These are readable, but not writable. What I want is for widget to
get
"grayed-out" and not be usable when user doesn't have permission to
fill in the field.
Ideally, I think it would make sense to be able to do this as a
requirement to a field, something like:
requires=HAS_MEMBERSHIP(auth.id_group('admin'),auth.user.id),
or
requires=HAS_PERMISSION(...)
or maybe clearer yet, have a permission authenticator:
permission=HAS_MEMBERSHIP(...)
or permission=HAS_PERMISSION(...)
On Feb 7, 4:24 am, mdipierro <[email protected]> wrote:
> I am not sure non-writable fields have widgets. I will check. Most
> likely they do not if they are not writable and not readable.
>
> On Feb 7, 2:02 am, weheh <[email protected]> wrote:
>
>
>
> > I'm using crud and want to disable access to certain fields if user is
> > not a member of the admin group. For instance, content can only be
> > approved by admin. I want to register the id of the user who approved
> > the content, too. So I'd like to say:
>
> > if not auth.has_membership(auth.id_group('Admin'),auth.user.id):
> > db.content.approved.writable=False
> > db.content.signature.writable=False
> > form = crud.update(db.content,...)
>
> > so that even if the view has this:
> > {{=form.custom.widget.approved}}
> > {{=form.custom.widget.signature}}
>
> > the fields shouldn't be fillable by an unauthorized user. Problem is,
> > this doesn't work and I get this ticket:
>
> > Traceback (most recent call last):
> > File "C:\web2py\gluon\restricted.py", line 173, in restricted
> > exec ccode in environment
> > File "C:/web2py/applications/myapp/controllers/admin.py", line 187,
> > in <module>
> > File "C:\web2py\gluon\globals.py", line 96, in <lambda>
> > self._caller = lambda f: f()
> > File "C:\web2py\gluon\tools.py", line 1873, in f
> > return action(*a, **b)
> > File "C:/web2py/applications/myapp/controllers/admin.py", line 59,
> > in marketing
> > form = crud.update(db.content,request.args(2),message=T('Updated
> > content'))
> > File "C:\web2py\gluon\tools.py", line 2270, in update
> > keepvalues=self.settings.keepvalues):
> > File "C:\web2py\gluon\sqlhtml.py", line 755, in accepts
> > onvalidation,
> > File "C:\web2py\gluon\html.py", line 1267, in accepts
> > status = self._traverse(status)
> > File "C:\web2py\gluon\html.py", line 449, in _traverse
> > newstatus = c._traverse(status) and newstatus
> > File "C:\web2py\gluon\html.py", line 449, in _traverse
> > newstatus = c._traverse(status) and newstatus
> > File "C:\web2py\gluon\html.py", line 449, in _traverse
> > newstatus = c._traverse(status) and newstatus
> > File "C:\web2py\gluon\html.py", line 449, in _traverse
> > newstatus = c._traverse(status) and newstatus
> > TypeError: 'NoneType' object is not callable
>
> > Anybody know what's going on here?- Hide quoted text -
>
> - Show quoted text -
--
You received this message because you are subscribed to the Google Groups
"web2py-users" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/web2py?hl=en.
