Navigation

deliverance.security – security context/policy

Implements SecurityContext

Contents

Module Contents

class deliverance.security.SecurityContext(execute_pyref=False, display_logging=None, display_local_files=None, edit_local_files=None, force_dev_auth=False)

This represents the security context of the Deliverance request. This is stored in environ['deliverance.security_context'] and is local to the request.

The three primary security-related restrictions are:

  1. Can Python be executed using pyref attributes?
  2. Can logging messages be displayed?
  3. Can local files be displayed?

Each of these is a method that takes the request.

When instantiating, the default value of None means that the value should be guessed from the environment.

This uses the developer auth spec for guessing when a value is None.

Also if you use force_dev_auth=True then DevAuth login will not be required, and at all times you will be logged in as a dev user.

deliverance.security.display_logging(environ)

Get the security context and call .display_logging on it

deliverance.security.display_local_files(environ)

Get the security context and call .display_local_files on it

deliverance.security.execute_pyref(environ)

Get the security context and call .execute_pyref on it

Table Of Contents

Previous topic

deliverance.rules – rules and actions

Next topic

deliverance.selector – selectors (XPath, CSS, etc)

This Page

Navigation

© Copyright 2008, The Open Planning Project. Last updated on Feb 02, 2012. Created using Sphinx 1.0b2.