secure.py 960B

12345678910111213141516171819202122232425262728
  1. # -*- coding: utf-8 -*-
  2. """Sample controller with all its actions protected."""
  3. from tg import expose, flash
  4. from tg.i18n import ugettext as _, lazy_ugettext as l_
  5. from tg.predicates import has_permission
  6. from pod.lib.base import BaseController
  7. __all__ = ['SecureController']
  8. class SecureController(BaseController):
  9. """Sample controller-wide authorization"""
  10. # The predicate that must be met for all the actions in this controller:
  11. allow_only = has_permission('manage',
  12. msg=l_('Only for people with the "manage" permission'))
  13. @expose('pod.templates.index')
  14. def index(self):
  15. """Let the user know that's visiting a protected controller."""
  16. flash(_("Secure Controller here"))
  17. return dict(page='index')
  18. @expose('pod.templates.index')
  19. def some_where(self):
  20. """Let the user know that this action is protected too."""
  21. return dict(page='some_where')