Chapter 22.2. Validating User Access with Identity
The Identity package includes several features that you can use to create more complex validation logic. The validation method names are self-explanatory; however, you should remember that the values you are checking against are strings from the database. If you wanted to verify that a user was in the admin group you’d write:
@require(identity.in_group("admin")
Here’s a list of the methods you can use to validate that a user has permission to access a resource.
not_anonymous
in_group
in_all_groups
in_any_group
has_permission
has_all_permissions
has_any_permission
from_host
from_any_host
There are also two special methods, Any and All, which allow you to combine any number of the above checks into ...
Get Rapid Web Applications with TurboGears: Using Python to Create Ajax-Powered Sites now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.