On Thu, Jun 12, 2008 at 8:44 AM, Alberto Valverde <[EMAIL PROTECTED]> wrote:
>> What's the practical difference between controller based approach and >> views based one? Eg. Django views, and controllers in Pylons? It >> doesn't seem that much different, so why not make all controller >> actions regular functions, instead of class methods? What's the gain >> in this controller approach, if any? :) > > You can take a look at a real app's Pylons REST controller that powers > beta.toscawidgets.org here [1]. (Not that other apps are "unreal".. I mean > that it's not a MyFirstBlog tutorial ;) > > * The __before__ method (which is executed before any method) performs > basic authorization and binds the object being exposed, if any, at an > attribute in self. This avoids repeating this code in every controller > action and is much simpler to implement properly than decorators. What "object being exposed" do you mean? (The links on the site are giving a Bad Gateway error, so I can't check this myself.) You mean something that's nominally being protected by the authorization? I use a ._process_id(id) method to validate the ID and attach it and the ORM object to self, and a separate ._REQUIRE_PERM("permname") method for authorization. Also, because some actions have an id and others don't, or because you need a parent's ID to create a child object or index of children, sometimes I'm calling ._process_id_for_parent() and sometimes ._process_id_for_child() in the same controller, which is too fine-grained for .__before__. -- Mike Orr <[EMAIL PROTECTED]> --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "pylons-discuss" group. To post to this group, send email to pylons-discuss@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/pylons-discuss?hl=en -~----------~----~----~----~------~----~------~--~---