Python for Entrepreneurs Transcripts
Chapter: Build web apps with Pyramid: Applied web development
Lecture: Concept: Plugging leaky actions
Login or
purchase this course
to watch this video and the rest of the course contents.
0:02
These controllers through Pyramid handlers are awesome, and they really make working with your code and organizing it super easy,
0:11
but one of the challenges you run into in this nice and easy routing that we've set up, this pattern matching we've set up, is methods
0:19
that are not necessarily intended to be public, can become externally callable via some URL.
0:26
So in this example we've got something that is meant to be mapped to your URL, the index and you can see it checks and says if there is no data
0:33
we are going to reset the data and then we are going to do something else. Now maybe that reset data has consequences
0:38
you don't want people to be able to mess with, and because we've written good, small organized code, we have this broken
0:47
into different functions, and things like that, but because it is a function, on a controller class, it is executable by default
0:54
we probably don't want that so imagine what we would get if we went to /server/home/reset_data
1:01
maybe it's fine but maybe it's not and if it's not, what do you do about it? Well, you saw that we can create this suppress decorator,
1:07
it's also an action decorator, it just happens to change the target request method in HTTP.
1:13
So basically we tell Pyramid handlers "look, this function should only be called
1:17
if the browser sends not an HTTP verb-type request, instead of get post" and so on, let me just put that @suppress onto the various methods
1:28
we want to basically make inaccessible by using the invalid HTTP verb. Now we can safely put these methods on our controller classes
1:35
and we won't be concerned about them possibly getting called inappropriately.