The decorators
@auth.requires_login()
@auth.requires_membership('group')
@auth.requires_permission('type','table'record_id')
work on any function, work on gae and are efficient.
You mail also want to build functions like
def record(query):
if auth.has_permission(...):
return db(query).select(....)
else:
return db(query)(subquery)(....)
Hope this helps.
On Aug 9, 4:28 pm, Benigno <[email protected]> wrote:
> Hello,
> I'd like to pose a question, that is probably quite basic, but I do
> not see any way to do it right (by right meaning something that
> doesn't take too many queries, processor, ram or looks really nasty on
> the code).
>
> So, I would like to know what is the best way to set up an
> authorisation process that filters data by different fields depending
> on the authorisation of the given user. On its most basic form,
> imagine that I am setting up a service app, that allows different
> companies to sign in and pay for a number of users. Those users
> grouped by department.
>
> I would like that they are able to set up the access rights for each
> of those users, so that once they set a user with accesss to a certain
> department (or several departments), anything he does is filtered for
> those he has access only (this may span any number of tables in which
> data may be company/department specific). Of course this for many
> different companies.
>
> The second part of my question is: What would be the best way to set
> it up so that it works nicelly in GAE?.
>
> Thanks in advance,
> Benigno.
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"web2py-users" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/web2py?hl=en
-~----------~----~----~----~------~----~------~--~---
