vigiboard / dashboard / controllers / secure.py @ 805cc54a
History | View | Annotate | Download (1.12 KB)
| 1 |
# -*- coding: utf-8 -*-
|
|---|---|
| 2 |
"""Sample controller with all its actions protected."""
|
| 3 |
from tg import expose, flash |
| 4 |
from pylons.i18n import ugettext as _, lazy_ugettext as l_ |
| 5 |
from repoze.what.predicates import has_permission |
| 6 |
#from dbsprockets.dbmechanic.frameworks.tg2 import DBMechanic
|
| 7 |
#from dbsprockets.saprovider import SAProvider
|
| 8 |
|
| 9 |
from dashboard.lib.base import BaseController |
| 10 |
#from dashboard.model import DBSession, metadata
|
| 11 |
|
| 12 |
__all__ = ['SecureController']
|
| 13 |
|
| 14 |
|
| 15 |
class SecureController(BaseController): |
| 16 |
"""Sample controller-wide authorization"""
|
| 17 |
|
| 18 |
# The predicate that must be met for all the actions in this controller:
|
| 19 |
allow_only = has_permission('manage',
|
| 20 |
msg=l_('Only for people with the "manage" permission'))
|
| 21 |
|
| 22 |
@expose('dashboard.templates.index') |
| 23 |
def index(self): |
| 24 |
"""Let the user know that's visiting a protected controller."""
|
| 25 |
flash(_("Secure Controller here"))
|
| 26 |
return dict(page='index') |
| 27 |
|
| 28 |
@expose('dashboard.templates.index') |
| 29 |
def some_where(self): |
| 30 |
"""Let the user know that this action is protected too."""
|
| 31 |
return dict(page='some_where') |