[pycsw-devel] Custom CSW-class implementation
Tom Kralidis
tomkralidis at gmail.com
Sat Jun 25 05:00:07 PDT 2016
Hi Igor:
You could certainly go this route. Other options (which I've seen):
- do not subclass but implement a WSGI wrapper which intercepts the request
before sending to pycsw.ogc.csw.csw2.Csw2.dispatch(). Note this is probably
better applied to the entire endpoint, and more suited to
authentication as opposed
to authorization
- add a column to the model to support authorization and update the repository
code with authorization checks as part of querying the database
Having said this, your approach is valid and I'm interested to see how
this works
out. We could update the documentation with this use case of custom
implementation of pycsw.
Thanks!
..Tom
On Tue, Jun 21, 2016 at 2:05 AM, Igor Chernikov
<igorchernikov23 at gmail.com> wrote:
> Hi. In our application we have the concept of public/private resources - all
> public resources are available to the outside world, while private resources
> are for authenticated users only. All resources are published using pycsw
> for now and application uses GetRecords-requests for searching, but we need
> to hide private resources from unauthorized users. My goal is to provide
> custom authentication logic for GetRecords and GetRecordById requests.
> My idea is to create subclass of pycsw.ogc.csw.csw2.Csw2 class and override
> it's corresponding methods. Something like this:
>
> class MyCsw(Csw2):
> def getrecords(self):
> some_authentication_logic()
> ...
>
> But in the docs I have not found ways to use custom class as
> CSW-implementation. Are there ways to solve my problem, or is my idea
> obviously bad?
>
> Thanks for your great work!
>
>
> Igor Chernikov
>
More information about the pycsw-devel
mailing list