Multiauth (mainly an advanced Python question I think)

Hi - I'm hoping to use MultiAuth
(http://www.che
rrypy.org/wiki/MultiAuth) but have come across something
I cannot figure out how to work around.

I want to extract the roles relevant for a given
class/method from the
database . This is no problem but it seems to me that it's
impossible
to assign these at run time (bear in mind I need method
level
granularity not just class protection).

Now bear in mind I do not consider myself a Python guru but
this is how
I come to that conclusion.

There are three methods of protecting a class and/or method.

1. Metaclasses - the setup of which roles are allowed access
is done at
class level and so (as far as I understand) is not able to
driven by
the database.

class SubSite:
    "Example metaclasss protection"
    __metaclass__ = auth.protected
    roles = ['admins']

    def index(self):
        return "here is the admin only subsite"
    index.exposed = True


2. Decorators - again the setup of the decorators is done at
class
level and so not able to be driven by the database ?

class AnotherSubSite:
    "Sample multi-level security with
decorators"

    def index(self):
        return """
<a href="protected">Protected
method</a><br>
<a href="open">Open
method</a><br>
"""
    index.exposed = True

    # for 2.4 use: auth.secure(['whatever'])
    def protected(self):
        return "you have accessed the protected
page"
    # decorate the method in a 2.3 friendly way
    protected = auth.secure(['supersecret'])(protected)
    protected.exposed = True

    def open(self):
        return "this is the open page"
    open.exposed = True


3. Superclasses - is restricted to class level control and I
need
class/method granularity


So - is there anyone out there who used MultiAuth in the way
or who
maybe just understands enough about Python that they can
explain how to
get around this ?


Thanks

Richard.


--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the
Google Groups "cherrypy-users" group.
To post to this group, send email to cherrypy-usersgooglegroups.com
To unsubscribe from this group, send email to
cherrypy-users-unsubscribegooglegroups.com
For more options, visit this group at http://
groups.google.com/group/cherrypy-users
-~----------~----~----~----~------~----~------~--~---

Hi,

northof40 wrote:
> I want to extract the roles relevant for a given
class/method from the
> database . This is no problem but it seems to me that
it's impossible
> to assign these at run time (bear in mind I need method
level
> granularity not just class protection).
I have modified MultiAuth to do just this, but I think it
only works in
the case where you protect the whole class by inheriting
from
ProtectedClass .
Basically it just involved adding a new argument to
ProtectedClass'
__init__ method (the function to use to get the roles from
database) and
tweaking the secure decorator so that the function gets
called (class
name & method name as arguments) and returned roles
appended to the
_roles list.

I can send you the code if you want to, after I've cleaned
it a bit
(might take the weekend).

-Ari


--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the
Google Groups "cherrypy-users" group.
To post to this group, send email to cherrypy-usersgooglegroups.com
To unsubscribe from this group, send email to
cherrypy-users-unsubscribegooglegroups.com
For more options, visit this group at http://
groups.google.com/group/cherrypy-users
-~----------~----~----~----~------~----~------~--~---