kotti.request¶
-
class
kotti.request.
Request
(environ, charset=None, unicode_errors=None, decode_param_names=None, **kw)[source]¶ Bases:
pyramid.request.Request
Kotti subclasses
pyramid.request.Request
to make additional attributes / methods available on request objects and override Pyramid’spyramid.request.Request.has_permission()
. The latter is needed to support Kotti’s concept of local roles not just for users but also for groups (kotti.security.list_groups_callback()
).-
user
¶ Add the authenticated user to the request object.
Result: the currently authenticated user Return type: kotti.security.Principal
or whatever is returned by the custom principals database defined in thekotti.principals_factory
setting
-
has_permission
(permission, context=None)[source]¶ Check if the current request has the given permission on the current or explicitly passed context. This is different from
pyramid.request.Request.has_permission`()
in that a context other than the one bound to the request can be passed. This allows to consider local roles for the check.Parameters: - permission (str) – name of the permission to check
- context (
kotti.resources.Node
) – context for which the permission is checked. Defaults to the context on which the request invoked.
Result: True if has_permission, False else
Return type: bool
-