Example #1
0
def init_app(acl, app, mtjacl_sessions=True,
        permission_denied_handler=handle_permission_denied, *a, **kw):

    # Not using the default session.
    principal = Principal(app, use_sessions=False, *a, **kw)

    @identity_loaded.connect_via(app)
    def on_identity_loaded(sender, identity):
        if not isinstance(identity, AclIdentity):
            # Not doing anything on identities we don't care for.
            return

        # the identity is actually the raw token
        access_token = identity.access_token
        if access_token is None:
            user = anonymous
        else:
            user = acl.getUserFromAccessToken(access_token)
        # cache this value.
        g.mtj_user = user
        if user is anonymous:
            return
        roles = acl.getUserRoles(user)
        # TODO figure out how to do lazy loading of roles.
        for role in roles:
            identity.provides.add(RoleNeed(role))

        identity.id = user.login

    if mtjacl_sessions:
        principal.identity_loader(acl_session_identity_loader)
        principal.identity_saver(acl_session_identity_saver)

    app.config['MTJ_ACL'] = acl
    if callable(permission_denied_handler):
        app.errorhandler(PermissionDenied)(permission_denied_handler)

    app.before_request(_on_before_request(acl))
Example #2
0
def _get_principal(app):
    p = Principal(app, use_sessions=False)
    p.identity_loader(_identity_loader)
    return p
Example #3
0
def _get_principal(app):
    p = Principal(app, use_sessions=False)
    p.identity_loader(_identity_loader)
    return p
def get_principals(app):
    p = Principal(app)
    p.identity_loader(load_identity)
    return p