问题描述
我必须使用formalchemy管理界面金字塔项目。我加了基本ACL认证和pyramid_formalchemy插件总是丹尼斯即使我验证。
如何只允许经过身份验证的用户使用pyramid_formalchemy管理界面有什么想法?
授权政策被添加像这样:
authn_policy = AuthTktAuthenticationPolicy('MYhiddenSECRET',回调= groupfinder)
authz_policy = ACLAuthorizationPolicy()配置=配置(
设置=设置,
root_factory ='package.auth.RootFactory',
authentication_policy = authn_policy,
authorization_policy = authz_policy
)#pyramid_formalchemy的配置
config.include('pyramid_formalchemy')
config.include('fa.jquery')
config.formalchemy_admin('管理',包='包',查看='fa.jquery.pyramid.ModelView')
pyramid_formalchemy 使用权限查看,编辑,删除','新'来决定谁可以做什么。在 __ __ ACL 从您的SQLAlchemy的模型对象传播下去。因此,你需要把 __ __ ACL 每个允许所需的群体获得这些权限模型对象。例如,从 pyramid_formalchemy pyramidapp 示例项目:
Bar类(基础):
__tablename__ ='吧'
__acl__ = [
(允许,'管理',ALL_PERMISSIONS)
(允许,'bar_manager,(观看,新,编辑,删除))
]
ID =列(整数,primary_key =真)
富=栏(统一code(255))
当然,如果你直到它击中工厂 __ ACL __ 然后它会看在资源树的血统/ code>。默认情况下, pyramid_formalchemy 定义了自己的工厂 pyramid_formalchemy.resources.Models ,但是你也可以继承这一点,并提供了一个 __ __ ACL 将其作为一个全球性的所有车型:
从pyramid_formalchemy.resources进口车型类ModelsWithACL(型号):
一个工厂来覆盖默认安全设置
__acl__ = [
(允许,'管理',ALL_PERMISSIONS)
(允许,认证,观看),
(允许,'编辑','编辑'),
(允许,'经理',('新','编辑','删除'))
]config.formalchemy_admin('管理',包='包',查看= ... =工厂ModelsWithACL)
I have a pyramid project using the formalchemy admin interface. I added the basic ACL authentication and the pyramid_formalchemy plugin always denys even though I am authenticated.
Any thoughts on how only allow authenticated users to use the pyramid_formalchemy admin interface?
The authorization policy was add like this:
authn_policy = AuthTktAuthenticationPolicy('MYhiddenSECRET', callback=groupfinder)
authz_policy = ACLAuthorizationPolicy()
config = Configurator(
settings=settings,
root_factory='package.auth.RootFactory',
authentication_policy=authn_policy,
authorization_policy=authz_policy
)
# pyramid_formalchemy's configuration
config.include('pyramid_formalchemy')
config.include('fa.jquery')
config.formalchemy_admin('admin', package='package', view='fa.jquery.pyramid.ModelView')
pyramid_formalchemy uses the permissions 'view', 'edit', 'delete', 'new' to determine who can do what. The __acl__ is propagated down from your SQLAlchemy model object. Thus, you need to put an __acl__ on each of your model objects allowing your desired groups access to those permissions. For example, from the pyramid_formalchemy pyramidapp example project:
class Bar(Base):
__tablename__ = 'bar'
__acl__ = [
(Allow, 'admin', ALL_PERMISSIONS),
(Allow, 'bar_manager', ('view', 'new', 'edit', 'delete')),
]
id = Column(Integer, primary_key=True)
foo = Column(Unicode(255))
Of course, if you do not supply an __acl__ then it will look in the lineage of the resource tree until it hits the factory. By default, pyramid_formalchemy defines its own factory pyramid_formalchemy.resources.Models, however you can subclass this and provide an __acl__ to it, as a global for all of your models:
from pyramid_formalchemy.resources import Models
class ModelsWithACL(Models):
"""A factory to override the default security setting"""
__acl__ = [
(Allow, 'admin', ALL_PERMISSIONS),
(Allow, Authenticated, 'view'),
(Allow, 'editor', 'edit'),
(Allow, 'manager', ('new', 'edit', 'delete')),
]
config.formalchemy_admin('admin', package='package', view=..., factory=ModelsWithACL)
这篇关于金字塔和FormAlchemy管理界面的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!