Features

- The ``BFG_DEBUG_AUTHORIZATION`` envvar and the ``debug_authorization`` config file value now only imply debugging of view-invoked security checks. Previously, information was printed for every call to ``has_permission`` as well, which made output confusing. To debug ``has_permission`` checks and other manual permission checks, use the debugger and print statements in your own code. - Authorization debugging info is now only present in the HTTP response body oif ``debug_authorization`` is true. - The format of authorization debug messages was improved. - A new ``BFG_DEBUG_NOTFOUND`` envvar was added and a symmetric ``debug_notfound`` config file value was added. When either is true, and a NotFound response is returned by the BFG router (because a view could not be found), debugging information is printed to stderr. When this value is set true, the body of HTTPNotFound responses will also contain the same debugging information. - ``Allowed`` and ``Denied`` responses from the security machinery are now specialized into two types: ACL types, and non-ACL types. The ACL-related responses are instances of ``repoze.bfg.security.ACLAllowed`` and ``repoze.bfg.security.ACLDenied``. The non-ACL-related responses are ``repoze.bfg.security.Allowed`` and ``repoze.bfg.security.Denied``. The allowed-type responses continue to evaluate equal to things that themselves evaluate equal to the ``True`` boolean, while the denied-type responses continue to evaluate equal to things that themselves evaluate equal to the ``False`` boolean. The only difference between the two types is the information attached to them for debugging purposes. - Added a new ``BFG_DEBUG_ALL`` envvar and a symmetric ``debug_all`` config file value. When either is true, all other debug-related flags are set true unconditionally (e.g. ``debug_notfound`` and ``debug_authorization``). Documentation - Added info about debug flag changes. - Added a section to the security chapter named "Debugging Imperative Authorization Failures" (for e.g. ``has_permssion``).
author: Chris McDonough <chrism@agendaless.com> 2008-11-02 17:27:33 +0000
committer: Chris McDonough <chrism@agendaless.com> 2008-11-02 17:27:33 +0000
commit: 17ce5747ea36df10ec78e0af7140b55f691f5016 (patch)
tree: 10c3a5ca6b460c59ecd72d29a4e2db587ce550e8 /repoze/bfg/view.py
parent: 2fc5d11826931435cfb42e2f334391c783f31f1d (diff)
download: pyramid-17ce5747ea36df10ec78e0af7140b55f691f5016.tar.gz
pyramid-17ce5747ea36df10ec78e0af7140b55f691f5016.tar.bz2
pyramid-17ce5747ea36df10ec78e0af7140b55f691f5016.zip
1 files changed, 26 insertions, 8 deletions
diff --git a/repoze/bfg/view.py b/repoze/bfg/view.py
index 0012019e7..ae4f304f0 100644
--- a/repoze/bfg/view.py
+++ b/repoze/bfg/view.py
@@ -4,10 +4,31 @@ from zope.component import queryUtility
 from repoze.bfg.interfaces import ISecurityPolicy
 from repoze.bfg.interfaces import IViewPermission
 from repoze.bfg.interfaces import IView
+
 from repoze.bfg.security import Unauthorized
+from repoze.bfg.security import Allowed
 
 _marker = ()
 
+def view_execution_permitted(context, request, name=''):
+    """ If the view specified by ``context`` and ``name`` is protected
+    by a permission, return the result of checking the permission
+    associated with the view using the effective security policy and
+    the ``request``.  If no security policy is in effect, or if the
+    view is not protected by a permission, return a True value. """
+    security_policy = queryUtility(ISecurityPolicy)
+    if security_policy:
+        permission = queryMultiAdapter((context, request), IViewPermission,
+                                       name=name)
+        if permission is None:
+            return Allowed(
+                'Allowed: view name %r in context %r (no permission '
+                'registered for name %r).' % (name, context, name)
+                )
+        return permission(security_policy)
+    return Allowed('Allowed: view name %r in context %r (no security policy '
+                   'in use).' % (name, context))
+
 def render_view_to_response(context, request, name='', secure=True):
     """ Render the view named ``name`` against the specified
     ``context`` and ``request`` to an object implementing
@@ -24,16 +45,13 @@ def render_view_to_response(context, request, name='', secure=True):
     ``args`` attribute explains why the view access was disallowed.
     If ``secure`` is ``False``, no permission checking is done."""
     if secure:
-        security_policy = queryUtility(ISecurityPolicy)
-        if security_policy:
-            permission = queryMultiAdapter((context, request), IViewPermission,
-                                           name=name)
-            if permission is not None:
-                result = permission(security_policy)
-                if not result:
-                    raise Unauthorized(result)
+        permitted = view_execution_permitted(context, request, name)
+        if not permitted:
+            raise Unauthorized(permitted)
+
     response = queryMultiAdapter((context, request), IView, name=name,
                                  default=_marker)
+
     if response is _marker:
         return None
author	Chris McDonough <chrism@agendaless.com>	2008-11-02 17:27:33 +0000
committer	Chris McDonough <chrism@agendaless.com>	2008-11-02 17:27:33 +0000
commit	17ce5747ea36df10ec78e0af7140b55f691f5016 (patch)
tree	10c3a5ca6b460c59ecd72d29a4e2db587ce550e8 /repoze/bfg/view.py
parent	2fc5d11826931435cfb42e2f334391c783f31f1d (diff)
download	pyramid-17ce5747ea36df10ec78e0af7140b55f691f5016.tar.gz pyramid-17ce5747ea36df10ec78e0af7140b55f691f5016.tar.bz2 pyramid-17ce5747ea36df10ec78e0af7140b55f691f5016.zip