Let me clarify. You currently can pass auth to functions in modules and they can call auth methods. It is the decorators that would cause problems.
On Wednesday, 25 September 2013 09:23:10 UTC-5, Massimo Di Pierro wrote: > > You cannot with auth. If you pass it to modules you will run into issues > with threads. > Open a ticket we can create a lazy_auth decorator that allows something > like what you want. > > On Wednesday, 25 September 2013 00:10:45 UTC-5, Mandar Vaze wrote: >> >> Even I have come across such requirements. >> Similar to Reza's requirement - we want to allow read operations to >> anyone, but insert/update/delete only for logged in user. Moreover, we also >> want to check auth.has_membership too. >> >> DB operations could be invoked from several different places, different >> controller methods, as well as scripts. >> So as not to repeat same/similar code across various controllers/scripts >> - common method(s) in modules make sense. >> >> While adding @auth. decorators to each calling function is an option (I >> would rather say workaround) - a check at the lowest level where DB >> operation is about to take place, seems like right thing to do. >> >> So again - is it possible ? >> I'm thinking to pass "auth" (and db) object to methods in modules, and >> then call auth.has_membership() and such in each module level method. >> using decorator seems easier/cleaner/nicer that's all. >> >> -Mandar >> >> >> On Monday, April 15, 2013 9:51:19 AM UTC+5:30, Reza Shah wrote: >>> >>> I want to have something like user controller in default.py. >>> def user(): >>> """ >>> exposes: >>> http://..../[app]/default/user/login >>> http://..../[app]/default/user/logout >>> http://..../[app]/default/user/register >>> http://..../[app]/default/user/profile >>> """ >>> return dict(form=auth()) >>> >>> So i would like to have: >>> def item(): >>> """ >>> http://..../[app]/default/item/list >>> http://..../[app]/default/item/add_product >>> """ >>> return dict(form=product()) >>> >>> And when user invoke url for add_product, the request should be rejected >>> if not login yet, i though i just decorate the add_product function in >>> module with @auth. >>> I think i should try your suggestion to check for the auth beforehand >>> and invoke the proper method of Product class. >>> >>> On Monday, April 15, 2013 1:03:49 AM UTC+9, Anthony wrote: >>>> >>>> Can you show the code where you are calling the add_product() method? >>>> Using the @auth.requires_login() decorator is not the only way to control >>>> access. You can also do "if auth.user:" to test for login before allowing >>>> a >>>> method to be called. >>>> >>>> Anthony >>>> >>>> On Sunday, April 14, 2013 7:06:15 AM UTC-4, Reza Shah wrote: >>>>> >>>>> Hi, >>>>> >>>>> I'm learning web2py and i want to put my business logic inside a class >>>>> in module. >>>>> I like to have a behaviour similar to user controller inside >>>>> default.py which exposes several functions. >>>>> >>>>> I have a controller item which i put inside default.py >>>>> def item(): >>>>> return dict(form=product()) >>>>> >>>>> in module i create product class >>>>> >>>>> class Product(object): >>>>> def __init__: >>>>> >>>>> def list(self): >>>>> >>>>> @auth.requires_login() >>>>> def add_product(self): >>>>> >>>>> The Product.list function can be accessed by anyone, but for adding >>>>> new product need user login first. >>>>> Is this possible? >>>>> Does the auth can used directly or i need to import something first? >>>>> >>>>> Thank, >>>>> Reza >>>>> >>>> -- Resources: - http://web2py.com - http://web2py.com/book (Documentation) - http://github.com/web2py/web2py (Source code) - https://code.google.com/p/web2py/issues/list (Report Issues) --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
