|
Graham Dumpleton
graham.dumpleton at gmail.com
Mon Apr 30 20:00:23 EDT 2007
On 01/05/07, Roger Binns <rogerb at rogerbinns.com> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > I have two separate paths in my web server. One is /admin below which > is a web based administration application. The other is a REST style > api which is available as /api/object/{list,create,delete} > > In the web admin pages, I need to include information from the api but > can't see how to do it. Note that the web administrator will have set > authentication/authorization on the /api path (eg all users can list, > only some can create and delete). > > Effectively I need to be able to construct a new request object within > the admin code pointing to the api code, copy across the authentication > information from the admin request, issue the request and read the results. > > The alternative is for the web administrator to also have to put > authentication and access control on the web admin, but then that is two > locations and the web admin doesn't have the same granularity as the > REST urls+methods. Perhaps look at the req.internal_redirect() method. See: http://www.modpython.org/live/current/doc-html/pyapi-mprequest-meth.html If you need access to req.user of the parent request from the sub request, you have to access req.prev.user from the sub request to get it from memory. Graham
|