From 773a370c590ed82c143aa548f55ab9472601449b Mon Sep 17 00:00:00 2001 From: Michael Merickel Date: Tue, 19 Apr 2011 02:50:27 -0500 Subject: Upgraded the url dispatch tutorials to use add_view. --- docs/tutorials/wiki2/authorization.rst | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) (limited to 'docs/tutorials/wiki2/authorization.rst') diff --git a/docs/tutorials/wiki2/authorization.rst b/docs/tutorials/wiki2/authorization.rst index 64cab30db..d0354af99 100644 --- a/docs/tutorials/wiki2/authorization.rst +++ b/docs/tutorials/wiki2/authorization.rst @@ -97,25 +97,25 @@ We'll also change ``__init__.py``, adding a call to :term:`view callable`. This is also known as a :term:`forbidden view`: .. literalinclude:: src/authorization/tutorial/__init__.py - :lines: 24-26 + :lines: 41-43 :linenos: :language: python A forbidden view configures our newly created login view to show up when :app:`Pyramid` detects that a view invocation can not be authorized. -We'll also add ``view_permission`` arguments with the value ``edit`` to the -``edit_page`` and ``add_page`` routes. This indicates that the view -callables which these routes reference cannot be invoked without the +We'll also add ``permission`` arguments with the value ``edit`` to the +``edit_page`` and ``add_page`` views. This indicates that the view +callables which these views reference cannot be invoked without the authenticated user possessing the ``edit`` permission with respect to the current context. .. literalinclude:: src/authorization/tutorial/__init__.py - :lines: 32-39 + :lines: 37-40 :linenos: :language: python -Adding these ``view_permission`` arguments causes Pyramid to make the +Adding these ``permission`` arguments causes Pyramid to make the assertion that only users who possess the effective ``edit`` permission at the time of the request may invoke those two views. We've granted the ``group:editors`` principal the ``edit`` permission at the root model via its -- cgit v1.2.3 From 89346583ec29dcc5d973cc807ae9899cf81b06ef Mon Sep 17 00:00:00 2001 From: Kirk Strauser Date: Wed, 20 Apr 2011 13:34:51 -0500 Subject: Fixed typos and added clarifications in a tutorial I was working through the wiki2 tutorial this morning and found some slightly confusing bits. As I went along, I added the suggested changes to my local files to make them match the tutorial's version, but found several times that key parts were missing. I'm not new to Python so this didn't slow me down, but thought some clarifications might help new users. --- docs/tutorials/wiki2/authorization.rst | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) (limited to 'docs/tutorials/wiki2/authorization.rst') diff --git a/docs/tutorials/wiki2/authorization.rst b/docs/tutorials/wiki2/authorization.rst index 64cab30db..aa0e03599 100644 --- a/docs/tutorials/wiki2/authorization.rst +++ b/docs/tutorials/wiki2/authorization.rst @@ -76,7 +76,14 @@ For any :app:`Pyramid` application to perform authorization, we need to add a We'll change our ``__init__.py`` file to enable an ``AuthTktAuthenticationPolicy`` and an ``ACLAuthorizationPolicy`` to enable -declarative security checking. +declarative security checking. We need to import the new policies: + +.. literalinclude:: src/authorization/tutorial/__init__.py + :lines: 2-3,8 + :linenos: + :language: python + +Then, we'll add those policies to the configuration: .. literalinclude:: src/authorization/tutorial/__init__.py :lines: 15-21 @@ -97,13 +104,20 @@ We'll also change ``__init__.py``, adding a call to :term:`view callable`. This is also known as a :term:`forbidden view`: .. literalinclude:: src/authorization/tutorial/__init__.py - :lines: 24-26 + :lines: 24-26,40-42 :linenos: :language: python A forbidden view configures our newly created login view to show up when :app:`Pyramid` detects that a view invocation can not be authorized. +A ``logout`` :term:`view callable` will allow users to log out later: + +.. literalinclude:: src/authorization/tutorial/__init__.py + :lines: 27-28 + :linenos: + :language: python + We'll also add ``view_permission`` arguments with the value ``edit`` to the ``edit_page`` and ``add_page`` routes. This indicates that the view callables which these routes reference cannot be invoked without the -- cgit v1.2.3