Defaults to first-matching, should be an option to require all.
Problematic sample case:
@when(when.authenticated)
class Example:
@when(when.administrative)
def example(self): pass
The expectation would be that /example is more secure than /, but when.authenticated always returns an authoritative (non-None) answer. This short-circuits further evaluation, forcing the explicit use of inherit=False.
Alternatively: evaluate how rules are nested and evaluated. Should we reverse the order of evaluation, to deepest-first?
Defaults to first-matching, should be an option to require all.
Problematic sample case:
The expectation would be that
/example
is more secure than/
, butwhen.authenticated
always returns an authoritative (non-None
) answer. This short-circuits further evaluation, forcing the explicit use ofinherit=False
.Alternatively: evaluate how rules are nested and evaluated. Should we reverse the order of evaluation, to deepest-first?