagename='FrontPage')) + +def view_page(context, request): + session = DBSession() + page = session.query(Page).filter_by(name=context.pagename).one() + + def check(match): + word = match.group(1) + exists = session.query(Page).filter_by(name=word).all() + if exists: + view_url = url_for('view_page', pagename=word) + return '<a href="%s">%s</a>' % (view_url, word) + else: + add_url = url_for('add_page', pagename=word) + return '<a href="%s">%s</a>' % (add_url, word) + + content = publish_parts(page.data, writer_name='html')['html_body'] + content = wikiwords.sub(check, content) + edit_url = url_for('edit_page', pagename=context.pagename) + logged_in = authenticated_userid(request) + return render_template_to_response('templates/view.pt', + request = request, + page = page, + content = content, + logged_in = logged_in, + edit_url = edit_url) + +def add_page(context, request): + name = context.pagename + if 'form.submitted' in request.params: + session = DBSession() + body = request.params['body'] + page = Page(name, body) + session.add(page) + return HTTPFound(location = url_for('view_page', pagename=name)) + save_url = url_for('add_page', pagename=name) + page = Page('', '') + logged_in = authenticated_userid(request) + return render_template_to_response('templates/edit.pt', + request = request, + page = page, + logged_in = logged_in, + save_url = save_url) + +def edit_page(context, request): + name = context.pagename + session = DBSession() + page = session.query(Page).filter_by(name=name).one() + if 'form.submitted' in request.params: + page.data = request.params['body'] + session.add(page) + return HTTPFound(location = url_for('view_page', + pagename=name)) + + logged_in = authenticated_userid(request) + return render_template_to_response('templates/edit.pt', + request = request, + page = page, + logged_in = logged_in, + save_url = url_for('edit_page', + pagename=name), + ) |
