From 81f261c64ae057293947a71d2493307b1e5987df Mon Sep 17 00:00:00 2001
From: Timothy Allen <Timothy.Allen@optiver.com.au>
Date: Wed, 19 Nov 2014 11:59:26 +1100
Subject: [PATCH] Expand docstrings for .login_required() and .group_required()
Now .login_required() and .group_required() document what they require
LDAP_LOGIN_VIEW to do.
---
flask_simpleldap/__init__.py | 19 +++++++++++++++----
1 file changed, 15 insertions(+), 4 deletions(-)
diff --git a/flask_simpleldap/__init__.py b/flask_simpleldap/__init__.py
index be9171a..0a7359a 100644
--- a/flask_simpleldap/__init__.py
+++ b/flask_simpleldap/__init__.py
@@ -222,8 +222,13 @@ class LDAP(object):
@staticmethod
def login_required(func):
- """Used to decorate a view function to require LDAP login but does NOT
- require membership from a specific group.
+ """When applied to a view function, any unauthenticated requests will
+ be redirected to the view named in LDAP_LOGIN_VIEW. Authenticated
+ requests do NOT require membership from a specific group.
+
+ The login view is responsible for asking for credentials, checking
+ them, and setting ``flask.g.user`` to the name of the authenticated
+ user if the credentials are acceptable.
:param func: The view function to decorate.
"""
@@ -237,8 +242,14 @@ class LDAP(object):
@staticmethod
def group_required(groups=None):
- """Used to decorate a view function to require LDAP login AND membership
- from one of the groups within the groups list.
+ """When applied to a view function, any unauthenticated requests will
+ be redirected to the view named in LDAP_LOGIN_VIEW. Authenticated
+ requests are only permitted if they belong to one of the listed groups.
+
+ The login view is responsible for asking for credentials, checking
+ them, and setting ``flask.g.user`` to the name of the authenticated
+ user and ``flask.g.ldap_groups`` to the authenticated's user's groups
+ if the credentials are acceptable.
:param list groups: List of groups that should be able to access the view
function.
--
GitLab