Warning: Can't synchronize with repository "(default)" (Unsupported version control system "svn": No module named svn). Look in the Trac log for more information.

Ticket #1391 (closed enhancement: worksforme)

Opened 12 years ago

Last modified 12 years ago

Nocheck predicate for SecureResource controllers

Reported by: renier Owned by: anonymous
Priority: normal Milestone: 1.0.3
Component: Identity Version: 1.0.2
Severity: normal Keywords:
Cc:

Description

Currently, controllers that subclass SecureResource? must have a valid require attribute. The problem is that if you want to serve your application at the root URL, you need a login method that is not protected within the controller. This is currently not possible.

To add flexibility to which methods you want to secure withing a subclass of SecureResource?, you either have to reverse http://trac.turbogears.org/changeset/2845 and replace with some warnig, or add a predicate that does not check anything (as in the attached patch) so that you can go back to specifying @identity.requires per method.

Attachments

conditions.py.nocheck.diff Download (510 bytes) - added by renier 12 years ago.
nocheck predicate

Change History

Changed 12 years ago by renier

nocheck predicate

comment:1 Changed 12 years ago by renier

  • Component changed from TurboGears to Identity

comment:2 Changed 12 years ago by renier

  • Status changed from new to closed
  • Resolution set to worksforme

I found that the way to do what I want now is by not subclassing SecureResource? (which eliminates the need for a require attribute) in my root controler and changing the following line in start-myproject.py:

start_server(Root())

to:

start_server(SecureObject?(Root(), identity.not_anonymous(), login?))

Using SecureObject? to wrap around my root controller, I can specify the require attribute on object instantiation along with a list of methods to be excluded from the require attribute (e.g. login). Also, SecureObject?, like SecureResource?, catches Identity exceptions if you are doing your own identity checks inside the methods.

--Renier

Note: See TracTickets for help on using tickets.