summaryrefslogtreecommitdiff
path: root/docs/tutorials
diff options
context:
space:
mode:
Diffstat (limited to 'docs/tutorials')
-rw-r--r--docs/tutorials/wiki/authorization.rst28
-rw-r--r--docs/tutorials/wiki/src/authorization/tutorial/views.py8
-rw-r--r--docs/tutorials/wiki/src/tests/tutorial/views.py8
-rw-r--r--docs/tutorials/wiki2/authorization.rst26
-rw-r--r--docs/tutorials/wiki2/src/authorization/tutorial/views.py8
-rw-r--r--docs/tutorials/wiki2/src/tests/tutorial/views.py8
6 files changed, 48 insertions, 38 deletions
diff --git a/docs/tutorials/wiki/authorization.rst b/docs/tutorials/wiki/authorization.rst
index 8f583ece7..c1be2cc72 100644
--- a/docs/tutorials/wiki/authorization.rst
+++ b/docs/tutorials/wiki/authorization.rst
@@ -132,14 +132,14 @@ We'll add these views to the existing ``views.py`` file we have in our
project. Here's what the ``login`` view callable will look like:
.. literalinclude:: src/authorization/tutorial/views.py
- :lines: 83-111
+ :lines: 86-113
:linenos:
:language: python
Here's what the ``logout`` view callable will look like:
.. literalinclude:: src/authorization/tutorial/views.py
- :lines: 113-117
+ :lines: 115-119
:linenos:
:language: python
@@ -149,18 +149,18 @@ different :term:`view configuration` for the ``login`` view callable.
The first view configuration decorator configures the ``login`` view callable
so it will be invoked when someone visits ``/login`` (when the context is a
-Wiki and the view name is ``login``). The second decorator (with context of
-``pyramid.httpexceptions.HTTPForbidden``) specifies a :term:`forbidden view`.
-This configures our login view to be presented to the user when
-:app:`Pyramid` detects that a view invocation can not be authorized. Because
-we've configured a forbidden view, the ``login`` view callable will be
-invoked whenever one of our users tries to execute a view callable that they
-are not allowed to invoke as determined by the :term:`authorization policy`
-in use. In our application, for example, this means that if a user has not
-logged in, and he tries to add or edit a Wiki page, he will be shown the
-login form. Before being allowed to continue on to the add or edit form, he
-will have to provide credentials that give him permission to add or edit via
-this login form.
+Wiki and the view name is ``login``). The second decorator, named
+``forbidden_view_config`` specifies a :term:`forbidden view`. This
+configures our login view to be presented to the user when :app:`Pyramid`
+detects that a view invocation can not be authorized. Because we've
+configured a forbidden view, the ``login`` view callable will be invoked
+whenever one of our users tries to execute a view callable that they are not
+allowed to invoke as determined by the :term:`authorization policy` in use.
+In our application, for example, this means that if a user has not logged in,
+and he tries to add or edit a Wiki page, he will be shown the login form.
+Before being allowed to continue on to the add or edit form, he will have to
+provide credentials that give him permission to add or edit via this login
+form.
Note that we're relying on some additional imports within the bodies of these
views (e.g. ``remember`` and ``forget``). We'll see a rendering of the
diff --git a/docs/tutorials/wiki/src/authorization/tutorial/views.py b/docs/tutorials/wiki/src/authorization/tutorial/views.py
index 2f0502c17..fcbe6fe25 100644
--- a/docs/tutorials/wiki/src/authorization/tutorial/views.py
+++ b/docs/tutorials/wiki/src/authorization/tutorial/views.py
@@ -3,7 +3,10 @@ import re
from pyramid.httpexceptions import HTTPFound
-from pyramid.view import view_config
+from pyramid.view import (
+ view_config,
+ forbidden_view_config,
+ )
from pyramid.security import (
authenticated_userid,
@@ -82,8 +85,7 @@ def edit_page(context, request):
@view_config(context='.models.Wiki', name='login',
renderer='templates/login.pt')
-@view_config(context='pyramid.httpexceptions.HTTPForbidden',
- renderer='templates/login.pt')
+@forbidden_view_config(renderer='templates/login.pt')
def login(request):
login_url = request.resource_url(request.context, 'login')
referrer = request.url
diff --git a/docs/tutorials/wiki/src/tests/tutorial/views.py b/docs/tutorials/wiki/src/tests/tutorial/views.py
index 2f0502c17..fcbe6fe25 100644
--- a/docs/tutorials/wiki/src/tests/tutorial/views.py
+++ b/docs/tutorials/wiki/src/tests/tutorial/views.py
@@ -3,7 +3,10 @@ import re
from pyramid.httpexceptions import HTTPFound
-from pyramid.view import view_config
+from pyramid.view import (
+ view_config,
+ forbidden_view_config,
+ )
from pyramid.security import (
authenticated_userid,
@@ -82,8 +85,7 @@ def edit_page(context, request):
@view_config(context='.models.Wiki', name='login',
renderer='templates/login.pt')
-@view_config(context='pyramid.httpexceptions.HTTPForbidden',
- renderer='templates/login.pt')
+@forbidden_view_config(renderer='templates/login.pt')
def login(request):
login_url = request.resource_url(request.context, 'login')
referrer = request.url
diff --git a/docs/tutorials/wiki2/authorization.rst b/docs/tutorials/wiki2/authorization.rst
index b1d0bf37c..900bf0975 100644
--- a/docs/tutorials/wiki2/authorization.rst
+++ b/docs/tutorials/wiki2/authorization.rst
@@ -159,33 +159,35 @@ logged in user and redirect back to the front page.
