Changeset 5769
- Timestamp:
- 11/26/08 11:01:38 (1 month ago)
- Files:
-
- docs/2.0/docs/main/Auth/Authorization.rst (modified) (6 diffs)
- docs/2.0/docs/main/Auth/Customization.rst (modified) (1 diff)
- docs/2.0/docs/main/Auth/index.rst (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
- Modified
- Copied
- Moved
docs/2.0/docs/main/Auth/Authorization.rst
r5760 r5769 78 78 from repoze.what.predicates import not_anonymous 79 79 80 p = not_anonymous(msg=' Please login to access this area')80 p = not_anonymous(msg='Only logged in users can read this post') 81 81 82 82 Or if you have a predicate which is "allow access to root or anyone with the … … 87 87 88 88 p = Any(is_user('root'), has_permission('manage'), 89 msg=' You must be root or have the "manage" permission')89 msg='Only administrators can remove blog posts') 90 90 91 91 As you may have noticed, predicates receive the ``msg`` keyword argument to … … 95 95 messages translatable. 96 96 97 .. note:: 98 99 Good predicate messages don't explain `what` went wrong; instead, they 100 describe the predicate in the current context (regardless of whether 101 the condition is met or not!). This is because such messages may be used in 102 places other than in a user-visible message (e.g., in the log file). 103 104 * Really bad: "Please login to access this area". 105 * Bad: "You cannot delete an user account because you are not an 106 administrator". 107 * OK: "You have to be an administrator to delete user accounts". 108 * Perfect: "Only administrators can delete user accounts". 109 97 110 Below are described the convenient utilities TurboGears provides to deal with 98 111 predicates in your applications. … … 114 127 @expose('yourproject.templates.start_vacations') 115 128 @require(Any(is_user('root'), has_permission('manage'), 116 msg=' You must be root or have the "manage" permission'))129 msg='Only administrators can remove blog posts')) 117 130 def only_for_admins(): 118 131 flash('Hello admin!') … … 218 231 granted to the user. 219 232 233 .. class:: Not(predicate) 234 235 Negate the specified predicate. 236 237 :param predicate: The predicate to be negated. 238 220 239 221 240 Custom single predicate checkers … … 233 252 234 253 class is_month(Predicate): 235 error_message = 'You cannot access this page this month'254 message = 'The current month must be %(right_month)s' 236 255 237 def __init__(self, month, **kwargs):238 self. month =month256 def __init__(self, right_month, **kwargs): 257 self.right_month = right_month 239 258 self.today = date.today() 240 259 super(is_month, self).__init__(**kwargs) 241 260 242 261 def _eval_with_environ(self, environ): 243 if today.month == self.month: 244 return True 245 return False 262 return self.today.month == self.right_month 263 264 .. warning:: 265 266 When you create a predicate, don't try to guess/assume the context in 267 which the predicate is evaluated when you write the predicate message 268 because such a predicate may be used in a different context. 269 270 * Bad: "The software can be released if it's %(right_month)s". 271 * Good: "The current month must be %(right_month)s". 246 272 247 273 If you defined that class in, say, ``{yourproject}.lib.auth``, you may use it docs/2.0/docs/main/Auth/Customization.rst
r5761 r5769 1 1 Customizing authentication and authorization 2 2 ============================================ 3 4 .. module:: repoze.what.plugins.quickstart 5 :synopsis: Configuring the repoze.what quickstart 3 6 4 7 :Status: Official docs/2.0/docs/main/Auth/index.rst
r5752 r5769 96 96 <http://www.sqlalchemy.org/>`_-managed database. To implement it on an 97 97 existing project, or customize the model structure assumed by it, you have to 98 read the documentation for :mod:`repoze.what. quickstart`.98 read the documentation for :mod:`repoze.what.plugins.quickstart`. 99 99 100 100
