diff options
| -rw-r--r-- | CHANGES.txt | 6 | ||||
| -rw-r--r-- | docs/narr/security.rst | 7 | ||||
| -rw-r--r-- | pyramid/config.py | 14 |
3 files changed, 25 insertions, 2 deletions
diff --git a/CHANGES.txt b/CHANGES.txt index d591a437f..68e83ea08 100644 --- a/CHANGES.txt +++ b/CHANGES.txt @@ -11,6 +11,12 @@ Bug Fixes - ``pyramid.view.append_slash_notfound_view`` now preserves GET query parameters across redirects. +Documentation +------------- + +- Beef up documentation related to ``set_default_permission``: explicitly + mention that default permissions also protect exception views. + 1.0b2 (2011-01-24) ================== diff --git a/docs/narr/security.rst b/docs/narr/security.rst index 783810734..8b3427675 100644 --- a/docs/narr/security.rst +++ b/docs/narr/security.rst @@ -204,6 +204,13 @@ When a default permission is registered: and the view is registered *without* a permission (making it available to all callers regardless of their credentials). +.. warning:: + + When you register a default permission, *all* views (even :term:`exception + view` views) are protected by a permission. For all views which are truly + meant to be anonymously accessible, you will need to associate the view's + configuration with the ``__no_permission_required__`` permission. + .. index:: single: ACL single: access control list diff --git a/pyramid/config.py b/pyramid/config.py index 4e2c5f3b5..28467caab 100644 --- a/pyramid/config.py +++ b/pyramid/config.py @@ -2047,10 +2047,20 @@ class Configurator(object): declare a permission will be executable by entirely anonymous users (any authorization policy is ignored). - Later calls to this method override earlier calls; there can - be only one default permission active at a time within an + Later calls to this method override will conflict with earlier calls; + there can be only one default permission active at a time within an application. + .. warning:: + + If a default permission is in effect, view configurations meant to + create a truly anonymously accessible view (even :term:`exception + view` views) *must* use the explicit permission string + ``__no_permission_required__`` as the permission. When this string + is used as the ``permission`` for a view configuration, the default + permission is ignored, and the view is registered, making it + available to all callers regardless of their credentials. + See also :ref:`setting_a_default_permission`. .. note:: Using the ``default_permission`` argument to the |