[web2py] Re: help with user_signature

[P T]

Sorry, I made a silly error is using the user_signature. It should be a 
part of URL call. This line should read (note the change in ")" bracket)

grid = SQLFORM.grid(query, links = [lambda row: A('Results', _class='btn',_href
=URL("default","calculate", args=[row.id],user_signature=True, hash_vars=
True))],csv=False, oncreate=scenario_create)


On Wednesday, October 2, 2013 2:39:42 PM UTC-5, P T wrote:
>
> I am using version 2.6.4 on Windows 7 machine and having a problem with 
> using user_signature and auth.requires_signature. 
>
> I am using SQLFORM.grid to display a list of scenarios created by the 
> logged-in user. I included an additional button "Results", which calls 
> another function "calculate" and passing the row.id. This works fine but 
> the logged-in user can simply type an url like "
> http://127.0.0.1:8000/test/default/calculate/12"; and view results from 
> other users' scenarios.
>
> @auth.requires_login()
> def listscenarios():
>    query = (db.scenario.created_by == auth.user.id)
>    grid = SQLFORM.grid(query, links = [lambda row: A('Results', _class=
> 'btn', _href=URL("default","calculate", args=[row.id]))],csv=False,oncreate
> =scenario_create)
>    return dict(grid=grid)
>
> def calculate():
>     if not request.args(0):
>         return ''
>     else:
>         ## do the required calculations
>         
>     redirect(URL('voltageprofile'))
>
>
> By reading the book and searching the group, I decorated the functions 
> with user_signature and auth.requires_signature. But, now I get "Not 
> authorized" page for all users. 
>     
>
> @auth.requires_login()
> def listscenarios():
>    query = (db.scenario.created_by == auth.user.id)
>    grid = SQLFORM.grid(query, links = [lambda row: A('Results', _class=
> 'btn', _href=URL("default","calculate", args=[row.id]),user_signature=True
> , hash_vars=True)],csv=False, oncreate=scenario_create)
>    return dict(grid=grid)
>    
>  
> @auth.requires_signature()
> def calculate():
>      
>     if not request.args(0):
>         return ''
>     else:
>         ## do the required calculations
>         
>     redirect(URL('voltageprofile'))    
>   
> Please help in correctly implementing this.
>
> Thanks,
> PT    
>

-- 
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
--- 
You received this message because you are subscribed to the Google Groups 
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to web2py+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.