To me 2-steps verification just for admin is tough, better having 2-steps
for everyone...
I have a feature for changing role in my app... The design is very old
though, and I wouldn't implement it that way now since I better understand
RBAC of web2py... It is easy to create a role that if you are in (for
instance "change_role") you can change of role... But you need a subset of
roles for which users with change_role membership can change off... So you
need a user preferences for this...
What I did in the pass, was to create another table to store which role
user can change from and make a boolean field to specify in which group the
user was... But as I said, I would prefer reuse as much as possible the
RBAC system of web2py. So user preference table with a field called
"membership_allowed" and "actual_membership" give you a pretty what you
need then create a controller to manage the change of role process and
update the "actual_membership" field of user preferences table....
Then you can easily append the button to the menu of your app base on the
change_role membership like so from the layout :
{{if auth.user_id in [r.user_id for r in db(db.auth_membership.group_id ==
db(db.auth_group.role ==
'change_role'
).select(db.auth_group.id
).first().id
).select(db.auth_membership.user_id)]:}}
<script>
jQuery(document).ready(function () {
$('#navbar').find('ul.dropdown-menu').prepend('{{=LI(A(I(_class="icon-share-alt"),
SPAN(' '),
T("Role
change"),
_href=URL(r=request, c="chmbshp", # My change_role function was not well
named back then...
f="change_membership",
vars=dict(_next=URL(request.controller,
request.function,
args=request.args,
vars=request.get_vars)))))}}');
});
</script>
{{pass}}
Richard
On Fri, May 15, 2015 at 2:37 AM, Martin Weissenboeck <[email protected]>
wrote:
> I have an app with two roles:
> a standard role for every user and
> an admin role for some administrators.
>
> For the standard user a simple one-step-login would be sufficient.
>
> What I want:
>
> (1) an admin user should change his role on the fly from standard to
> admin, eg. via a menu button (and back again)
>
> (2) on starting the admin role the second part of the two step
> verification should take place (once).
>
> What would be the best way to implement this idea?
>
> Regards, Martin
>
> --
> Resources:
> - http://web2py.com
> - http://web2py.com/book (Documentation)
> - http://github.com/web2py/web2py (Source code)
> - https://code.google.com/p/web2py/issues/list (Report Issues)
> ---
> You received this message because you are subscribed to the Google Groups
> "web2py-users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to [email protected].
> For more options, visit https://groups.google.com/d/optout.
>
--
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
---
You received this message because you are subscribed to the Google Groups
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
