vigiboard / vigiboard / controllers / secure.py @ dde732e5
History | View | Annotate | Download (1.12 KB)
1 | 49c8da1d | Thomas ANDREJAK | # -*- coding: utf-8 -*-
|
---|---|---|---|
2 | """Sample controller with all its actions protected."""
|
||
3 | from tg import expose, flash |
||
4 | from pylons.i18n import ugettext as _, lazy_ugettext as l_ |
||
5 | from repoze.what.predicates import has_permission |
||
6 | #from dbsprockets.dbmechanic.frameworks.tg2 import DBMechanic
|
||
7 | #from dbsprockets.saprovider import SAProvider
|
||
8 | |||
9 | from vigiboard.lib.base import BaseController |
||
10 | #from vigiboard.model import DBSession, metadata
|
||
11 | |||
12 | __all__ = ['SecureController']
|
||
13 | |||
14 | |||
15 | class SecureController(BaseController): |
||
16 | """Sample controller-wide authorization"""
|
||
17 | |||
18 | # The predicate that must be met for all the actions in this controller:
|
||
19 | allow_only = has_permission('manage',
|
||
20 | msg=l_('Only for people with the "manage" permission'))
|
||
21 | |||
22 | @expose('vigiboard.templates.index') |
||
23 | def index(self): |
||
24 | """Let the user know that's visiting a protected controller."""
|
||
25 | flash(_("Secure Controller here"))
|
||
26 | return dict(page='index') |
||
27 | |||
28 | @expose('vigiboard.templates.index') |
||
29 | def some_where(self): |
||
30 | """Let the user know that this action is protected too."""
|
||
31 | return dict(page='some_where') |