Qwait's Blog

After reviewing apex’s code I noticed a flaw in its models. The AuthUser model has a function named get_profile, similar to Django’s auth get_profile, this function returns a user’s profile. This function was formally a classmethod, where the signed in user could only access their profile.

Sadly, this code couldn’t have been used on any social site currently in production. The code has been fixed to be an instancemethod function, and now any use of the AuthUser model can access the get_profile function. This fix was pushed in commit e94e63fcfe6495163517e164b9ac5f017e1fe7d4

Tags: apex

This entry was posted on Wednesday, November 2nd, 2011 at 2:07 am and is filed under Pyramid, Python. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.