Changes between Version 33 and Version 34 of BluePrintAuthenticationAccess
- Timestamp:
- 01/12/09 18:44:18 (14 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
BluePrintAuthenticationAccess
v33 v34 44 44 * we should probably support these by adding hooks into the [wiki:BluePrintREST RESTlike controller] 45 45 46 User maintenance can be done via appadmin until we develop our own UI.[[BR]] 47 48 DRAFT: 49 50 We use {{{t2_group}}} table for Contact Lists information 51 52 We use {{{s3_role}}} table for Security access 46 We use {{{t2_group}}} table for Roles & {{{t2_membership}}} to show which roles a user has. 53 47 * roles initialised in {{{_db.py}}} 48 * 1st user to register gets Administrator role 54 49 * module writers need to add any required roles there 55 50 56 Membership of roles is controlled via the Many-to-Many table: {{{s3_roleholder}}} 51 We expose this as s3.roles so that it is accessible to Controllers & Views.[[BR]] 52 e.g. 53 * {{{appadmin.py}}} 54 * {{{layout.html}}} 57 55 58 T3 defines a simple {{{t2.is_admin}}} defined in {{{db.py}}}: 59 {{{ 60 is_admin=(t2.logged_in and (not settings.administrator_emails or t2.person_email in settings.administrator_emails)) 61 t2.is_admin=is_admin 62 }}} 63 * Function components protected with: {{{if not is_admin: t2.redirect('index',flash=T('Not Authorised'))}}} 64 * appadmin protected in the same way :) 56 User maintenance can be done via appadmin until we develop our own UI: 57 * ConfigurationGuidelines#Roles 65 58 66 59 === Links ===