[Grok-dev] local roles and REST
whit morriss
d.w.morriss at gmail.com
Thu May 15 17:17:08 EDT 2008
I was attempting to do some basic securing of REST methods ala::
...
@grok.require('almanac.add')
def POST(self):
...
almanac.add is a generic permission that gets granted to the
almanac.owner role on the container. The local role of owner is granted
to the active principal at the time of the containers creation (using
subscribers).
My tests were blowing up until I (pdbed through the checker) and added
an adapter to zope.app.securitypolicy.interfaces.IPrincipalRoleMap from
my REST "view"::
@grok.adapter(AlmanacAPPBase)
@grok.implementer(IPrincipalRoleMap)
def context_role_manager(controller):
"Delegate to context"
return IPrincipalRoleMap(controller.context)
...
Am I missing something elsewhere or are local roles not being applied by
default to REST views (grok 0.11.1)?
-w
More information about the Grok-dev
mailing list