Python for Entrepreneurs Transcripts
Chapter: Build web apps with Pyramid: Applied web development
Lecture: Concept: Plugging leaky actions
0:02 These controllers through Pyramid handlers are awesome, and they really make working with your code and organizing it super easy,
0:11 but one of the challenges you run into in this nice and easy routing that we've set up, this pattern matching we've set up, is methods
0:19 that are not necessarily intended to be public, can become externally callable via some URL.
0:26 So in this example we've got something that is meant to be mapped to your URL, the index and you can see it checks and says if there is no data
0:33 we are going to reset the data and then we are going to do something else. Now maybe that reset data has consequences
0:38 you don't want people to be able to mess with, and because we've written good, small organized code, we have this broken
0:47 into different functions, and things like that, but because it is a function, on a controller class, it is executable by default
0:54 we probably don't want that so imagine what we would get if we went to /server/home/reset_data
1:01 maybe it's fine but maybe it's not and if it's not, what do you do about it? Well, you saw that we can create this suppress decorator,
1:07 it's also an action decorator, it just happens to change the target request method in HTTP.
1:13 So basically we tell Pyramid handlers "look, this function should only be called
1:17 if the browser sends not an HTTP verb-type request, instead of get post" and so on, let me just put that @suppress onto the various methods
1:28 we want to basically make inaccessible by using the invalid HTTP verb. Now we can safely put these methods on our controller classes
1:35 and we won't be concerned about them possibly getting called inappropriately.