Group Access in Twisted
Posted on April 28, 2006 by oubiwann
This is a rant – a positive one. twisted.cred is freaking brilliant. I've had to use it in the past to write my own credential checkers, so I've dabbled a bit. I was thrilled then because of the ease with which I was able to glue systems together. But tonight, I needed to add last-minute support for group access control to a twisted/nevow application and nevow resources that use JSON-RPC. The customer now wants different page views/menus for different classes of user; in addition, they have a new set of RPC
methods that should only be accessible to privileged users.
Typical nightmare situation, when it comes to last-minute tasks, right?
Not with twisted.cred, it isn't. Basically, all I had to do was create an interface for each group that needed to be represented. I then did the following:
The interfaces, a few methods (implements/implementer, providedBy), and the amazing functionality provided by twisted.cred – that's all that was needed. I've never written my own access control code before, and it took less time with cred to actually implement the thing than the "simple" mere configuration that other systems take. Really. It went so quickly and smoothly that I spent the time saved adding some nifty features that take advantage of these changes.
Typical nightmare situation, when it comes to last-minute tasks, right?
Not with twisted.cred, it isn't. Basically, all I had to do was create an interface for each group that needed to be represented. I then did the following:
- updated the function that instantiates the RPC parent and subhandlers, instantiating the right ones based on the passed interfaces
- updated the avatar realm to choose the correct interface for a given group type
- subclassed the root page for each group that needed a different page
The interfaces, a few methods (implements/implementer, providedBy), and the amazing functionality provided by twisted.cred – that's all that was needed. I've never written my own access control code before, and it took less time with cred to actually implement the thing than the "simple" mere configuration that other systems take. Really. It went so quickly and smoothly that I spent the time saved adding some nifty features that take advantage of these changes.
| Author | oubiwann |
|---|---|
| Date | April 28, 2006 |
| Time | 05:02:08 |
| Category | |
| Tags | authentication cred howtos python twisted |
| Line Count | 1 |
| Word Count | 287 |
| Character Count | 2088 |
Comments?
This blog doesn't use standard (embedded) comments; however, since
the site is hosted on Github, if there is
something you'd like to share, please do so by
opening a
"comment" ticket!