[web2py] Re: Permissions on records

Tue, 07 Sep 2010 07:49:11 -0700 

It is a logic issue.

This line does nothing:

auth.settings.register_onaccept = (lambda
form,table=table:give_create_permission(form,table))

You do not want to register the callback with "register_onaccept". you
want to set these once for all:

       auth.add_permission(group_id, 'read', table)
       auth.add_permission(group_id, 'create', table)
       auth.add_permission(group_id, 'select', table)

perhaps in a configuratuon script and these

       auth.add_permission(group_id, 'update', table, id)
       auth.add_permission(group_id, 'delete', table, id)

should be registered with crud.settings.create_onaccept.tablename




On Sep 6, 2:58 am, Johann Spies <[email protected]> wrote:
> On 29 August 2010 07:05, mdipierro <[email protected]> wrote:
>
> > almost:
>
> > def give_create_permission(form,table):
> >        group_id = auth.id_group('user_%s' % auth.user.id)
> >        auth.add_permission(group_id, 'read', table)
>
> > and
>
> > auth.settings.register_onaccept = (lambda form,
> > table=table:give_create_permission(form,table))
>
> I still don't get it right.
>
> I have for example the following in my controller:
>
> #Access control
> ##########################################################################
> def give_create_permission(form,table):
>        group_id = auth.id_group('user_%s' % auth.user.id)
>        auth.add_permission(group_id, 'read', table)
>        auth.add_permission(group_id, 'create', table)
>        auth.add_permission(group_id, 'select', table)
>        auth.add_permission(group_id, 'update', table, id)
>        auth.add_permission(group_id, 'delete', table, id)
> ##########################################################################
> def show_id(id):
>     message = crud.messages.record_created = 'Record nr %d created' %id
>     return message
>
> @auth.requires_membership('fetm04')
> def fetm04_create():
>     table=db.fetm04
>     #crud.settings.auth = auth          # enforces authorization on crud
>     crud.settings.keepvalues = True
>     form=crud.create(db.fetm04,onaccept=lambda form: show_id (form.vars.id))
>     auth.settings.register_onaccept = (lambda
> form,table=table:give_create_permission(form,table))
>     return dict(form=form)
>
> But although I am logged in and belong to the group 'fetm04' I an
> locked out from this form.
>
> When I enable crud.settings.auth=auth I am locked out from all forms.
>
> Regards
> Johann
> --
>     "Be not deceived; God is not mocked: for whatsoever a
>      man soweth, that shall he also reap."
>                                   Galatians 6:7

Reply via email to