1. Dan Jacob
  2. satchel

Commits

danjac  committed 284f0ac

fix admin context perms

  • Participants
  • Parent commits d9a06bb
  • Branches default

Comments (0)

Files changed (2)

File satchel/templates/default_project/+package+/models/root.py_tmpl

View file
 from UserDict import UserDict
 
 from pyramid.security import Allow
-from pyramid.security import Deny
 from pyramid.security import Everyone
 from pyramid.security import DENY_ALL
 from pyramid.security import ALL_PERMISSIONS
+from pyramid.exceptions import Forbidden
 
 from zope.interface import implements
 
 
         if request.user:
             self['account'] = request.user
+        else:
+            self['account'] = Forbidden()
 
         admin = AdminContainer(self)
         if request.has_permission(admin):
             self['admin'] = admin
+        else:
+            self['admin'] = Forbidden()
 
 
 class AdminContainer(UserDict):

File satchel/templates/default_project/+package+/views/auth.py_tmpl

View file
     request_method='GET')
 @view_config(
     context=Forbidden,
+    permission='__no_permission_required__',
     renderer='login.mako',
     request_method='GET')
 def login(context, request):
     request_method='POST')
 @view_config(
     context=Forbidden,
+    permission='__no_permission_required__',
     renderer='login.mako',
     request_method='POST')
 def do_login(context, request):