You can do in the way anthony said, but you can do it all in models, no
need to touch controller code.
models/...........py
########################################################
auth = Auth(....)
# a dict of controllers as keys, and a list of allowed groups as values
auth_rules = {
"default" : ['admin'],
"post": ["admin", "editor"],
"secret_controller": ["my_secret_group"]
}
groups_to_check = auth_rules.get(request.controller, [])
has_membership = map(auth.has_membership, groups_to_check)
if not any(has_membership):
redirect(URL(r=request, c='default', f='index'))
########################################################
You can group all the code above in one liner.
On Wed, Jul 25, 2012 at 10:39 PM, Anthony <[email protected]> wrote:
> That looks pretty good. If you want to avoid running all your models, you
> can put that logic early in your models (obviously somewhere after auth is
> defined):
>
> if request.controller == 'secret_stuff' and not auth.has_membership(
> 'admin'):
>
> Anthony
>
>
> On Wednesday, July 25, 2012 9:14:31 PM UTC-4, Richard Penman wrote:
>>
>> I mean is there a better way than something like:
>>
>> if not auth.has_membership('admin'):
>> session.flash = 'You are not part of the admin group'
>> redirect(URL(r=request, c='default', f='index'))
>>
> --
>
>
>
>
--