The ``login`` view callable will look something like this:
.. literalinclude:: src/authorization/tutorial/views.py
- :lines: 87-113
+ :lines: 89-115
:linenos:
:language: python
The ``logout`` view callable will look something like this:
.. literalinclude:: src/authorization/tutorial/views.py
- :lines: 115-119
+ :lines: 117-121
:linenos:
:language: python
-The ``login`` view callable is decorated with two ``@view_config``
-decorators, one which associates it with the ``login`` route, the other which
-associates it with the ``HTTPForbidden`` context. The one which associates
-it with the ``login`` route makes it visible when we visit ``/login``. The
-one which associates it with the ``HTTPForbidden`` context makes it the
-:term:`forbidden view`. The forbidden view is displayed whenever Pyramid or
-your application raises an HTTPForbidden exception. In this case, we'll be
-relying on the forbidden view to show the login form whenver someone attempts
-to execute an action which they're not yet authorized to perform.
+The ``login`` view callable is decorated with two decorators, a
+``@view_config`` decorators, which associates it with the ``login`` route,
+the other a ``@forbidden_view_config`` decorator which turns it in to an
+:term:`exception view` when Pyramid raises a
+:class:`pyramid.httpexceptions.HTTPForbidden` exception. The one which
+associates it with the ``login`` route makes it visible when we visit
+``/login``. The other one makes it a :term:`forbidden view`. The forbidden
+view is displayed whenever Pyramid or your application raises an
+HTTPForbidden exception. In this case, we'll be relying on the forbidden
+view to show the login form whenver someone attempts to execute an action
+which they're not yet authorized to perform.
The ``logout`` view callable is decorated with a ``@view_config`` decorator
which associates it with the ``logout`` route. This makes it visible when we
visit ``/login``.
We'll need to import some stuff to service the needs of these two functions:
-the ``HTTPForbidden`` exception, a number of values from the
+the ``pyramid.view.forbidden_view_config`` class, a number of values from the
``pyramid.security`` module, and a value from our newly added
``tutorial.security`` package.
diff --git a/docs/tutorials/wiki2/src/authorization/tutorial/views.py b/docs/tutorials/wiki2/src/authorization/tutorial/views.py
index 087e6076b..1453cd2e6 100644
--- a/docs/tutorials/wiki2/src/authorization/tutorial/views.py
+++ b/docs/tutorials/wiki2/src/authorization/tutorial/views.py
@@ -4,10 +4,12 @@ from docutils.core import publish_parts
from pyramid.httpexceptions import (
HTTPFound,
HTTPNotFound,
- HTTPForbidden,
)
-from pyramid.view import view_config
+from pyramid.view import (
+ view_config,
+ forbidden_view_config,
+ )
from pyramid.security import (
remember,
@@ -85,7 +87,7 @@ def edit_page(request):
)
@view_config(route_name='login', renderer='templates/login.pt')
-@view_config(context=HTTPForbidden, renderer='templates/login.pt')
+@forbidden_view_config(renderer='templates/login.pt')
def login(request):
login_url = request.route_url('login')
referrer = request.url
diff --git a/docs/tutorials/wiki2/src/tests/tutorial/views.py b/docs/tutorials/wiki2/src/tests/tutorial/views.py
index 375f1f5a5..465d98ae1 100644
--- a/docs/tutorials/wiki2/src/tests/tutorial/views.py
+++ b/docs/tutorials/wiki2/src/tests/tutorial/views.py
@@ -4,10 +4,12 @@ from docutils.core import publish_parts
from pyramid.httpexceptions import (
HTTPFound,
HTTPNotFound,
- HTTPForbidden,
)
-from pyramid.view import view_config
+from pyramid.view import (
+ view_config,
+ forbidden_view_config,
+ )
from pyramid.security import (
remember,
@@ -88,7 +90,7 @@ def edit_page(request):
)
@view_config(route_name='login', renderer='templates/login.pt')
-@view_config(context=HTTPForbidden, renderer='templates/login.pt')
+@forbidden_view_config(renderer='templates/login.pt')
def login(request):
login_url = request.route_url('login')
referrer = request.url
generated by cgit v1.2.3 (git 2.25.1) at 2026-01-11 21:41:05 +0000