OK, I guess it's a nomenclature issue -- args are part of the URL requested and therefore only part of the request, not the response. Rather, you need to validate whether the request arg is valid for the particular user. Of course, you can store the user's node id in the session, but if you are then going to check it against request.args(0) on every request, you might as well get rid of the node id from request.args altogether and simply store the node in the session instead. So, wherever you are no using request.args(0), you would instead reference something like session.nodeID. If session.nodeID doesn't exist, you then redirect to your router so it can be set.
Anthony On Tuesday, August 14, 2012 11:22:48 AM UTC-4, Annet wrote: > > Hi Anthony, > > In a request I use request.args(0) to determine the response, for instance > http://127.0.0.1:8000/bootstrap/calendar/eventlist/6 > > In this case 6 is the argument of the response, when the visitor changes > this argument manually and requests > http://127.0.0.1:8000/bootstrap/calendar/eventlist/28 I need a way to > determine that the visitor did change the argument, for node 6 has access > to eventlist but user 28 probably not. In that case I'd like to route to a > router function which determines what to do. > > I thought something like storing session.response=request.args(0), in this > case session.response=6 and comparing session.response!=request.args(0) in > this case 6!=28 and the > redirect(URL('addressbook','router',args=request.args(0) in every function > would solve my problem. > > I'd like to know if this is the way to go or whether there is a better way > to solve this problem? > > Kind regards, > > Annet --
