<html><head></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; "><br><div><div>On Feb 23, 2012, at 4:09 PM, Jacek Furmankiewicz wrote:</div><br class="Apple-interchange-newline"><blockquote type="cite"><span class="Apple-style-span" style="border-collapse: separate; font-family: Menlo; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: 2; text-align: -webkit-auto; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: 0px; -webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; font-size: medium; ">Ah, I think I get it.</span></blockquote><div><br></div><div>Hooray!</div><br><blockquote type="cite"><span class="Apple-style-span" style="border-collapse: separate; font-family: Menlo; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: 2; text-align: -webkit-auto; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: 0px; -webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; font-size: medium; "><div>So Avatar = root resource that this user can access, correct?</div></span></blockquote><div><br></div>Yes, that is exactly correct!</div><div><br></div><div>(More generally: root protocol-specific thing that a user can access, since this applies to other authenticated protocols as well, and ideally, eventually, all protocols within Twisted.)</div><div><br><blockquote type="cite"><span class="Apple-style-span" style="border-collapse: separate; font-family: Menlo; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: 2; text-align: -webkit-auto; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: 0px; -webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; font-size: medium; "><div>That is quite flexible actually. It's like you can serve a totally different application (i.e. resource) to the user depending on their credentials/roles/etc.</div></span></blockquote><div><br></div><div>Yup. And you can write wrappers in whatever way you see fit. The idea is that instead of inserting "self.makeSureItIsSecure()" checks in (or decorators on) every single method, users without the proper authentication can't even <i>access the objects</i> whose methods they want to call; there's no security error, just a 404. This means that it's much harder to make the mistake where you grant too much authority to anonymous users.</div><br><blockquote type="cite"><span class="Apple-style-span" style="border-collapse: separate; font-family: Menlo; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: 2; text-align: -webkit-auto; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: 0px; -webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; font-size: medium; "><div>I will wrap my head around it a bit more in the coming weeks and see how I can add the functionality I want (able to add fine grained security per REST method on a resource)</div><div>while working in spirit with the twisted.web.guard approach.</div></span></blockquote><div><br></div><div>Great. I'm really enthusiastic to see what you come up with. Feel free to continue discussing ideas on this list as you're thinking through them - this is an area of Twisted that could stand to be talked about a lot more :).</div><br><blockquote type="cite"><span class="Apple-style-span" style="border-collapse: separate; font-family: Menlo; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: 2; text-align: -webkit-auto; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: 0px; -webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; font-size: medium; "><div>Thanks to everyone for your help</div></span></blockquote></div><br><div>Always happy to help someone through to the point of actual understanding!</div><div><br></div><div>-glyph<br><br></div></body></html>