def __acl__(self): """ ACL for Pyramid's authorization policy. """ sess = sa.inspect(self).session # Bind ourselves to a new session in case we'd lost our session. This # may happen if the current request created an exception, which closes # the current session, and Pyramid redirects to an error page. That # error page again uses DB objects, but since the session had been # closed, it fails with a DetachedInstanceError, or and object's session # being None. if not sess: sess = DbSession() sess.add(self) acl = [] perms = pam.Permission.load_all(sess) # Convert self.acl into Pyramid's ACL for ace in self.acl: pyr_ace = ace.to_pyramid_ace(perms) acl.append(pyr_ace) # If allow, allow all parents if ace.allow: if perms[ace.permission_id]['parents']: for p in perms[ace.permission_id]['parents']: pyr_ace2 = (pyr_ace[0], pyr_ace[1], p[1]) acl.append(pyr_ace2) # If deny, deny all children else: for ch in perms[ace.permission_id]['children']: pyr_ace2 = (pyr_ace[0], pyr_ace[1], ch[1]) acl.append(pyr_ace2) return acl
def __init__(self, context, request): global _tr _tr = request.localizer.translate self.context = context self.request = request self.sess = DbSession() self.urls = dict(entity_rest_url=request.resource_path(context, 'xhr'))
def get_current_user(request): """ This method is used as a request method to reify a user object to the request object as property ``user``. """ #mlgg.debug("get user: {}".format(request.path)) principal = pyramid.security.unauthenticated_userid(request) sess = DbSession() rc = request.registry.settings['rc'] user_class = _dnr.resolve( rc.g('auth.class.user')) cusr = CurrentUser(sess, request, user_class) if principal is not None: cusr.load_by_principal(principal) return cusr
def root_factory(request): #return root_node sess = DbSession() n = ResourceNode.load_root(sess, 'root') return n