blob: 7bf245500afffb6864cfc1616e4e93cbfa9ea103 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
|
.. _authorization_module:
:mod:`pyramid.authorization`
-------------------------------
.. automodule:: pyramid.authorization
.. autoclass:: ACLHelper
:members:
.. autoclass:: ACLAuthorizationPolicy
Constants
---------
.. attribute:: Everyone
The special principal id named ``Everyone``. This principal id is
granted to all requests. Its actual value is the string
``'system.Everyone'``.
.. attribute:: Authenticated
The special principal id named ``Authenticated``. This principal id
is granted to all requests which contain any other non-Everyone
principal id (according to the :term:`authentication policy`).
Its actual value is the string ``'system.Authenticated'``.
.. attribute:: ALL_PERMISSIONS
An object that can be used as the ``permission`` member of an ACE
which matches all permissions unconditionally. For example, an
ACE that uses ``ALL_PERMISSIONS`` might be composed like so:
``('Deny', 'system.Everyone', ALL_PERMISSIONS)``.
.. attribute:: DENY_ALL
A convenience shorthand ACE that defines ``('Deny',
'system.Everyone', ALL_PERMISSIONS)``. This is often used as the
last ACE in an ACL in systems that use an "inheriting" security
policy, representing the concept "don't inherit any other ACEs".
Return Values
-------------
.. autoclass:: ACLDenied
:members: msg
.. automethod:: __new__
.. autoclass:: ACLAllowed
:members: msg
.. automethod:: __new__
|
