[Grok-dev] megrok.login

Danilo G B danilogbotelho at yahoo.com
Wed May 25 17:22:26 EDT 2011 

Permissions depend on your site.zcml (etc/site.zcml.in and later 
parts/etc/site.zcml). By default, paster adds the following line to those files 
which grants zope.View and not zope.Public to anonymous users:

<grant permission="zope.View"
             principal="zope.Everybody" />




________________________________
From: Mats <mats at ronin-group.org>
To: Danilo G B <danilogbotelho at yahoo.com>
Cc: grok-dev at zope.org
Sent: Wed, May 25, 2011 9:51:17 AM
Subject: Re: [Grok-dev] megrok.login

That worked wonders.  Thanks a million.

Could you tell me why it doesn't work when I remove
grok.require('zope.Public')?  Isn't all views public when no require
statement is specified?

Thanks again,

Mats

> The magic of the megrok.login authentication is performed by the code in
> loginform.py ( check the LoginForm class' __call__ method).
> In my code I dropped the self.index() in the last line and used a
> grok.View.__call__(self) instead (you should use Page.__call__).
>
> class Login(grok.View):
>
>     grok.context(Interface)
>     grok.require('zope.Public')
>
>     def __call__(self):
>         request = self.request
>         principal = request.principal
>
>         unauthenticated = IUnauthenticatedPrincipal.providedBy(principal)
>         self.unauthenticated = unauthenticated
>
>         camefrom = request.get('camefrom')
>         if isinstance(camefrom, list):
>             # this can happen on python2.6, as it changed the
>             # behaviour of cgi.FieldStorage a bit.
>             camefrom = camefrom[0]
>         self.camefrom = camefrom
>
>         if (not unauthenticated) and ('SUBMIT' in request):
>             # authenticated by submitting
>             request.response.redirect(camefrom or '.')
>             return ''
>
>         return grok.View.__call__(self)
>
>     def update(self, camefrom=None, SUBMIT=None):
>         self.camefrom = camefrom
>         if SUBMIT is not None and camefrom is not None:
>             # The credentials were entered. Go back. If the entered
>             # credentials are not valid, another redirect will happen
>             # to this view.
>             self.redirect(camefrom)
>         self.baseurl = self.url(self.context)
>         return
>
> _______________________________________________
> Grok-dev mailing list
> Grok-dev at zope.org
> https://mail.zope.org/mailman/listinfo/grok-dev
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.zope.org/pipermail/grok-dev/attachments/20110525/2901f52a/attachment.html

More information about the Grok-dev mailing list