On Monday 07 July 2008 18:00:47 jlar wrote: > Hi, > > In many cases the User, Group and (binary) Permission structure of the > identity module is great for my purposes. I do however have a need for > non-binary permission. For example I would like to allow my users to > only be allowed to input x > [some user dependent float] into my > controller methods. Other users will have other limits. I am not sure > how to solve this problem (my experience with permissions is very > limited). Do you have any suggestions?
Use a validator for that. The validator should check the user and obtain the limit that he can use on data. This is not something that Identity was supposed to be doing when it was planned and by putting it in a validator you will end up with a more flexible design. > I could of course add some attributes to the User class (xmin in the > above example) but that would kind of defeat the purpose of having the > User, Group, Permission structure. Another option would be to modify User, Group and Permission are *NOT* targetting what you want. Authentication and Authorization to a basic level is the purpose of it. Anything more than that and you have to code your own classes to handle things. > the Permission class (or make a similar class) but I am not sure how I > should do that. Any pointers? There are lots of discussions about that on the archives and also there is information at the wiki. -- Jorge Godoy <[EMAIL PROTECTED]> --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "TurboGears" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/turbogears?hl=en -~----------~----~----~----~------~----~------~--~---
