Design¶
Following is a quick overview of the design of our wiki application, to help us understand the changes that we will be making as we work through the tutorial.
Overall¶
We choose to use reStructuredText
markup in the wiki text. Translation
from reStructuredText to HTML is provided by the widely used docutils
Python module. We will add this module in the dependency list on the project
setup.py
file.
Models¶
We’ll be using a SQLite database to hold our wiki data, and we’ll be using SQLAlchemy to access the data in this database.
Within the database, we define a single table named tables, whose elements will store the wiki pages. There are two columns: name and data.
URLs like /PageName
will try to find an element in
the table that has a corresponding name.
To add a page to the wiki, a new row is created and the text is stored in data.
A page named FrontPage
containing the text This is the front page, will
be created when the storage is initialized, and will be used as the wiki home
page.
Views¶
There will be four views to handle the normal operations of adding and editing wiki pages, and viewing pages and the wiki front page. Two additional views will handle the login and logout tasks related to security.
Security¶
We’ll eventually be adding security to our application. The components we’ll use to do this are below.
USERS, a dictionary mapping users names to their corresponding passwords.
GROUPS, a dictionary mapping user names to a list of groups they belong to.
groupfinder
, an authorization callback that looks up USERS and GROUPS. It will be provided in a new security.py file.An ACL is attached to the root resource. Each row below details an ACE:
Action Principal Permission Allow Everyone View Allow group:editors Edit Permission declarations are added to the views to assert the security policies as each request is handled.
Summary¶
The URL, actions, template and permission associated to each view are listed in the following table:
URL | Action | View | Template | Permission |
---|---|---|---|---|
/ | Redirect to /FrontPage | view_wiki | ||
/PageName | Display existing page [2] | view_page [1] | view.pt | view |
/edit_page/PageName | Display edit form with existing content. If the form was submitted, redirect to /PageName |
edit_page | edit.pt | edit |
/add_page/PageName | Create the page PageName in storage, display the edit form without content. If the form was submitted, redirect to /PageName |
add_page | edit.pt | edit |
/login | Display login form. If the form was submitted, authenticate.
|
login | login.pt | |
/logout | Redirect to /FrontPage | logout |
[1] | This is the default view for a Page context when there is no view name. |
[2] | Pyramid will return a default 404 Not Found page if the page PageName does not exist yet. |
[3] | pyramid.exceptions.Forbidden is reached when a user tries to invoke a view that is not authorized by the authorization policy. |