Hmm....you bring up a good point. I'd be interested in the responses stated here.
On Thursday, 14 June 2012 06:47:38 UTC-5, Przemyslaw wrote: > > Hi! > > What I need is a possibility to get the list of logged-in user's > principals in my view (so I can e.g. disable 'Edit' link for users not > allowed to edit - pretty common need, I guess). > > I could use pyramid.security.effective_principals(request) call, but as > far as I understand this would trigger my authentication policy callback > again! I really want to avoid calling my callback more than once per > request. > > My idea is to attach the effective principals list to the request instance > (e.g. as request.effective_principals) before returning from the callback, > so I can later reference it in my view. Are there any issues I should be > careful about here? Or are there better ways to do it? > > BR, > Przemyslaw > -- You received this message because you are subscribed to the Google Groups "pylons-discuss" group. To view this discussion on the web visit https://groups.google.com/d/msg/pylons-discuss/-/PYRNymzcmogJ. To post to this group, send email to pylons-discuss@googlegroups.com. To unsubscribe from this group, send email to pylons-discuss+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/pylons-discuss?hl=en.
