I've been checking for auth membership to control access to menus and
access to controller functions. But they all require significant DB IO ...
Decorators:
@auth.requires_membership()
@auth.requires(lambda: auth.has_membership('customer_service') or auth.
has_membership('admin')) # potentially 4 database queries
@auth.requires(lambda: any([auth.has_membership(r) for r in [
'customer_service', 'admin']))
and
Conditions (e..g, to control menu display):
if auth.user and any (auth.has_membership(r) for r in ['customer_service',
'admin']): # performs potentially 4 database queries
if auth.has_membership('customer_service'): # performs two database queries
All of the above require DB IO (using the lambda's defers the IO but not
eliminate it). After seeing the DB IO using db stats, I started exploring
auth.user_groups and have tested these two option:
@auth.requires(any (role in ['customer_service', 'admin'] for role in auth.
user_groups.itervalues()))
if any (role in ['customer_service', 'admin'] for role in auth.user_groups.
itervalues()):
Is there any reason to not use these? I understand auth.user_groups is
cached but can be updated with auth.update_groups() if needed.
--
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
---
You received this message because you are subscribed to the Google Groups
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
