diff options
| author | Chris McDonough <chrism@agendaless.com> | 2008-09-21 00:44:37 +0000 |
|---|---|---|
| committer | Chris McDonough <chrism@agendaless.com> | 2008-09-21 00:44:37 +0000 |
| commit | 64ea2e288d7e6f47075269994319b9331dd09391 (patch) | |
| tree | 54b43683deffe41d40e83e3a7a160c7559c857fe /repoze/bfg/interfaces.py | |
| parent | 3a99b193e9324c516227e2358bf41c2b6bc5a537 (diff) | |
| download | pyramid-64ea2e288d7e6f47075269994319b9331dd09391.tar.gz pyramid-64ea2e288d7e6f47075269994319b9331dd09391.tar.bz2 pyramid-64ea2e288d7e6f47075269994319b9331dd09391.zip | |
- Add ``principals_allowed_by_permission`` API to security module.
Diffstat (limited to 'repoze/bfg/interfaces.py')
| -rw-r--r-- | repoze/bfg/interfaces.py | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/repoze/bfg/interfaces.py b/repoze/bfg/interfaces.py index 6c28c75a7..7647facb4 100644 --- a/repoze/bfg/interfaces.py +++ b/repoze/bfg/interfaces.py @@ -45,8 +45,8 @@ class ISecurityPolicy(Interface): using authentication data """ def permits(context, request, permission): """ Returns True if the combination of the authorization - information in the context and the authentication data in - the request allow the action implied by the permission """ + information in the context and the authentication data in + the request allow the action implied by the permission """ def authenticated_userid(request): """ Return the userid of the currently authenticated user or @@ -57,6 +57,13 @@ class ISecurityPolicy(Interface): This must include the userid of the currently authenticated user if a user is currently authenticated.""" + def principals_allowed_by_permission(context, permission): + """ Return a sequence of principal identifiers allowed by the + ``permission`` in the model implied by ``context``. This + method may not be supported by a given security policy + implementation, in which case, it should raise a + ``NotImplementedError`` exception.""" + class NoAuthorizationInformation(Exception): pass |