On Jan 27, 12:52 am, billf <[email protected]> wrote: > 1. The idea of bundling Mail, Auth and Crud in tools.py seems > shortsighted.
remember the purpose of web2py is to bring users up to speed as fast as possible and make the follow good practice. By providing CRUD with rola based access control out of the box we address 90% of the needs. If it not for you do not use it. It is not finished because we are trying to make very very general and modular. > 2. All use of Auth seems to be couched in the context of Crud. No. You can use Auth without Crud and Crud without Auth. We are trying to provide a general API so that you ca use Curd and swap Auth with your own as long as you expose the same basic interface. > 3. So I don't want to use the Crud request format and I want to use > authentication. Then don't. In T2 Auth was based on Crud. That is no longer true in the gluon.tools > Let's say "the admin user" wants to protect the widget record with > id=33 from everyone but him/herself. How do I code the app? Do I > have to code something in every function that could read/list/update/ > delete that record? and if so what do I code? How do I know whether > authentication is 'on' and what resources I need to check? This will be documented. It is much easier than you think. > 4. My company already has an authentication framework. Fine. wrap it in class MyAuth(Auth): pass and expose the same interface so that any app based on the axisting Auth will work with yours too. Massimo --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "web2py Web Framework" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/web2py?hl=en -~----------~----~----~----~------~----~------~--~---
