|
|
TurboGears |
Cecil Westerhof schrieb: > With the identity module you go to a login page when you do not have You can set the configuration setting 'identity.failure_url' to a a) if the the user is anonymous (not logged in) and then return different URLs depending on this info. Example (untested): def failure_url(): See the code for 'turbogears.identity.exceptions' (set_identity_errors, As a simpler, but less general alternative, you can test for the Example (also untested): class MyController(controllers.Controller, identity.SecureResource): See also HTH, Chris
> I have been playing with TG for two days now and I must say that untill Yes, you can, but this is a feature of the identity framework that isn't
> now I like it. ;-}
> enough credentials. Is it possible to make a difference between a user
> that is not logged in (login page) and a logged in user that has not
> enough credentials (entry denied)?
really documented well (i.e not at all ;-)).
callable, which will get evaluated every time an IdentityFailure
exception occurs. In this function you can then check
b) what the error message(s) of the IdentityFailure exception are
if (identity.current.not_anonymous and
'foo' in cherrypy.request.identity_errors):
return url('/access_denied')
return url('/login')
IdentityFailure) and turbogears.identity.conditions (Predicate, require)
for particulars.
required permissions *within* your controller method and then just do
the redirect yourself. If you are just redirecting to a "Access denied"
page, you probably don't need to care about retaining request parameters
across redirects.
@expose('bla')
def bla(self):
if not 'foo' in identity.current.permissions:
if identity.current.not_anonymous:
redirect('/access_denied')
raise identity.IdentityFailure
http://docs.turbogears.org/1.0/UsingIdentity#explicit-permission-chec...