HI,
I've been reading and playing with r.what and I haven't found an example
that explains my needs.
My classes are User, Group, Permission, Album.
I want to give each Album its own group permissions, not just global
permissions like 'edit-album' (like in
http://what.repoze.org/docs/1.x/Manual/ManagingSources.html#retrieving-all-the-available-sections-from-a-source),
in fact, 'edit-album' only makes sense in the presence of an album_id, so I
guess I have to implement something like:
User(id, username, ...)
Group(id, name)
Permission (id, name)
ALBUMPERMISSION(ID, ALBUM_ID, GROUP_ID, PERMISSION_ID)
Please correct me if I'm wrong, r.what only checks wheter or not a Group
is associated to a Permission.
How do I connect these two variables in a single permission (permission_id
and album_id)? I know I'll also have to build my predicates, since most of
the built ins check for global permissions. I'm thinking of something like
[album_access]:
@ActionProtector(album_access(album_id))
def delete(self, album_id)...
Any help would be greatly appreciated.
Regards,
Joo C.
_______________________________________________
Repoze-dev mailing list
Repoze-dev@lists.repoze.org
http://lists.repoze.org/listinfo/repoze-dev
