diff options
| -rw-r--r-- | repoze/bfg/authorization.py | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/repoze/bfg/authorization.py b/repoze/bfg/authorization.py index 05214162e..9ba9eae40 100644 --- a/repoze/bfg/authorization.py +++ b/repoze/bfg/authorization.py @@ -39,11 +39,11 @@ class ACLAuthorizationPolicy(object): :class:`repoze.bfg.security.ACLDenied` (equals ``False``). - When computing principals allowed by a permission via the - ``principals_allowed_by_permission``` method, we compute the set - of principals that are explicitly granted the ``permission`` in - the provided ``context``. We do this by walking 'up' the object - graph *from the root* to the context. During this walking - process, if we find an explicit + :func:`repoze.bfg.security.principals_allowed_by_permission` + method, we compute the set of principals that are explicitly + granted the ``permission`` in the provided ``context``. We do + this by walking 'up' the object graph *from the root* to the + context. During this walking process, if we find an explicit :data:`repoze.bfg.security.Allow` ACE for a principal that matches the ``permission``, the principal is included in the allow list. However, if later in the walking process that |