From b6d38775646efb551f790da948fefb9b25422be8 Mon Sep 17 00:00:00 2001 From: Theron Luhn Date: Sat, 7 Nov 2020 11:26:02 -0800 Subject: Remove `request.user` for wiki2 authorization tutorial. --- docs/tutorials/wiki2/authorization.rst | 4 ++-- docs/tutorials/wiki2/src/authorization/tutorial/security.py | 2 -- .../wiki2/src/authorization/tutorial/templates/layout.jinja2 | 4 ++-- docs/tutorials/wiki2/src/authorization/tutorial/views/auth.py | 2 +- docs/tutorials/wiki2/src/authorization/tutorial/views/default.py | 2 +- 5 files changed, 6 insertions(+), 8 deletions(-) (limited to 'docs/tutorials') diff --git a/docs/tutorials/wiki2/authorization.rst b/docs/tutorials/wiki2/authorization.rst index 38b9b7373..be3a09664 100644 --- a/docs/tutorials/wiki2/authorization.rst +++ b/docs/tutorials/wiki2/authorization.rst @@ -5,7 +5,7 @@ Adding authorization ==================== In the last chapter we built :term:`authentication` into our wiki. We also -went one step further and used the ``request.user`` object to perform some +went one step further and used the ``request.identity`` object to perform some explicit :term:`authorization` checks. This is fine for a lot of applications, but :app:`Pyramid` provides some facilities for cleaning this up and decoupling the constraints from the view function itself. @@ -24,7 +24,7 @@ We will implement access control with the following steps: Add ACL support --------------- -A :term:`principal` is a level of abstraction on top of the raw :term:`userid` +A :term:`principal` is a level of abstraction on top of the raw :term:`identity` that describes the user in terms of its capabilities, roles, or other identifiers that are easier to generalize. The permissions are then written against the principals without focusing on the exact user involved. diff --git a/docs/tutorials/wiki2/src/authorization/tutorial/security.py b/docs/tutorials/wiki2/src/authorization/tutorial/security.py index 4f79195ef..18f0bd4c7 100644 --- a/docs/tutorials/wiki2/src/authorization/tutorial/security.py +++ b/docs/tutorials/wiki2/src/authorization/tutorial/security.py @@ -59,5 +59,3 @@ def includeme(config): config.set_default_csrf_options(require_csrf=True) config.set_security_policy(MySecurityPolicy(settings['auth.secret'])) - config.add_request_method( - lambda request: request.identity, 'user', property=True) diff --git a/docs/tutorials/wiki2/src/authorization/tutorial/templates/layout.jinja2 b/docs/tutorials/wiki2/src/authorization/tutorial/templates/layout.jinja2 index 64a1db0c5..5d6a23410 100644 --- a/docs/tutorials/wiki2/src/authorization/tutorial/templates/layout.jinja2 +++ b/docs/tutorials/wiki2/src/authorization/tutorial/templates/layout.jinja2 @@ -33,13 +33,13 @@
- {% if request.user is none %} + {% if request.identity is none %}

Login

{% else %}
- {{request.user.name}} + {{request.identity.name}}
diff --git a/docs/tutorials/wiki2/src/authorization/tutorial/views/auth.py b/docs/tutorials/wiki2/src/authorization/tutorial/views/auth.py index e1a564415..e66c68a34 100644 --- a/docs/tutorials/wiki2/src/authorization/tutorial/views/auth.py +++ b/docs/tutorials/wiki2/src/authorization/tutorial/views/auth.py @@ -53,7 +53,7 @@ def logout(request): @forbidden_view_config(renderer='tutorial:templates/403.jinja2') def forbidden_view(exc, request): - if request.user is None: + if request.identity is None: next_url = request.route_url('login', _query={'next': request.url}) return HTTPSeeOther(location=next_url) diff --git a/docs/tutorials/wiki2/src/authorization/tutorial/views/default.py b/docs/tutorials/wiki2/src/authorization/tutorial/views/default.py index 214788357..4a2a66c84 100644 --- a/docs/tutorials/wiki2/src/authorization/tutorial/views/default.py +++ b/docs/tutorials/wiki2/src/authorization/tutorial/views/default.py @@ -56,7 +56,7 @@ def add_page(request): if request.method == 'POST': body = request.params['body'] page = models.Page(name=pagename, data=body) - page.creator = request.user + page.creator = request.identity request.dbsession.add(page) next_url = request.route_url('view_page', pagename=pagename) return HTTPSeeOther(location=next_url) -- cgit v1.2.3