Warning: Can't synchronize with repository "(default)" (Unsupported version control system "svn": No module named svn). Look in the Trac log for more information.

Changes between Version 34 and Version 35 of IdentityManagement


Ignore:
Timestamp:
04/04/06 12:14:32 (13 years ago)
Author:
fredlin
Comment:

divide to 3 part

Legend:

Unmodified
Added
Removed
Modified
  • IdentityManagement

    v34 v35  
    88 
    99This How To is written from the perspective of a fresh quick-started project, but most everything applies for existing projects. 
     10 
     11== PART 1 == 
    1012 
    1113== Use Identity in Controller == 
     
    120122---- 
    121123 
     124== API == 
     125 
     126=== Single Permission Control === 
     127 
     128You need to use the permission control functions in the {{{identity}}} namespace. For example: 
     129 
     130==== Restrict access groups ==== 
     131{{{ 
     132#!python 
     133@identity.require( identity.in_group( "admin" ) ) 
     134}}} 
     135 
     136Many people wanted something more flexible, any of the following are valid require decorators: 
     137 
     138{{{ 
     139#!python 
     140@identity.require( identity.in_all_groups( "admin", "editor" ) ) 
     141 
     142@identity.require( identity.in_any_group( "admin", "editor" ) ) 
     143}}} 
     144 
     145==== Restrict access permissions ==== 
     146 
     147{{{ 
     148#!python 
     149@identity.require( identity.has_permission( "edit" ) ) 
     150 
     151@identity.require( identity.has_all_permissions( "edit", "delete", "update" ) ) 
     152 
     153@identity.require( identity.has_any_permission( "edit", "delete", "update" ) ) 
     154}}} 
     155 
     156=== Combination Permission Control === 
     157 
     158You can use decorators like theses: 
     159 
     160{{{ 
     161#!python 
     162     @identity.require( Any( identity.in_group( "admin" ), identity.has_permission( "edit" ) ) ) 
     163}}} 
     164 
     165The require decorator checked whether the visitor was a member of the  
     166admin group AND had the permission foo AND had the permission bar. 
     167 
     168{{{ 
     169#!python 
     170     @identity.require( All( identity.from_host( "127.0.0.1" ), identity.has_permission( "edit" ) ) ) 
     171 
     172     @identity.require( All( identity.from_any_host( "127.0.0.1", "10.0.0.1", identity.in_group("editor" ) ) ) 
     173}}} 
     174 
     175 
     176---- 
     177 
     178 
     179 
     180== PART 2 == 
     181 
    122182== Use Identity in templates == 
    123183Identity checks can also be used in kid templates to control the present of stricted areas or links(within any html element). 
     
    144204<div py:if="'write' in identity.current.permissions">This is a write permissions area</div> 
    145205}}} 
    146  
    147 ---- 
    148  
    149 == API == 
    150  
    151 === Single Permission Control === 
    152  
    153 You need to use the permission control functions in the {{{identity}}} namespace. For example: 
    154  
    155 ==== Restrict access groups ==== 
    156 {{{ 
    157 #!python 
    158 @identity.require( identity.in_group( "admin" ) ) 
    159 }}} 
    160  
    161 Many people wanted something more flexible, any of the following are valid require decorators: 
    162  
    163 {{{ 
    164 #!python 
    165 @identity.require( identity.in_all_groups( "admin", "editor" ) ) 
    166  
    167 @identity.require( identity.in_any_group( "admin", "editor" ) ) 
    168 }}} 
    169  
    170 ==== Restrict access permissions ==== 
    171  
    172 {{{ 
    173 #!python 
    174 @identity.require( identity.has_permission( "edit" ) ) 
    175  
    176 @identity.require( identity.has_all_permissions( "edit", "delete", "update" ) ) 
    177  
    178 @identity.require( identity.has_any_permission( "edit", "delete", "update" ) ) 
    179 }}} 
    180  
    181 === Combination Permission Control === 
    182  
    183 You can use decorators like theses: 
    184  
    185 {{{ 
    186 #!python 
    187      @identity.require( Any( identity.in_group( "admin" ), identity.has_permission( "edit" ) ) ) 
    188 }}} 
    189  
    190 The require decorator checked whether the visitor was a member of the  
    191 admin group AND had the permission foo AND had the permission bar. 
    192  
    193 {{{ 
    194 #!python 
    195      @identity.require( All( identity.from_host( "127.0.0.1" ), identity.has_permission( "edit" ) ) ) 
    196  
    197      @identity.require( All( identity.from_any_host( "127.0.0.1", "10.0.0.1", identity.in_group("editor" ) ) ) 
    198 }}} 
    199  
    200  
    201 ---- 
    202  
    203  
    204  
    205 == Extend == 
    206206 
    207207=== Strict the group Access === 
     
    261261 
    262262 
    263  
     263== PART 3 == 
    264264 
    265265=== Use different classes ===