collective.powertoken.core 0.3.0

Registering more that one action

You can also register (and then run all of theme) more that one action for a token.

>>> token = utility.enablePowerToken(document, 'myMagicAction')
>>> utility.addAction(document, token, 'myMagicAction')
>>> utility.addAction(document, token, 'aDifferentAction')

When you consume the token, all registered actions are executed in order.

>>> result = utility.consumeActions(document, token)

What action is executed?

This is only the core package so you need to look for other packages that add possible actions (or develop your own).

When you call:

>>> token = utility.enablePowerToken(document, 'myMagicAction', parameter1='foo', parameter2=5)

… you are preparing the call for an adapter called myMagicAction, saving also additional configuration parameters provided (in a special action object, see below). Know that 3rd party adapter can require specific configuration parameters to works properly.

When consumeActions is called, internally a new adapter is searched:

>>> from collective.powertoken.core.interfaces import IPowerActionProvider
>>> adapter = getMultiAdapter((document, request),
...                           IPowerActionProvider,
...                           name='myMagicAction')
>>> result = adapter.doAction(action, runtime_parameter1='foo', runtime_parameter2=5.4)

What to do with results (you can also don’t provide results) is under your control. Result is always a Python list with all results from all executed actions.

A list of all know action providers is available online (feel free to contribute and update this page with your own).

Special parameters

When calling enablePowerToken and you give additional parameters, they are stored in the action object:

roles

Default to empty list. Commonly when you call consumeActions you are performing an action keeping user’s privileges. Providing there a list of Zope roles will give you those roles instead. In this way, knowing a token, you can commonly perform unauthorized actions.

oneTime

Default to True. When you call consumeActions you commonly execute the action and remove the action from the action list. Instead you can configure an action that never expire the token when executed, so you can call it many times as you want (using the same token every time).

params

Default is an empty dict, automatically filled with every other keyword argument passed, commonly used by adapters.

Additional advanced, parameters:

unrestricted

Defaut: False. Use an unrestricted user, that always pass security check. Please note that you commonly don’t need this, just configure well roles.

username

Defaut: None. When using a different security context, like when using the roles parameter, instead of the current user’s id (or an empty string when anonymous) you can choose a new one.

0.3.0 (2012-02-15)

• now you can add runtime parameters when consuming actions [keul]

• updated documentation and fixed from errors [keul]

0.2.0 (2012-01-15)

• added new option: unrestricted (you commonly don’t need this, really) [keul]

• added new option: username [keul]

0.1.0 (2012-01-11)

• Initial release