Typical nightmare situation, when it comes to last-minute tasks, right?
Not with twisted.cred, it isn't. Basically, all I had to do was create an interface for each group that needed to be represented. I then did the following:
- updated the function that instantiates the RPC parent and subhandlers, instantiating the right ones based on the passed interfaces
- updated the avatar realm to choose the correct interface for a given group type
- subclassed the root page for each group that needed a different page
The interfaces, a few methods (implements/implementer, providedBy), and the amazing functionality provided by twisted.cred -- that's all that was needed. I've never written my own access control code before, and it took less time with cred to actually implement the thing than the "simple" mere configuration that other systems take. Really. It went so quickly and smoothly that I spent the time saved adding some nifty features that take advantage of these changes.