repoze.what.plugins.pylonshq API documentation¶
Utilities to use repoze.what v1 in a Pylons or TurboGears 2 application.
Protectors¶
- class repoze.what.plugins.pylonshq.ActionProtector(predicate, denial_handler=None)¶
Function decorator to set predicate checkers in Pylons/TG2 controller actions.
- default_denial_handler = None
Type : callable The default denial handler.
- __init__(predicate, denial_handler=None)¶
Make repoze.what verify that the predicate is met.
Parameters: - predicate – A repoze.what predicate.
- denial_handler – The callable to be run if authorization is denied (overrides default_denial_handler if defined).
If called, denial_handler will be passed a positional argument which represents a message on why authorization was denied.
- __call__(action_)¶
Return wrap_action() as the decorator for action_.
- wrap_action(action_, *args, **kwargs)¶
Wrap the controller action action_.
Parameters: action – The controller action to be wrapped. args and kwargs are the positional and named arguments which will be passed to action_ when called.
It will run action_ if and only if authorization is granted (i.e., the predicate is met). Otherwise, it will set the HTTP status code (to 401 if the user is anonymous or 403 if authenticated) then, if defined, it will run the denial handler (if not, it will abort with pylons.controllers.util.abort()).
It’s worth noting that when the status code for the response is 401, that will trigger a repoze.who challenger (e.g., a login form will be displayed).
Note
If you want to override the default behavior when authorization is denied (most likely), you should define just a denial handler. If you want to override the whole wrapper (very unlikely), it’s safe to extend this class and override this method.
- class repoze.what.plugins.pylonshq.ControllerProtector(predicate, denial_handler=None)¶
Class decorator to set predicate checkers in Pylons/TG2 controllers.
- default_denial_handler = None
Type : callable or str The default denial handler to be passed to protector.
When it’s set as a string, the resulting handler will be the attribute of the controller class whose name is represented by default_denial_handler. For example, if default_denial_handler equals "process_errors" and the decorated controller is NiceController, the resulting denial handler will be: NiceController.process_errors.
- protector = ActionProtector
Type : Subclass of ActionProtector The action protection decorator to be added to Controller.__before__.
- __init__(predicate, denial_handler=None)¶
Make repoze.what verify that the predicate is met.
Parameters: - predicate – A repoze.what predicate.
- denial_handler – The callable to be run if authorization is denied (overrides default_denial_handler if defined).
If called, denial_handler will be passed a positional argument which represents a message on why authorization was denied.
- __call__(cls)¶
Add the protector decorator to the __before__ method of the cls controller.
Miscellaneous utilities¶
- repoze.what.plugins.pylonshq.is_met(predicate)¶
Evaluate the repoze.what predicate checker and return True if it’s met.
Parameters: predicate – The repoze.what predicate checker to be evaluated. Returns: True if it’s met; False otherwise. Return type: bool
- repoze.what.plugins.pylonshq.not_met(predicate)¶
Evaluate the repoze.what predicate checker and return False if it’s met.
Parameters: predicate – The repoze.what predicate checker to be evaluated. Returns: False if it’s met; True otherwise. Return type: bool
- repoze.what.plugins.pylonshq.booleanize_predicates()¶
Make repoze.what predicates evaluable without passing the environ explicitly.
- repoze.what.plugins.pylonshq.debooleanize_predicates()¶
Stop repoze.what predicates from being evaluable without passing the environ explicitly.
This function reverts booleanize_predicates().
