Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- def _check_security(self):
- predicate = getattr(self, 'allow_only', None)
- if predicate is None:
- return True
- try:
- predicate.check_authorization(pylons.request.environ)
- except WhatNotAuthorizedError, e:
- reason = unicode(e)
- if hasattr(self, '_failed_authorization'):
- # Should shortcircut the rest, but if not we will still
- # deny authorization
- self._failed_authorization(reason)
- if not_anonymous().is_met(request.environ):
- # The user is authenticated but not allowed.
- code = 403
- status = 'error'
- else:
- # The user has not been not authenticated.
- code = 401
- status = 'warning'
- pylons.response.status = code
- flash(reason, status=status)
- abort(code, comment=reason)
- except NotAuthorizedError, e:
- reason = getattr(e, 'msg', 'You are not Authorized to access this Resource')
- code = getattr(e, 'code', 401)
- status = getattr(e, 'status', 'error')
- pylons.response.status = code
- flash(reason, status=status)
- abort(code, comment=reason)
Add Comment
Please, Sign In to add comment