I would like to create a repoze custom predicate checker that is capable to access url parameters and validate something. But I would like to use allow_only to set this permission checker in all the controller's scope. Something like:
class MyController(BaseController):
allow_only = All(not_anonymous(msg=l_(u'You must be logged on')),
my_custom_predicate(msg=l_(u'something wrong')))
def index(self, **kw):
return dict()
then, my_custom_predicate should check the url paramters for every request in every MyController method, and do whatever it do. The problem is just that: how to allow my_custom_predicate to check the url parameters, using it in that way I wrote above.
May be you need to use ControllerProtector
from repoze.what.plugins.pylonshq import ControllerProtector
allow_only = All(not_anonymous(msg=l_(u'You must be logged on')),
my_custom_predicate(msg=l_(u'something wrong')))
@ControllerProtector(allow_only)
class MyController(BaseController):
def index(self, **kw):
return dict()
See docs at http://code.gustavonarea.net/repoze.what-pylons/API.html