>> >> Are you developing a website or a GUI program? >> >> > It will be used in a web development. It is an important point? Yes, I think. Unless you use AJAX. :-) Most web sites work this way:
user clicks -> request to server -> process on server -> response I would rather enclose the whole handler in try/except and raise a custom PermissionDenied exception when the user has inscuficient permissions. There are problems with a decorator used for authorization. The context needs to be determined. E.g. which user is accessing the method? (It can be hard to tell if the method is part of a thread object that lies in a thread pool and is shared between simultaneous clients...) Also it might be that the method's purpose is to change objects of the same class, and the user has permission to modify one object but not the other. In this case, authorization must be done inside the function call... How do you express this with a decorator? These are just ideas. You should analyze your problem and make your decision. If you only want to restrict access to functions, then probably using decorators is perfect. Best, Laszlo -- http://mail.python.org/mailman/listinfo/python-list
