Currently you have two options:
1)
auth.registration_requires_approval = True
users can register but not login until there is admin approval
2)
def user():
self.settings.actions_disabled.append('register')
return dict(form=auth())
@auth.requires_membership('admin')
def register():
return dict(form=auth.register())
In this way only uses members of the 'admin' group can access the
registration page. You have to explicitly create a group 'admin' and
add yourself to the group using appadmin.
Massimo
On Jun 19, 7:35 pm, NeonGoby <[email protected]> wrote:
> I don't know about the future development plan for Auth.
> As I understand the current behavior, anyone change register for an
> account. In fact, a logged-in user cannot register another user.
> This arrangement is appropriate for some applications, but not for
> others.
>
> For example, my current application, I want only authorized users to
> access the information. The current arrangement would circumvent that
> by allowing anyone to register for an account. In fact, I want only
> want only admin group users to be able to register new users.
>
> My current approach is simply to delete the register function. But I
> may wish to have the default auth functionality for other applications
> on the same host.
>
> Therefore, I would like to propose adding an attribute to Auth:
> register_requires_admin (or similar), and have the register function
> test for this attribute, and display the registration form only if the
> attribute is false, flashing an error message otherwise.
>
> What do you think about this proposal?
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"web2py Web Framework" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/web2py?hl=en
-~----------~----~----~----~------~----~------~--~---
