金字塔和FormAlchemy管理界面

编程问答 2022-04-25

问题描述

| 我有一个使用formalchemy管理界面的金字塔项目。我添加了基本的ACL身份验证,即使我已通过身份验证,pyramid_formalchemy插件也始终拒绝。 关于如何仅允许经过身份验证的用户使用pyramid_formalchemy管理界面的任何想法? 授权策略是这样添加的: authn_policy = AuthTktAuthenticationPolicy(\'MYhiddenSECRET \',callback = groupfinder) authz_policy = ACLAuthorizationPolicy() config =配置器(    设置=设置,    root_factory = \'package.auth.RootFactory \',    authentication_policy = authn_policy,    authorization_policy = authz_policy ) #pyramid_formalchemy \的配置 config.include(\'pyramid_formalchemy \') config.include(\'fa.jquery \') config.formalchemy_admin(\'admin \',package = \'package \',view = \'fa.jquery.pyramid.ModelView \')     

解决方法

pyramid_formalchemy
使用权限
\'view\',\'edit\',\'delete\',\'new\'
确定谁可以做什么。 ѭ2从SQLAlchemy模型对象向下传播。因此,您需要在每个模型对象上放置一个“ 2”,以允许所需的组访问这些权限。例如,从“ 0”至“ 5”示例项目中: 
class Bar(Base):
    __tablename__ = \'bar\'
    __acl__ = [
            (Allow,\'admin\',ALL_PERMISSIONS),(Allow,\'bar_manager\',(\'view\',\'new\',\'delete\')),]
    id = Column(Integer,primary_key=True)
    foo = Column(Unicode(255))
当然,如果不提供
__acl__
,它将在资源树的谱系中查找,直到达到hit8ѭ。默认情况下,
pyramid_formalchemy
定义自己的工厂
pyramid_formalchemy.resources.Models
,但是您可以将其子类化并为其提供
__acl__
,作为所有模型的全局变量: 
from pyramid_formalchemy.resources import Models

class ModelsWithACL(Models):
    \"\"\"A factory to override the default security setting\"\"\"
    __acl__ = [
            (Allow,Authenticated,\'view\'),\'editor\',\'edit\'),\'manager\',(\'new\',]

config.formalchemy_admin(\'admin\',package=\'package\',view=...,factory=ModelsWithACL)
    
界面界面管理管理金字塔