Does this help: http://web2py.com/books/default/chapter/29/09?search=accessible_query
On Sunday, January 27, 2013 10:50:13 AM UTC-5, Alan Etkin wrote: > > How do I filter a remote db query when someone sends an unauthorized > select from a browser? I mean I want to check any record permissions with > the auth object for any query (i.e permission, membership, ...). Is this > currently possible (as built-in feature) or I must build my own logic with > the requires method?. > > Something like: > > auth.requires_accessible(<Query object>) > > I belive the above would have performance issues (I guess auth would need > to retrieve the data to perform the checks), but was wondering if there is > something already available for the task > --
