I think you want:
from gluon.fileutils import check_credentials
if not *check_credentials(request):*
* if not session.org: redirect('some_error_page')
* db.auth_group._common_filter=lambda query: (db.auth_group.org==
session.org)
On Tuesday, 21 August 2012 01:04:38 UTC-5, mweissen wrote:
>
> This is the new code:
>
> from gluon.fileutils import check_credentials
> db.auth_group._common_filter=lambda query: \
> (db.auth_group.org==session.org) *or check_credentials(request)*
>
> I have tested check_credentials(request): it returns True - good!
> But - sorry! - it did not solve the problem:
>
> - Let's say I have 100 auth_group rows with org==1 and 100 auth_group
> rows with org==2
> - The admin application tells me "100 selected", but I can *see all 200
> * rows.
> - I have tried to change one record. I can open this row, change any
> field and submit it.
> - I get the flash "*Done*" But nothing has happened - the old values
> are in the table.
>
> About the message "value not in database": my fault - a wrong
> db.auth_group.org.requires
> somewhere in the model.
>
> 2012/8/21 Massimo Di Pierro <[email protected] <javascript:>>
>
>> Apologies
>>
>> check_credentials(request)
>>
>> instead of
>>
>> check_credentials('admin')
>>
>>
>> On Monday, 20 August 2012 14:33:55 UTC-5, mweissen wrote:
>>
>>> A little bit more code:
>>>
>>> db.define_table('org',
>>> Field('orgnr',
>>> Field(shortname',
>>> length=20,
>>> requires=IS_LENGTH(maxsize=20,**minsize=3)),
>>> ...
>>> )
>>>
>>>
>>> auth.settings.extra_fields['**auth_group']=[
>>> Field('org','reference org',
>>> default=lambda: session.org,
>>> requires=IS_IN_DB(db, 'org.id', '%(shortname)s',
>>> error_message=T('Not allowed')),
>>> ),...
>>>
>>> from gluon.fileutils import check_credentials
>>>
>>> db.auth_group._common_filter=**lambda query:
>>> (db.auth_group.org==session.**org <http://session.org>) or
>>> check_credentials('admin')
>>>
>>>
>>>
>>> Now I am using the admin interface and I try to change one row of
>>> auth_group. The same result as before (without
>>> check_credentials('admin'))
>>>
>>> - The value of auth_group.org==1.
>>> - The error messae is "value not in database"
>>> - And, of course, there is a record in db.org with db.org.id==1
>>>
>>> To learn more about check_credentials I added:
>>>
>>> if check_credentials('admin'): print 'Admin'
>>>
>>> Only for the test.
>>>
>>> And I get a new error message:
>>>
>>> 127.0.0.1.2012-08-20.21-05-04.**43dc8360-a22d-408d-8889-**00fe62ef4a38
>>> <type 'exceptions.AttributeError'> 'str' object has no attribute 'env'
>>> Version web2py™ (2, 0, 0, datetime.datetime(2012, 8, 9, 8, 57, 54),
>>> 'dev') Python Python 2.7.2: D:\Python27\python.exe Traceback
>>>
>>> 1.
>>> 2.
>>> 3.
>>> 4.
>>> 5.
>>> 6.
>>> 7.
>>> 8.
>>> 9.
>>>
>>> Traceback (most recent call last):
>>> File "D:\...\web2py\gluon\**restricted.py", line 205, in restricted
>>>
>>>
>>>
>>>
>>>
>>> exec ccode in environment
>>> File "D:/.../web2py/applications/**secure/models/db.py"
>>> <http://127.0.0.1:8000/admin/default/edit/secure/models/db.py>, line 389,
>>> in <module>
>>>
>>>
>>>
>>>
>>>
>>> if check_credentials('admin'): print 'Admin'
>>>
>>>
>>>
>>>
>>>
>>> File "D:\...\web2py\gluon\**fileutils.py", line 328, in check_credentials
>>>
>>>
>>>
>>>
>>>
>>> if request.env.web2py_runtime_gae**:
>>>
>>>
>>>
>>>
>>> AttributeError: 'str' object has no attribute 'env'
>>>
>>>
>>>
>>> 2012/8/20 Massimo Di Pierro <[email protected]>
>>>
>>> You can do:
>>>>
>>>> db.define_table(...., common_filter = None if not session.org else
>>>> (lambda query:(db.my_table.org==sessio**n.org <http://session.org/>)))
>>>>
>>>> you can also use the check:
>>>>
>>>> from gluon.fileutils import check_credentials
>>>> check_credentials('admin') #returns true if you are logged as admin.
>>>>
>>>>
>>>> On Monday, 20 August 2012 12:48:29 UTC-5, mweissen wrote:
>>>>
>>>>> (1) session.org will be set with the login. But I am an
>>>>> administrator: I think I should use the admin application without a
>>>>> login
>>>>> to the application itself.
>>>>>
>>>>> (2) Lets say session.org==1: now it is not possible to change a
>>>>> record with my_table.org==2 using the admin app.
>>>>>
>>>>> (3) Did you mean:
>>>>>
>>>>> common_filter = lambda query:
>>>>> (db.my_table.org==session.org)**** if session.org else True
>>>>>
>>>>>
>>>>> Interesting idea!
>>>>>
>>>>> 2012/8/20 Massimo Di Pierro <[email protected]>
>>>>>
>>>>> How do you set the common filter? Seems to me if session.org is not
>>>>>> set, the common filter should not be set. web2py cannot ignore it
>>>>>> because
>>>>>> it does the wrong thing.
>>>>>>
>>>>>>
>>>>>> On Monday, 20 August 2012 11:41:41 UTC-5, mweissen wrote:
>>>>>>>
>>>>>>> I have an application which should be used by some organizations.
>>>>>>> Therefore I have added
>>>>>>>
>>>>>>> Field('org','reference org', default=lambda:session.org),
>>>>>>>
>>>>>>> and
>>>>>>>
>>>>>>> common_filter = lambda query: db.my_table.org==session.org
>>>>>>>
>>>>>>> to my_table. session.org contails the id of the respective
>>>>>>> organization.
>>>>>>> Great feature,works fine! But using the database administration of
>>>>>>> the admin-application the common filter is still active.
>>>>>>> There is an "ignore_rw=True" in the admin application and I think I
>>>>>>> have read somewhere that there is also an "
>>>>>>> ignore_common_filters=True".
>>>>>>>
>>>>>>> If session.org is not set, a "database db select" shows strange
>>>>>>> effects:
>>>>>>>
>>>>>>> - I can see the first 100 rows.
>>>>>>> - But the message is "0 selected"
>>>>>>> - It is not possible to Update a record
>>>>>>>
>>>>>>>
>>>>>>> A simple "ignore_common_filters=True" at the appropriate location
>>>>>>> should solve the problem. I have taken a quick look at the code, but I
>>>>>>> think this statement has to be "very inside", therefore I have no
>>>>>>> concrete
>>>>>>> proposal.
>>>>>>>
>>>>>>> Regards, Martin
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> --
>>>>>>
>>>>> --
>>>>
>>>>
>>>>
>>> --
>>
>>
>>
>
--
