Great.
I think I found the other part of the problem, which is
pyramid.traversal.find_resource(resource, path)
so the function could be:
def url_has_permission( permision, path):
resource = pyramid.traversal.find_resource(request.context , path)
return pyramid.security.has_permission('permission_name',
resource, request)
On Mar 3, 2:48 pm, Chris McDonough <chr...@plope.com> wrote:
> On Thu, 2011-03-03 at 14:46 -0800, oO wrote:
> > The conceptual problems that I have is the following:
>
> > Let's say that I have an Admin resource, somewhere in my resource
> > tree, that only members of the admin group can view. I've setup
> > authentication and ACL and all that, and non-admin users get a
> > friendly 403 message if they tried to access that resource.
>
> > However, I would prefer to make sure that my base template doesn't
> > contain a link to the admin page if the user is not part of the admin
> > group, which is a better UI pattern. (don't show users options that
> > don't apply to them)
>
> > How would I implement that in Pyramid? Does the Authentication/
> > Authorization layer allow me to query if the current user has a
> > particular permission on a resource/view that is not the current one?
> > In my example, how can I make sure that the user has permission to
> > access "/admin" while rendering the template for "/" so I can include
> > the admin menu item or not?
>
> pyramid.security.has_permission('permission_name', resource, request)
>
>
>
> > Ideally I'm looking for some sort of GET_URL_PERMISSION( "/admin",
> > "view") function that I could call from the template and pass a url
> > and permission request that would return a boolean.
>
> > Disclaimer: I'm using traversal and delegate ACL at various level in
> > the tree.
>
> > oO
--
You received this message because you are subscribed to the Google Groups
"pylons-discuss" group.
To post to this group, send email to pylons-discuss@googlegroups.com.
To unsubscribe from this group, send email to
pylons-discuss+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/pylons-discuss?hl=en.
