And to elaborate the following: I simply check for the permission I know the target has using request.has_permission():
https://websauna.org/docs/narrative/user/permissions. html?highlight=permissions#checking-permissions-in-templates - Define a Root object - In this root you have a dynamic __acl__() property that gives logged in users permissions based on their user id or group id - In your view you have @view_config(permission="my_permission") Example of setting a custom root: https://websauna.org/docs/_modules/websauna/system.html#Initializer.configure_root Some examples of dynamic __acl__ https://github.com/websauna/websauna.blog/blob/master/websauna/blog/views.py#L45 https://websauna.org/docs/narrative/crud/standalone.html?highlight=contract#creating-crud-resources -M -- You received this message because you are subscribed to the Google Groups "pylons-discuss" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/pylons-discuss/CAK8RCUsMHGskumUAWdVqmxAqvPHfBc%3DutmqVe4AoiB8vTdtr1A%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
