[Grok-dev] Requiring more than one permission to access a view. Is that doable?
Hector Blanco
white.lists at gmail.com
Sun Feb 13 13:51:33 EST 2011
Hello everyone!
I'd like to know if I can require more than one permission for the
logged principal to access a view.
I've been setting a permission system as explained here:
http://grok.zope.org/documentation/tutorial/permissions/checking-permissions
I can properly test if the logged principal can access (or not) a view
as detailed in that tutorial:
class RestrictedAccessView(grok.View):
grok.context(Server)
grok.require('server.CanSeeRestrictedAccessView')
grok.name("RestrictedAccessView")
Then to test it, I have created another view (doesn't need to be
another view... could be anywhere, but by putting it in a view, I can
easily test it on my browser :-) )
class Test(grok.View):
grok.context(Server)
grok.require('server.ViewWholeSite')
def canAccessView(self, obj, view_name):
# obj - is the object you want view
# view_name - is the grok.View/AddForm/EditForm you want to access
view = zope.component.getMultiAdapter((obj, self.request), name=view_name)
# check if you can access the __call__ method which is equal
# to being allowed to access this view.
return zope.security.canAccess(view, '__call__')
def render(self):
retval = str()
retval += "Can logged user access 'RestrictedAccessView'?: " +
str(self.canAccessView(self.context, "RestrictedAccessView"))
return retval
It works... If the logger user/principal doesn't have the permission
"server.CanSeeRestrictedAccessView", I see on my browser:
Can logged user access 'RestrictedAccessView'?: False
But what about requiring more than one permission to see the view?
Something like:
class RestrictedAccessView(grok.View):
grok.context(Server)
grok.require('server.ViewTheWholeSite')
grok.require('server.CanSeeRestrictedAccessView')
grok.name("RestrictedAccessView")
If I try that, I get:
GrokError: grok.require was called multiple times in <class
'server.app.RestrictedAccessView'>. It may only be set once for a
class.
Overestimating my wisdom, I recalled that sometimes passing a tuple
works, so I tried:
class RestrictedAccessView(grok.View):
grok.context(Server)
grok.require(('server.ViewTheWholeSite', 'server.CanSeeRestrictedAccessView'))
And... nopes!!:
GrokImportError: You can only pass unicode, ASCII, or a subclass
of grok.Permission to the 'require' directive.
It's not a big deal, though... I can always play with the permissions
so I will only require one... It's mainly out of curiosity.
Thank you in advance!
More information about the Grok-dev
mailing list