Warning: Can't synchronize with repository "(default)" (Unsupported version control system "svn": No module named svn). Look in the Trac log for more information.

Ticket #1391 (closed enhancement: worksforme)

Opened 12 years ago

Last modified 12 years ago

Nocheck predicate for SecureResource controllers

Reported by: renier Owned by: anonymous
Priority: normal Milestone: 1.0.3
Component: Identity Version: 1.0.2
Severity: normal Keywords:


Currently, controllers that subclass SecureResource? must have a valid require attribute. The problem is that if you want to serve your application at the root URL, you need a login method that is not protected within the controller. This is currently not possible.

To add flexibility to which methods you want to secure withing a subclass of SecureResource?, you either have to reverse http://trac.turbogears.org/changeset/2845 and replace with some warnig, or add a predicate that does not check anything (as in the attached patch) so that you can go back to specifying @identity.requires per method.


conditions.py.nocheck.diff Download (510 bytes) - added by renier 12 years ago.
nocheck predicate

Change History

Changed 12 years ago by renier

nocheck predicate

comment:1 Changed 12 years ago by renier

  • Component changed from TurboGears to Identity

comment:2 Changed 12 years ago by renier

  • Status changed from new to closed
  • Resolution set to worksforme

I found that the way to do what I want now is by not subclassing SecureResource? (which eliminates the need for a require attribute) in my root controler and changing the following line in start-myproject.py:



start_server(SecureObject?(Root(), identity.not_anonymous(), login?))

Using SecureObject? to wrap around my root controller, I can specify the require attribute on object instantiation along with a list of methods to be excluded from the require attribute (e.g. login). Also, SecureObject?, like SecureResource?, catches Identity exceptions if you are doing your own identity checks inside the methods.


Note: See TracTickets for help on using tickets.