diff options
Diffstat (limited to 'docs/tutorials/wiki2/authorization.rst')
| -rw-r--r-- | docs/tutorials/wiki2/authorization.rst | 19 |
1 files changed, 9 insertions, 10 deletions
diff --git a/docs/tutorials/wiki2/authorization.rst b/docs/tutorials/wiki2/authorization.rst index d98fb87e4..321f1f9c4 100644 --- a/docs/tutorials/wiki2/authorization.rst +++ b/docs/tutorials/wiki2/authorization.rst @@ -14,7 +14,7 @@ anyone with access to the server to view pages. We will also add a login page and a logout link on all the pages. The login page will be shown when a user is denied -access to any of the views that require a permission, instead of +access to any of the views that require permission, instead of a default "403 Forbidden" page. We will implement the access control with the following steps: @@ -62,7 +62,7 @@ returns one of these values: - If the userid *does not* exist in the system, it will return ``None``. -For example, ``groupfinder('editor', request )`` returns ['group:editor'], +For example, ``groupfinder('editor', request )`` returns ``['group:editor']``, ``groupfinder('viewer', request)`` returns [], and ``groupfinder('admin', request)`` returns ``None``. We will use ``groupfinder()`` as an :term:`authentication policy` "callback" that will provide the :term:`principal` or principals @@ -151,12 +151,12 @@ Now add those policies to the configuration: (Only the highlighted lines need to be added.) -We are enabling an ``AuthTktAuthenticationPolicy``, it is based in an -auth ticket that may be included in the request, and an -``ACLAuthorizationPolicy`` that uses an ACL to determine the allow or deny -outcome for a view. +We are enabling an ``AuthTktAuthenticationPolicy``, which is based in an +auth ticket that may be included in the request. +We are also enabling an ``ACLAuthorizationPolicy``, which uses an ACL to +determine the *allow* or *deny* outcome for a view. -Note that the :class:`pyramid.authentication.AuthTktAuthenticationPolicy` +Note that the :class:`~pyramid.authentication.AuthTktAuthenticationPolicy` constructor accepts two arguments: ``secret`` and ``callback``. ``secret`` is a string representing an encryption key used by the "authentication ticket" machinery represented by this policy: it is required. The ``callback`` is the @@ -303,9 +303,8 @@ like this: (Only the highlighted line needs to be added.) -:meth:`~pyramid.security.authenticated_userid()` will return None -if the user is not authenticated, or some user id it the user -is authenticated. +The :meth:`~pyramid.security.authenticated_userid` method will return None +if the user is not authenticated. Add a "Logout" link when logged in ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |