I think the problem you are facing is that all links pointing to a grid
should include the user signature, that's a default requirement for grids
(asuming that your show_akb_artcle and edit_akb_article are using grids as
well).
You can switch them off with user_signature=False in grid but you'd be more
safer signing the urls you are generating.
Il giorno mercoledì 12 settembre 2012 14:28:16 UTC+2, Johann Spies ha
scritto:
>
> This is old code - it worked without a problem before. I suspect recent
> upgrades broke it.
>
> I have a SQLDFORM.grid using the following links:
>
> links = [lambda row: A(B(T('View')), _target = "_blank",
> _href = URL(r = request, c = 'articles',
> f = 'show_akb_article',
> args = str(row[db.akb_articles.id
> ])))]
>
> if auth.has_membership(role = 'kb_ed'):
> links.append(lambda row: A(B(T('Edit')), _target = "_blank",
> _href = URL(r = request, c = 'articles',
> f = 'edit_akb_article',
> args = str(row[
> db.akb_articles.id]))))
>
> links.append(lambda row: A(B(T('Link to Institute')), _target =
> "_blank",
> _href = URL(r = request, c = 'articles',
> f = 'art_research',
> args = str(row[
> db.akb_articles.id]))))
>
>
> I use any of those links in the grid even if I am logged in as a member of
> the 'kb_ed' group. I get the error: "not authorized" even when I try to
> use 'view'.
>
> I have experimented by removing the following decorator
>
> @auth.requires(lambda:auth.has_membership('kb_ed'))
> def edit_akb_article():
>
> but even without the decorator I cannot edit the article.
>
> What is causing this?
>
> Regards
> Johann
>
>
> BTW the syntax highlighting is not working for me today in the web
> interface to the group.
>
--
