[Twisted-web] Finer-Grained Security System for Twisted Web/Nevow?
glyph at divmod.com
glyph at divmod.com
Mon Apr 20 04:15:04 EDT 2009
On 12:32 am, michal.dtz at gmail.com wrote:
>2009/4/19 Jeff Rush <jeff at taupro.com>:
>I think I like the current approach... Once you learn how to use it
>and how to set it up properly (this is a key phrase here), it will
>take a few things off your head. Even if setting it up is cumbersome,
>the idea of web resource wrapping an avatar object is pretty cool, as
>you don't have to put access control logic into web resource objects
>-- you just enable these and these resources for that level of
>privleges, which in fact gives you fine-grained security model.
I agree with you that the way guard/cred work is kind of neat, but it's
kind of neat as a cooperative low-level primitive for building more
full-featured systems on top of. I can see the OP's point here: for a
lot of use-cases, it's incomplete and you need to do a lot of extra
work. Work which isn't particularly well documented.
It would be really nice if we had more examples of *how* to build things
on top of it. If anyone reading this thread has some code to link to, I
encourage you to share it. Mantissa's sharing system is a good example,
but it does a lot more than just wrap resources in a few simple
permissions. Also, as you say:
>unfortunatley, it is not a very well documented piece of software.
I look forward to your doc patches ;-).
More information about the Twisted-web
mailing list