pywebtools.pyramid.decorators – Decoratorators

The decorators module contains function decorators for use with the authentication framework.


Inserts the currently logged in User into the request parameter under the attribute current_user. If there is no logged in user, then an anonymous User is created.

Used in view functions.


Checks that the current user is logged in, otherwise redirects to the login page. Requires that the current_user() decorator is run first.

pywebtools.pyramid.auth.decorators.require_permission(permission=None, class_=None, request_key=None, action=None)

Checks whether the current user has the given permission. Supports two modes:

If you provide the permission parameter and it will use has_permission() to check whether the current user has the given permission. If not, it raises HTTPUnauthorised.

Alternatively if you provide class_, request_key, and action parameters it will run a SQLAlchemy query for the class_, filtering == request.matchdict[request_key]. If that returns a result, then it will use the class_‘s allow to check whether the current user is allowed to perform the given action. If not it raises HTTPUnauthorised. If no result is returned then it will raise HTTPNotFound.

  • permission (str) – The permission to check the user for
  • class (class) – The SQLAlchemy ORM class to use for finding the instance that matches the request_key value
  • request_key (str) – The key to use for getting a unique identifier from the request.matchdict to use in finding an instance of class_
  • action (str) – The action to check for with the instance of class_

The decorated function’s return value

pywebtools.pyramid.auth.decorators.unauthorised_redirect(request, redirect_to=None, message=None)

Provides standardised handling of “unauthorised” redirection. Depending on whether the user is currently logged in, it will set the appropriate error message into the session flash and redirect to the appropriate page. If the user is logged in, it will redirect to the root page or to the redirect_to URL if specified. If the user is not logged in, it will always redirect to the login page.

  • request – The pyramid request
  • redirect_to (unicode) – The URL to redirect to, if the user is currently logged in.
  • message (unicode) – The message to show to the user