I'm using web2py 2.7.4-stable+timestamp.2013.11.25.15.21.21 but it doesn't
appear that the patch for this is in yet.
However, instead of doing the removal of the Wiki link with jQuery on the
client, which is susceptible to being hacked by a savvy user, the following
may be more secure:
To the layout.html or equivalent,
add the following line
{{if auth.user and (not auth.has_membership('wiki_editor', auth.user.id)
andresponse
.menu[-1][0].m=='[Wiki]'): response.menu.pop()}}
before
{{=MENU(response.menu, _class='mobile-menu nav' if is_mobile else 'nav',
mobile=is_mobile,li_class='dropdown',ul_class='dropdown-menu')}}
On Thursday, 25 October 2012 16:44:08 UTC+8, Andrew W wrote:
>
> the [wiki] menu option is good for the person maintaining the website, but
> shouldn't be seen by others (at least those not logged in) .
> How do I hide it for unauthorised users ?
>
> Any update on when the book will contain auth.wiki information ? I can
> see plugin_wiki still there.
>
> Thanks
>
> Andrew W
>
--
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
---
You received this message because you are subscribed to the Google Groups
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/groups/opt_out.
