On Wed, Jan 02, 2013 at 01:41:01AM -0500, Michael Pedersen wrote: > My question for you is this: Are you looking for view based permissions > (i.e.: possibly conditional portions of the page being rendered), or are > you looking for row based permissions (i.e.: a specific instance of > model.Thing is only visible to a subset of users)? > The first item is already covered very well by repoze.what predicates. You > can insert <py:if> statements in your code, and get the results you're > expecting. The second case, though, I don't know of a generic way to do > it. It's the second. The admin group can see everything; that's pretty standard repoze.what kind of task.
Everyone else has "thier" instances of particular models. Imagine an online store, the shopwoner can see all Orders but I can only see mine. I can obviously do this in the controller by forcing it to filter on it but was wondering if there was a generic way. > Did you get anywhere with this? If so, how did you handle these issues? I've not gone far with this part so no light yet. - Craig -- Craig Small VK2XLZ http://enc.com.au/ csmall at : enc.com.au Debian GNU/Linux http://www.debian.org/ csmall at : debian.org GPG fingerprint: 5D2F B320 B825 D939 04D2 0519 3938 F96B DF50 FEA5 -- You received this message because you are subscribed to the Google Groups "TurboGears" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/turbogears?hl=en.
