Auth & Perms: improve wording.

ba8b0bc3 · Petrus J.v.Rensburg · 69547375 · ba8b0bc3
Commit ba8b0bc3 authored Jun 27, 2015 by Petrus J.v.Rensburg
Hide whitespace changes
Inline Side-by-side

Showing with 24 additions and 14 deletions

authorisation_and_permissions.rst doc/authorisation_and_permissions.rst +24 -14

No files found.
--- a/doc/authorisation_and_permissions.rst
+++ b/doc/authorisation_and_permissions.rst
 Authorisation & Permissions
 =================================
+When setting up an admin interface for your application, one of the first problems
+you'll want to solve is how to keep unwanted users out. With Flask-Admin there
+are a few different ways of approaching this.

 HTTP Basic Auth
 ------------------------
@@ -14,32 +17,39 @@ easy it is to put your whole application behind HTTP Basic Auth.
 Unfortunately, there's no easy way of applying HTTP Basic Auth just to your admin
 interface.

-
 Rolling your own
 --------------------------------
-For a more polished access control & permission handling experience, you could
-write it yourself if you need to have total control over the functionality. Here,
-a low-level library like
-`Flask-Login <https://flask-login.readthedocs.org/>`_ could make your life
-a bit easier.
+For a finer-grained solution, Flask-Admin lets you define access control rules
+on each of your admin view classes by simply overriding the `is_accessible` method.
+How you implement the logic is up to you, but if you were to use a low-level library like
+`Flask-Login <https://flask-login.readthedocs.org/>`_, then restricting access to a set of views
+could be as simple as::
+
+    class MyModelView(sqla.ModelView):
+
+        def is_accessible(self):
+            return login.current_user.is_authenticated()
+
+However, you would still need to implement all of the relevant login /
+registration views yourself.

-If you like this approach, have a look at the example at
+If you like this approach, then have a look at the example at
 https://github.com/flask-admin/Flask-Admin/tree/master/examples/auth-flask-login
 to get started.

 Using Flask-Security
 --------------------------------

-If you want a lot of functionality for little effort: you could
+If you want to get started quicker, you could
 use `Flask-Security <https://pythonhosted.org/Flask-Security/>`_,
-which is a higher-level library. It comes with lots of builtin views for doing common things like confirming
-email addresses, resetting passwords, etc.
+which is a higher-level library. It comes with lots of builtin views for doing
+common things like registration, login, email address confirmation, password resets, etc.

 The complicated bit, is making the builtin Flask-Security views work together with the
-Flask-Admin templates, to create a consistent experience for your users. In order to
-do this, you will need to override the builtin Flask Security templates and have them
-extend the Flask-Admin base template. To do this, just add the following to the top
-of each template::
+Flask-Admin templates, to create a consistent experience for your users. To
+do this, you will need to override the builtin Flask-Security templates and have them
+extend the Flask-Admin base template by adding the following to the top
+of each file::

    {% extends 'admin/master.html' %}