From ded6e085fdb6b64d676e96de15e59c0f657c658f Mon Sep 17 00:00:00 2001 From: Patricio Paez Date: Sun, 29 May 2011 16:05:07 -0500 Subject: Improvements to Adding Authorization of the wiki tutorials --- docs/tutorials/wiki/authorization.rst | 18 ++++++++++++++++-- docs/tutorials/wiki2/authorization.rst | 14 +++++++------- 2 files changed, 23 insertions(+), 9 deletions(-) (limited to 'docs/tutorials') diff --git a/docs/tutorials/wiki/authorization.rst b/docs/tutorials/wiki/authorization.rst index e4480d6d9..dbfcb55d5 100644 --- a/docs/tutorials/wiki/authorization.rst +++ b/docs/tutorials/wiki/authorization.rst @@ -32,10 +32,17 @@ Adding Authentication and Authorization Policies We'll change our package's ``__init__.py`` file to enable an ``AuthTktAuthenticationPolicy`` and an ``ACLAuthorizationPolicy`` to enable -declarative security checking. When you're done, your ``__init__.py`` will -look like so: +declarative security checking. We need to import the new policies: + +.. literalinclude:: src/authorization/tutorial/__init__.py + :lines: 4-5,8 + :linenos: + :language: python + +Then, we'll add those policies to the configuration: .. literalinclude:: src/authorization/tutorial/__init__.py + :lines: 16-18,26-28 :linenos: :language: python @@ -46,6 +53,13 @@ by this policy: it is required. The ``callback`` is a reference to a ``groupfinder`` function in the ``tutorial`` package's ``security.py`` file. We haven't added that module yet, but we're about to. +When you're done, your ``__init__.py`` will +look like so: + +.. literalinclude:: src/authorization/tutorial/__init__.py + :linenos: + :language: python + Adding ``security.py`` ~~~~~~~~~~~~~~~~~~~~~~ diff --git a/docs/tutorials/wiki2/authorization.rst b/docs/tutorials/wiki2/authorization.rst index b1d3b0001..43231287d 100644 --- a/docs/tutorials/wiki2/authorization.rst +++ b/docs/tutorials/wiki2/authorization.rst @@ -9,8 +9,8 @@ view, edit, and add pages to our wiki. For purposes of demonstration we'll change our application to allow only people whom possess a specific username (`editor`) to add and edit wiki pages but we'll continue allowing anyone with access to the server to view pages. -:app:`Pyramid` provides facilities for *authorization* and -*authentication*. We'll make use of both features to provide security +:app:`Pyramid` provides facilities for :term:`authorization` and +:term:`authentication`. We'll make use of both features to provide security to our application. The source code for this tutorial stage can be browsed at @@ -147,7 +147,7 @@ and adding views, your application's ``__init__.py`` will look like this: :language: python Adding ``security.py`` -~~~~~~~~~~~~~~~~~~~~~~ +---------------------- Add a ``security.py`` module within your package (in the same directory as :file:`__init__.py`, :file:`views.py`, etc) with the following content: @@ -176,7 +176,7 @@ and the permission associated with the ``add_page`` and ``edit_page`` views, the ``editor`` user should be able to add and edit pages. Adding Login and Logout Views -~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +----------------------------- We'll add a ``login`` view callable which renders a login form and processes the post from the login form, checking credentials. @@ -195,7 +195,7 @@ content: :language: python Changing Existing Views -~~~~~~~~~~~~~~~~~~~~~~~ +----------------------- Then we need to change each of our ``view_page``, ``edit_page`` and ``add_page`` views in ``views.py`` to pass a "logged in" parameter to its @@ -221,7 +221,7 @@ We'll then change the return value of these views to pass the `resulting edit_url = edit_url) Adding the ``login.pt`` Template -~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +-------------------------------- Add a ``login.pt`` template to your templates directory. It's referred to within the login view we just added to ``login.py``. @@ -230,7 +230,7 @@ referred to within the login view we just added to ``login.py``. :language: xml Change ``view.pt`` and ``edit.pt`` -~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +---------------------------------- We'll also need to change our ``edit.pt`` and ``view.pt`` templates to display a "Logout" link if someone is logged in. This link will -- cgit v1.2.3