OK to answer my own second question:
if not auth.has_permission("delete", "mytable"):
crud.settings.update_deletable = False
On May 29, 9:06 pm, apple <simo...@gmail.com> wrote:
> I have added auth to my application using crud. However there are a
> couple of areas where it does not act as I was expecting.
>
> 1) If I have change a permission from create to update then I now have
> both permissions until I log off. I guess it has
> cached the old permission somewhere. Is it possible to force any
> changes to happen immediately?
>
> 2) If I have update permission it allows me to delete as well. Is it
> possible to allow update but not delete? As I am using crud in the
> application it is the same function for update and delete so it is not
> possible to use a decorator nor to put a test within the code for
> permissions.
