summaryrefslogtreecommitdiff
path: root/docs
diff options
context:
space:
mode:
Diffstat (limited to 'docs')
-rw-r--r--docs/narr/security.rst12
1 files changed, 4 insertions, 8 deletions
diff --git a/docs/narr/security.rst b/docs/narr/security.rst
index b01bec903..07b7fe825 100644
--- a/docs/narr/security.rst
+++ b/docs/narr/security.rst
@@ -80,9 +80,8 @@ A simple security policy might look like the following:
""" Return a string ID for the user. """
return self.identify(request).id
- def permits(self, request, context, permission):
+ def permits(self, request, context, identity, permission):
""" Allow access to everything if signed in. """
- identity = self.identify(request)
if identity is not None:
return Allowed('User is signed in.')
else:
@@ -148,9 +147,8 @@ For example, our above security policy can leverage these helpers like so:
def authenticated_userid(self, request):
return self.identify(request).id
- def permits(self, request, context, permission):
+ def permits(self, request, context, identity, permission):
""" Allow access to everything if signed in. """
- identity = self.identify(request)
if identity is not None:
return Allowed('User is signed in.')
else:
@@ -238,9 +236,7 @@ might look like so:
from pyramid.security import Allowed, Denied
class SecurityPolicy:
- def permits(self, request, context, permission):
- identity = self.identify(request)
-
+ def permits(self, request, context, identity, permission):
if identity is None:
return Denied('User is not signed in.')
if identity.role == 'admin':
@@ -330,7 +326,7 @@ object. An implementation might look like this:
from pyramid.authorization import ACLHelper
class SecurityPolicy:
- def permits(self, request, context, permission):
+ def permits(self, request, context, identity, permission):
principals = [Everyone]
if identity is not None:
principals.append(Authenticated)
generated by cgit v1.2.3 (git 2.25.1) at 2026-01-11 23:13:32 +0000