Orkut Gmail Calendar Documents Web more »
Recently Visited Groups | Help | Sign in
Google Groups Home
TurboGears
Home
+ new post
Pages
Files
About this group
Join this group
Message from discussion No redirect when not enough credentials
The group you are posting to is a Usenet group. Messages posted to this group will make your email address visible to anyone on the Internet.
Your reply message has not been sent.
Your post was successful
 
From:
To:
Cc:
Followup To:
Add Cc | Add Followup-to | Edit Subject
Subject:
Validation:
For verification purposes please type the characters you see in the picture below or the numbers you hear by clicking the accessibility icon. Listen and type the numbers you hear
 
Lukasz Szybalski  
View profile  
 More options Apr 25 2008, 12:28 am
From: "Lukasz Szybalski" <szybal...@gmail.com>
Date: Thu, 24 Apr 2008 13:58:58 -0500
Local: Fri, Apr 25 2008 12:28 am
Subject: Re: [TurboGears] Re: No redirect when not enough credentials
Forward | Print | View thread | Show original | Report this message | Find messages by this author
On Thu, Apr 24, 2008 at 9:44 AM, Christopher Arndt <chris.ar...@web.de> wrote:

>  Cecil Westerhof schrieb:

> > I have been playing with TG for two days now and I must say that untill
>  > now I like it. ;-}

>  > With the identity module you go to a login page when you do not have
>  > enough credentials. Is it possible to make a difference between a user
>  > that is not logged in (login page) and a logged in user that has not
>  > enough credentials (entry denied)?

>  Yes, you can, but this is a feature of the identity framework that isn't
>  really documented well (i.e not at all ;-)).

>  You can set the configuration setting 'identity.failure_url' to a
>  callable, which will get evaluated every time an IdentityFailure
>  exception occurs. In this function you can then check

>  a) if the the user is anonymous (not logged in)
>  b) what the error message(s) of the IdentityFailure exception are

>  and then return different URLs depending on this info.

>  Example (untested):

>  def failure_url():
>      if (identity.current.not_anonymous and
>         'foo' in cherrypy.request.identity_errors):
>         return url('/access_denied')
>      return url('/login')

>  See the code for 'turbogears.identity.exceptions' (set_identity_errors,
>  IdentityFailure) and turbogears.identity.conditions (Predicate, require)
>  for particulars.

>  As a simpler, but less general alternative, you can test for the
>  required permissions *within* your controller method and then just do
>  the redirect yourself. If you are just redirecting to a "Access denied"
>  page, you probably don't need to care about retaining request parameters
>  across redirects.

>  Example (also untested):

>  class MyController(controllers.Controller, identity.SecureResource):
>      @expose('bla')
>      def bla(self):
>          if not 'foo' in identity.current.permissions:
>              if identity.current.not_anonymous:
>                  redirect('/access_denied')
>              raise identity.IdentityFailure

Hello Christopher,
Would be nice if what you wrote here was added to the .py file that
has the code.

http://lucasmanual.com/tgdocs/turbogears.identity.exceptions-pysrc.ht...

Just wondering, what is your / TG project preference when documenting
things like this. I'm sure you could copy what you wrote here in the
email and paste it to turbogears/identity/exceptions.py comment
section, and that would be painless.

Lucas


    Forward  
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
Create a group - Google Groups - Google Home - Terms of Service - Privacy Policy
©2010 Google