Ejemplo n.º 1
0
 def wrapper(func, self, *args, **kw):
     if permission.check():
         return func(self, *args, **kw)
     pylons.session['redirect'] = \
             pylons.request.environ['pylons.routes_dict']
     pylons.session.save()
     redirect_to_login()
Ejemplo n.º 2
0
 def _authorize(self):
     """
     Flexible action/permission declarations: If the __permission__
     variable is set to a an instance of a permission such as SignedIn()
     and the action is not in the __excludes__ variable list of excluded
     actions and the permission check fails, reroute the request to the
     login controller. Fails soft.
     
     Rerouting an already signed-in user to the login page could be a
     source of misunderstanding, although it could be argued that the
     purpose is to allow the user to switch to an account that has the
     requisite permissions. It might be nice for login to detect a
     signed-in userand offer a different template for logging in to
     another account as opposed to simply signing in.
     """
     # add user to context for convenience
     c.auth_user = get_user()
     if self.__permission__ and \
         request.environ['pylons.routes_dict']['action'] \
         not in self.__excludes__ and \
         not self.__permission__.check():
         redirect_to_login()