Hi,
The example you gave should have worked.
I'm not sure I quite understand the question though. Do you mean that
the exception is raised but that a sign in isn't triggered or that even
after you have signed in, only a NotAuthenticatedError is raised any
that you never get a NotAuthorizedError?
Cheers,
James
bearsprite wrote:
> I use authkit0.3.0pre5 with pylons0.9.5dev_r1895.
>
> In lib/base.py I create a new permission:
>
> class UserNotIn(RequestPermission):
> def __init__(self, users):
> if isinstance(users, list) or isinstance(users, tuple):
> users_ = []
> for user in users:
> users_.append(user.lower())
> self.users = users_
> elif isinstance(users, str):
> self.users = [users]
> else:
> raise PermissionSetupError('Expected users to be a list or
> a string, not %r'%users)
>
> def check(self, app, environ, start_response):
> if not environ.has_key('REMOTE_USER'):
> raise NotAuthenticatedError('Not Authenticated')
> if environ['REMOTE_USER'] in self.users:
> raise NotAuthorizedError('You are not one of the users
> allowed to access this resource.')
> return app(environ, start_response)
>
>
> I hope it can limit someone to some action:
>
> someperm = UserNotIn(['someone'])
> class SomeController(BaseController):
> @authorize(someperm)
> def some_action(self):
> ...
>
> But when I do this action, only NotAuthenticatedError('Not
> Authenticated') was raised, not redirect
>
> Does ONLY the authkit predefined permission can raise a redirect?
>
>
> >
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"pylons-discuss" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/pylons-discuss?hl=en
-~----------~----~----~----~------~----~------~--~---
