Gustavo Narea schrieb: > On Monday February 2, 2009 18:21:24 Christoph Zwerschke wrote: >> My idea was to let TG2 provide a request-aware sublass of the >> Predicate class where the environ parameter is optional and set to >> request.environ if not specified. > > But how are you going to do with the predicates themselves? They all > will subclass Predicate, not the TG2 base predicate.
Hm, right, my ideas were not really worked out ;-) I've just started using TG2, and obviously I should work with it first for a while to get a better feeling what is really missing and can be improved here. For instance, I discovered only now that in a template it's easily possible to check permissions using 'x' in tg.identity.groups or 'y' in tg.identity.permissions, just as it worked before in TG1. That's actually the main feature I needed (plus the IP based authorization, but the solution you already provided works for now). The reason why I didn't expect tg.identity to contain permissions is that it is actually the same as repoze.who.identity, but permissions are strictly speaking a feature of repoze.what - you said that the goal was actually to not mix authentication and authorization. So this is a bit confusing and certainly needs better documentation. -- Christoph --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "TurboGears Trunk" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/turbogears-trunk?hl=en -~----------~----~----~----~------~----~------~--~---
