1
2
3 __all__ = [
4 'has_permission'
5 ]
6
7 import logging
8
9 import turbogears.config as tgconf
10 import turbogears.identity as tgid
11
12 from eggbasket import model
13
15 """Checks if user attached to current identity has given permission.
16
17 This extends the standard ``identity.has_permission`` predicate in
18 that it allows to define extra groups for anonymous users (named
19 "anonymous" per default) and all authenticated users ("authenticated")
20 to which additional permissions for these groups of users can be attached.
21
22 You can set the names of the extra groups in the configuration with the
23 ``identity.anonymous_groups`` resp. ``identity.authenticated_groups``.
24 Both settings expect a list of group names. Appropriatly named groups
25 must be created in the database, but if they are missing the check will
26 still work but always fail for anonymous users.
27
28 """
29
30 error_message= "Permission denied: %(permission_name)s"
31
32 - def __init__(self, permission_name, error_message=None):
36
58