0

你知道 Pylons 有什么类可以控制每个视图的访问吗?

谢谢(你的)信息!:)

4

1 回答 1

1

您可以使用 Authkit ( http://authkit.org ) 和“授权”装饰器:

from authkit.authorize.pylons_adaptors import authorize
from authkit.permissions import RemoteUser

class MainController(BaseController):

    @authorize(RemoteUser())
    def index(self):
        pass

您可以编写自己的权限类,例如。(这是一些旧项目的一部分,如果你想使用它,请检查它):

class HasPerm(RequestPermission):
    def __init__(self, perms, all=False, error=None):
        if isinstance(perms, str):
            perms = [perms]
        self.all = all
        self.perms = perms
        self.error = error
        self.full_access = "ADMIN"

    def check(self, app, environ, start_response):
        if not environ.has_key('REMOTE_USER'):
            if self.error:
                raise self.error
            raise NotAuthenticatedError('Not authenticated')

        user = Session.query(User)
        user = user.filter_by(name=environ['REMOTE_USER']).first()

        if not user:
            raise NotAuthorizedError('No such user')
        if user.blocked:
            raise NotAuthorizedError('User blocked')

        user_perms = [x.name for x in user.permissions]

        if self.full_access in user_perms:
           return app(environ, start_response)

        for p in self.perms:
            checked_perm = model.Permission.get_by(name=p)
            if not checked_perm:
               raise NotAuthorizedError("There is no permission")

            if checked_perm.name in user_perms and not self.all:
               return app(environ, start_response)

            if checked_perm.name not in user_perms and self.all:
               raise NotAuthorizedError("User has no permission")
        raise NotAuthorizedError("User has no permission")
于 2010-07-28T22:34:58.790 回答