> And my views are defined like this: > @view_config(route_name='admin_db_list', renderer='admin/db_list.jinja2', > permission='superadmin') > def db_list(request): ... > > > So in this situation, my context is request.root (or request.context), is > this right? > > If I try view_execution_permitted(request.root, request, name=' > admin_db_list'), I get an "TypeError: No registered view satisfies the > constraints." >
In @view_config() you don't specify name. This is interesting. I'd guess it is function name "db_list" in this case. Can you try this? > > Do I understand correctly that the name should be a @view_config name > _and_ this means using traversal, so I should just forget about using it? > In traversal: route_name defines the traversal route name (e.g. "admin" for admin interface traversal, "blog" for blog posts") name defines view name as part of the path. E.g. "edit" for /blog/my-fancy-kittens/edit I just checked view_execution_permitted() and name argument is indeed view name (traversal like) I am not sure, so I let the other comments, whether view_execution_permitted() can be used for non-traversal like views. > > => So in conclusion, I can only use request.has_permission and duplicate > the permission values in template as well? > > > > > > > > > > > > > > On Thursday, 10 November 2016 22:50:37 UTC+1, Mikko Ohtamaa wrote: >> >> And to elaborate the following: >> >> I simply check for the permission I know the target has using >> request.has_permission(): >> >> https://websauna.org/docs/narrative/user/permissions.html? >> highlight=permissions#checking-permissions-in-templates >> >> - Define a Root object >> >> - In this root you have a dynamic __acl__() property that gives logged in >> users permissions based on their user id or group id >> >> - In your view you have @view_config(permission="my_permission") >> >> Example of setting a custom root: >> >> https://websauna.org/docs/_modules/websauna/system.html#Init >> ializer.configure_root >> >> Some examples of dynamic __acl__ >> >> https://github.com/websauna/websauna.blog/blob/master/websau >> na/blog/views.py#L45 >> >> https://websauna.org/docs/narrative/crud/standalone.html? >> highlight=contract#creating-crud-resources >> >> -M >> >> >> -- > You received this message because you are subscribed to the Google Groups > "pylons-discuss" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To post to this group, send email to [email protected]. > To view this discussion on the web visit https://groups.google.com/d/ > msgid/pylons-discuss/b5dd965d-4d4b-48a1-b6c5-fe60eae13c57% > 40googlegroups.com > <https://groups.google.com/d/msgid/pylons-discuss/b5dd965d-4d4b-48a1-b6c5-fe60eae13c57%40googlegroups.com?utm_medium=email&utm_source=footer> > . > > For more options, visit https://groups.google.com/d/optout. > -- Mikko Ohtamaa http://opensourcehacker.com http://twitter.com/moo9000 -- You received this message because you are subscribed to the Google Groups "pylons-discuss" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/pylons-discuss/CAK8RCUtu-gQbyVKQk9psg5atiX-f%2BTnA0-9R-9N46QDAPZ83oA%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
