Browse files

Sync section titles with the summary

  • Loading branch information...
1 parent 3924d1c commit 1f19c7ae178d00e08da9092a4a42a74f8ae1d4ae @ppaez ppaez committed with reedobrien Mar 13, 2012
Showing with 37 additions and 32 deletions.
  1. +37 −32 docs/tutorials/wiki2/authorization.rst
69 docs/tutorials/wiki2/authorization.rst
@@ -18,9 +18,9 @@ We will do the following steps:
* Add an :term:`authentication policy` and an :term:`authorization policy`
* Add an authentication policy callback (new ```` module).
+* Add ``login`` and ``logout`` views (````).
* Add :term:`permission` declarations to the ``edit_page`` and ``add_page``
views (````).
-* Add ``login`` and ``logout`` views (````).
* Make the existing views return a ``logged_in`` flag to the renderer (````).
* Add a login template (new ````).
* Add a "Logout" link to be shown when logged in and viewing or editing a page
@@ -30,15 +30,16 @@ The source code for this tutorial stage can be browsed at
-Changing ```` For Authorization
-We're going to be making several changes to our ```` file which
-will help us configure an authorization policy.
Adding A Root Factory
+Open ```` and add the following statements:
+.. literalinclude:: src/authorization/tutorial/
+ :lines: 1-4,35-39
+ :linenos:
+ :language: python
We're going to start to use a custom :term:`root factory` within our
```` file. The objects generated by the root factory will be used
as the :term:`context` of each request to our application. We do this to
@@ -49,14 +50,8 @@ our contexts, we can begin to make use of the declarative security features
of :app:`Pyramid`.
We'll modify our ````, passing in a :term:`root factory` to our
-:term:`Configurator` constructor. We'll point it at a new class we create
-inside our ```` file. Add the following statements to your
-```` file:
-.. literalinclude:: src/authorization/tutorial/
- :lines: 1-4,35-39
- :linenos:
- :language: python
+:term:`Configurator` constructor. We'll point it at the new class we created
+inside our ```` file.
The ``RootFactory`` class we've just added will be used by :app:`Pyramid` to
construct a ``context`` object. The context is attached to the request
@@ -78,25 +73,28 @@ information about what an :term:`ACL` represents.
We'll pass the ``RootFactory`` we created in the step above in as the
``root_factory`` argument to a :term:`Configurator`.
-Configuring an Authorization Policy
+Add an Authorization Policy and an Authentication Policy
+We're going to be making several changes to our ```` file which
+will help us configure an authorization policy.
For any :app:`Pyramid` application to perform authorization, we need to add a
```` module (we'll do that shortly) and we'll need to change our
```` file to add an :term:`authentication policy` and an
:term:`authorization policy` which uses the ```` file for a
-We'll change our ```` file to enable an
-``AuthTktAuthenticationPolicy`` and an ``ACLAuthorizationPolicy`` to enable
-declarative security checking. We need to import the new policies:
+We'll enable an ``AuthTktAuthenticationPolicy`` and an ``ACLAuthorizationPolicy``
+to implement declarative security checking. Open ``tutorial/`` and
+add these import statements:
.. literalinclude:: src/authorization/tutorial/
:lines: 2-3,7
:language: python
-Then, we'll add those policies to the configuration:
+Now add those policies to the configuration:
.. literalinclude:: src/authorization/tutorial/
:lines: 16-22
@@ -112,7 +110,7 @@ represented by this policy: it is required. The ``callback`` is a
haven't added that module yet, but we're about to.
Viewing Your Changes
When we're done configuring a root factory, adding a authentication and
authorization policies, and adding routes for ``/login`` and ``/logout``,
@@ -122,11 +120,12 @@ your application's ```` will look like this:
:language: python
-Adding ````
+Adding an authentication policy callback
-Add a ```` module within your package (in the same directory as
-:file:``, :file:``, etc.) with the following content:
+Add a ``tutorial/`` module within your package (in the same
+directory as :file:``, :file:``, etc.) with the
+following content:
.. literalinclude:: src/authorization/tutorial/
@@ -152,7 +151,7 @@ and the permission associated with the ``add_page`` and ``edit_page``
views, the ``editor`` user should be able to add and edit pages.
Adding Login and Logout Views
To our ```` we'll add a ``login`` view callable which renders a login
form and processes the post from the login form, checking credentials.
@@ -203,7 +202,10 @@ head of the ```` file:
:language: python
Changing Existing Views
+Add permision declarations
Then we need to change each of our ``view_page``, ``edit_page`` and
``add_page`` view callables in ````. Within each of these views,
@@ -216,6 +218,9 @@ something like this to each view body:
from import authenticated_userid
logged_in = authenticated_userid(request)
+Return a logged_in flag to the renderer
We'll then change the return value of these views to pass the `resulting
`logged_in`` value to the template, e.g.:
@@ -250,16 +255,16 @@ a user whom is a member of the group named ``group:editors`` will able to
invoke the views associated with the ``add_page`` or ``edit_page`` routes.
Adding the ```` Template
Add a ```` template to your templates directory. It's
referred to within the login view we just added to ````.
.. literalinclude:: src/authorization/tutorial/templates/
:language: xml
-Change ```` and ````
+Add a "Logout" link when logged in
We'll also need to change our ```` and ```` templates to
display a "Logout" link if someone is logged in. This link will
@@ -294,7 +299,7 @@ Our ```` template will look something like this when we're done:
:language: xml
Viewing the Application in a Browser
We can finally examine our application in a browser. The views we'll
try are as follows:

0 comments on commit 1f19c7a

Please sign in to comment.