[tg-tickets] [TurboGears] #2063: Can't use @require decorator and require property in the same controller.

[TurboGears]

#2063: Can't use @require decorator and require property in the same controller.
------------------------+---------------------------------------------------
 Reporter:  radityo     |       Owner:  Gustavo Narea
     Type:  defect      |      Status:  new          
 Priority:  normal      |   Milestone:  2.0          
Component:  TurboGears  |     Version:  1.9.x        
 Severity:  minor       |    Keywords:               
------------------------+---------------------------------------------------
 ( Posted on [http://groups.google.com/group/turbogears-
 trunk/browse_thread/thread/bb3915e8dfb8c8c] )


 In TG2b1 with tg.authorize I can do this:

 {{{
     class SomeSecureController(SecureController):
         require = authorize.has_permission('onePermission')

         @expose('my_package.template.index')
         def index(self):
             # do something here

         @expose('my_package.template.add')
         @authorize.require(authorize.has_permission('specialPerm'))
         def do_things(self, **kw):
             # do other things here
 }}}

 But since TG2b2 with repoze.what it will throw an error:

 {{{
     >>  @require(predicates.has_permission('specialPerm'))
     TypeError: 'has_permission' object is not callable
 }}}

 '''How to replicate:'''
   1. Create new project using quickstart (I use 'Uji' as a project name
 and 'uji' as modul name)
   2. Modify controllers\secc.py:

      ''change''
 {{{
 from repoze.what.predicates import has_permission
 }}}
      ''to''
 {{{
 from repoze.what.predicates import has_permission, is_user
 }}}
      ''and change''
 {{{
     @expose('uji.templates.index')
     def some_where(self):
 }}}
      ''to''
 {{{
     @expose('uji.templates.index')
     @require(is_user('editor'))
     def some_where(self):
 }}}

   3. run server and open a page. it will throw:
 {{{
 Error Traceback:
 ⇝ TypeError: 'has_permission' object is not callable
 Module ?:10 in <module>         view
 <<  from dbsprockets.saprovider import SAProvider
     from repoze.what import predicates
     from uji.controllers.secc import Secc

     class RootController(BaseController):
 >>  from uji.controllers.secc import Secc
 Module ?:12 in <module>         view
 <<  class Secc(BaseController):
         """Sample controller-wide authorization"""
 >>  class Secc(BaseController):
 Module ?:24 in Secc         view
 <<      @expose('uji.templates.index')
         @require(is_user('editor'))
         def some_where(self):
             """should be protected because of the require attr
 >>  @require(is_user('editor'))
 TypeError: 'has_permission' object is not callable
 }}}

 additional info:
 {{{
 __doc__         'Sample controller-wide authorization'
 __module__      'uji.controllers.secc'
 index           <function index at 0xa91648c>
 require         <repoze.what.predicates.has_permission object at
 0xa97f66c>
 }}}

-- 
Ticket URL: <http://trac.turbogears.org/ticket/2063>
TurboGears <http://www.turbogears.org/>
TurboGears front-to-back web development

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google
Groups "TurboGears Tickets" group.
This group is read-only. No posting by normal members allowed.
To unsubscribe from this group, send email to
[EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/turbogears-tickets?hl=en?hl=en
-~----------~----~----~----~------~----~------~--~---