vigiboard / dashboard / controllers / secure.py @ 805cc54a
History | View | Annotate | Download (1.12 KB)
1 |
# -*- coding: utf-8 -*-
|
---|---|
2 |
"""Sample controller with all its actions protected."""
|
3 |
from tg import expose, flash |
4 |
from pylons.i18n import ugettext as _, lazy_ugettext as l_ |
5 |
from repoze.what.predicates import has_permission |
6 |
#from dbsprockets.dbmechanic.frameworks.tg2 import DBMechanic
|
7 |
#from dbsprockets.saprovider import SAProvider
|
8 |
|
9 |
from dashboard.lib.base import BaseController |
10 |
#from dashboard.model import DBSession, metadata
|
11 |
|
12 |
__all__ = ['SecureController']
|
13 |
|
14 |
|
15 |
class SecureController(BaseController): |
16 |
"""Sample controller-wide authorization"""
|
17 |
|
18 |
# The predicate that must be met for all the actions in this controller:
|
19 |
allow_only = has_permission('manage',
|
20 |
msg=l_('Only for people with the "manage" permission'))
|
21 |
|
22 |
@expose('dashboard.templates.index') |
23 |
def index(self): |
24 |
"""Let the user know that's visiting a protected controller."""
|
25 |
flash(_("Secure Controller here"))
|
26 |
return dict(page='index') |
27 |
|
28 |
@expose('dashboard.templates.index') |
29 |
def some_where(self): |
30 |
"""Let the user know that this action is protected too."""
|
31 |
return dict(page='some_where') |