Insert processing before and after the view function in Pyramid's own View Decorator

[2015/3/20 Updated to the contents found by various investigations. Something different]

With user authentication & Authenticated page, the user name is displayed in the header part on any screen, and the standard processing when creating a common Web application is automated.

--Define a view_decorator that allows the view to run only if you are authenticated and have the permission user --Similarly, allow view to be executed only with the permission of admin --Access the User object by accessing request.user --Run SQL and search for models.User only the first time you access it

def permission_view_config(permission):
    def pvc(**params):
        settings = dict(permission=permission, _depth=1)
        settings.update(params)

        def wrapped_view_config(original_func):
            return view_config(**settings)(original_func)
        return wrapped_view_config
    return pvc


user_view_config = permission_view_config('user')
admin_view_config = permission_view_config('admin')

__init__.py


def groupfinder(user_code, request):
    if not request.user:
        return []
    elif request.user.is_admin:
        return ['group:users', 'group:admin']
    else:
        return ['group:users']


def get_user(request):
    user_id = unauthenticated_userid(request)
    if user_id is not None:
        return DBSession.query(User).get(user_id)


class RootFactory(object):
    __acl__ = [
        (Allow, 'group:users', 'user'),
        (Allow, 'group:admin', 'admin')
    ]

    def __init__(self, request):
        pass


def main(global_config, **settings):
    # ...
    config = Configurator(settings=settings, root_factory='.RootFactory')

    #Get when you access the user property of request_Specify that you should be a user. This is important.
    config.set_request_property(get_user, 'user', reify=True)

    authn_policy = AuthTktAuthenticationPolicy('...', callback=groupfinder, hashalg='sha512')
    authz_policy = ACLAuthorizationPolicy()
    config.set_authentication_policy(authn_policy)
    config.set_authorization_policy(authz_policy)
    # ...

If you use it like this

views.py


@user_view_config(route_name='index', renderer='templates/index.jinja2')
def index(request):
    #This is only for people who have user permission
    do_something_with(request.user)  #user can be used
    return {'name': 'my_app'}

@admin_view_config(route_name='index', renderer='templates/add_user.jinja2')
def add_user(request):
    #This is only for those who have admin permission
    do_something_with(request.user)  #user can be used
    return {'name': 'my_app'}

inspired by Implement a custom View Decorator in Pyramid

Recommended Posts

Insert processing before and after the view function in Pyramid's own View Decorator
Notify the contents of the task before and after executing the task in Fabric
View the result of geometry processing in Python
How to define Decorator and Decomaker in one function
Remove double-byte spaces before and after the character string (python)
[python] plot the values ​​before and after the conversion of yeojohnson conversion
A function that measures the processing time of a method in python
[C / C ++] [GCC] __attribute __ ((constructor)) to execute processing before and after main