On Feb 7, 2010, at 7:32 AM, weheh wrote:
> These are readable, but not writable. What I want is for widget to
> get
> "grayed-out" and not be usable when user doesn't have permission to
> fill in the field.
>
> Ideally, I think it would make sense to be able to do this as a
> requirement to a field, something like:
> requires=HAS_MEMBERSHIP(auth.id_group('admin'),auth.user.id),
> or
> requires=HAS_PERMISSION(...)
>
> or maybe clearer yet, have a permission authenticator:
> permission=HAS_MEMBERSHIP(...)
> or permission=HAS_PERMISSION(...)
I like this a lot, at least as a general idea. Graying out would need to be
done with the html disabled attribute. Using permissions seems quite natural.
I'm not sure what the right logic would be, though. Perhaps 'disabled' is
parallel to readable and writable, though that may not be the best way of
putting it. At any rate, an input element would have four possible states: the
three we have now (visible and enabled, text-only (what is now readable but not
writable), and not visible), and visible but disabled. With the state a
function of permissions of the current user.
>
> On Feb 7, 4:24 am, mdipierro <mdipie...@cs.depaul.edu> wrote:
>> I am not sure non-writable fields have widgets. I will check. Most
>> likely they do not if they are not writable and not readable.
>>
>> On Feb 7, 2:02 am, weheh <richard_gor...@verizon.net> wrote:
>>
>>
>>
>>> I'm using crud and want to disable access to certain fields if user is
>>> not a member of the admin group. For instance, content can only be
>>> approved by admin. I want to register the id of the user who approved
>>> the content, too. So I'd like to say:
>>
>>> if not auth.has_membership(auth.id_group('Admin'),auth.user.id):
>>> db.content.approved.writable=False
>>> db.content.signature.writable=False
>>> form = crud.update(db.content,...)
>>
>>> so that even if the view has this:
>>> {{=form.custom.widget.approved}}
>>> {{=form.custom.widget.signature}}
>>
>>> the fields shouldn't be fillable by an unauthorized user. Problem is,
>>> this doesn't work and I get this ticket:
>>
>>> Traceback (most recent call last):
>>> File "C:\web2py\gluon\restricted.py", line 173, in restricted
>>> exec ccode in environment
>>> File "C:/web2py/applications/myapp/controllers/admin.py", line 187,
>>> in <module>
>>> File "C:\web2py\gluon\globals.py", line 96, in <lambda>
>>> self._caller = lambda f: f()
>>> File "C:\web2py\gluon\tools.py", line 1873, in f
>>> return action(*a, **b)
>>> File "C:/web2py/applications/myapp/controllers/admin.py", line 59,
>>> in marketing
>>> form = crud.update(db.content,request.args(2),message=T('Updated
>>> content'))
>>> File "C:\web2py\gluon\tools.py", line 2270, in update
>>> keepvalues=self.settings.keepvalues):
>>> File "C:\web2py\gluon\sqlhtml.py", line 755, in accepts
>>> onvalidation,
>>> File "C:\web2py\gluon\html.py", line 1267, in accepts
>>> status = self._traverse(status)
>>> File "C:\web2py\gluon\html.py", line 449, in _traverse
>>> newstatus = c._traverse(status) and newstatus
>>> File "C:\web2py\gluon\html.py", line 449, in _traverse
>>> newstatus = c._traverse(status) and newstatus
>>> File "C:\web2py\gluon\html.py", line 449, in _traverse
>>> newstatus = c._traverse(status) and newstatus
>>> File "C:\web2py\gluon\html.py", line 449, in _traverse
>>> newstatus = c._traverse(status) and newstatus
>>> TypeError: 'NoneType' object is not callable
>>
>>> Anybody know what's going on here?- Hide quoted text -
>>
>> - Show quoted text -
>
> --
> You received this message because you are subscribed to the Google Groups
> "web2py-users" group.
> To post to this group, send email to web...@googlegroups.com.
> To unsubscribe from this group, send email to
> web2py+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/web2py?hl=en.
>
--
You received this message because you are subscribed to the Google Groups
"web2py-users" group.
To post to this group, send email to web...@googlegroups.com.
To unsubscribe from this group, send email to
web2py+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/web2py?hl=en.
