金字塔和FormAlchem​​y管理界面

金字塔和FormAlchem​​y管理界面

本文介绍了金字塔和FormAlchem​​y管理界面的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我必须使用formalchem​​y管理界面金字塔项目。我加了基本ACL认证和pyramid_formalchem​​y插件总是丹尼斯即使我验证。

如何只允许经过身份验证的用户使用pyramid_formalchem​​y管理界面有什么想法?

授权政策被添加像这样:


authn_policy = AuthTktAuthenticationPolicy('MYhiddenSECRET',回调= groupfinder)
authz_policy = ACLAuthorizationPolicy()配置=配置(
   设置=设置,
   root_factory ='package.auth.RootFactory',
   authentication_policy = authn_policy,
   authorization_policy = authz_policy
)#pyramid_formalchem​​y的配置
config.include('pyramid_formalchem​​y')
config.include('fa.jquery')
config.formalchem​​y_admin('管理',包='包',查看='fa.jquery.pyramid.ModelView')


解决方案

pyramid_formalchem​​y 使用权限查看,编辑,删除','新'来决定谁可以做什么。在 __ __ ACL 从您的SQLAlchem​​y的模型对象传播下去。因此,你需要把 __ __ ACL 每个允许所需的群体获得这些权限模型对象。例如,从 pyramid_formalchem​​y pyramidapp 示例项目:

  Bar类(基础):
    __tablename__ ='吧'
    __acl__ = [
            (允许,'管理',ALL_PERMISSIONS)
            (允许,'bar_manager,(观看,新,编辑,删除))
        ]
    ID =列(整数,primary_key =真)
    富=栏(统一code(255))

当然,如果你直到它击中工厂 __ ACL __ 然后它会看在资源树的血统/ code>。默认情况下, pyramid_formalchem​​y 定义了自己的工厂 pyramid_formalchem​​y.resources.Models ,但是你也可以继承这一点,并提供了一​​个 __ __ ACL 将其作为一个全球性的所有车型:

 从pyramid_formalchem​​y.resources进口车型类ModelsWithACL(型号):
    一个工厂来覆盖默认安全设置
    __acl__ = [
            (允许,'管理',ALL_PERMISSIONS)
            (允许,认证,观看),
            (允许,'编辑','编辑'),
            (允许,'经理',('新','编辑','删除'))
        ]config.formalchem​​y_admin('管理',包='包',查看= ... =工厂ModelsWithACL)

I have a pyramid project using the formalchemy admin interface. I added the basic ACL authentication and the pyramid_formalchemy plugin always denys even though I am authenticated.

Any thoughts on how only allow authenticated users to use the pyramid_formalchemy admin interface?

The authorization policy was add like this:

authn_policy = AuthTktAuthenticationPolicy('MYhiddenSECRET', callback=groupfinder)
authz_policy = ACLAuthorizationPolicy()

config = Configurator(
   settings=settings,
   root_factory='package.auth.RootFactory',
   authentication_policy=authn_policy,
   authorization_policy=authz_policy
)

# pyramid_formalchemy's configuration
config.include('pyramid_formalchemy')
config.include('fa.jquery')
config.formalchemy_admin('admin', package='package', view='fa.jquery.pyramid.ModelView')
解决方案

pyramid_formalchemy uses the permissions 'view', 'edit', 'delete', 'new' to determine who can do what. The __acl__ is propagated down from your SQLAlchemy model object. Thus, you need to put an __acl__ on each of your model objects allowing your desired groups access to those permissions. For example, from the pyramid_formalchemy pyramidapp example project:

class Bar(Base):
    __tablename__ = 'bar'
    __acl__ = [
            (Allow, 'admin', ALL_PERMISSIONS),
            (Allow, 'bar_manager', ('view', 'new', 'edit', 'delete')),
        ]
    id = Column(Integer, primary_key=True)
    foo = Column(Unicode(255))

Of course, if you do not supply an __acl__ then it will look in the lineage of the resource tree until it hits the factory. By default, pyramid_formalchemy defines its own factory pyramid_formalchemy.resources.Models, however you can subclass this and provide an __acl__ to it, as a global for all of your models:

from pyramid_formalchemy.resources import Models

class ModelsWithACL(Models):
    """A factory to override the default security setting"""
    __acl__ = [
            (Allow, 'admin', ALL_PERMISSIONS),
            (Allow, Authenticated, 'view'),
            (Allow, 'editor', 'edit'),
            (Allow, 'manager', ('new', 'edit', 'delete')),
        ]

config.formalchemy_admin('admin', package='package', view=..., factory=ModelsWithACL)

这篇关于金字塔和FormAlchem​​y管理界面的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

08-11 14:18