Changes between Version 27 and Version 28 of BluePrintAuthorization
- Timestamp:
- 06/19/10 16:41:40 (15 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
BluePrintAuthorization
v27 v28 76 76 user_id = auth.user.id 77 77 _memberships = db.auth_membership 78 memberships = db(_memberships.user_id == user_id).select(_memberships.group_id )78 memberships = db(_memberships.user_id == user_id).select(_memberships.group_id, cache=(cache.ram, 60)) 79 79 except: 80 80 memberships = None … … 120 120 user_id = auth.user.id 121 121 _memberships = db.auth_membership 122 memberships = db(_memberships.user_id == user_id).select(_memberships.group_id )122 memberships = db(_memberships.user_id == user_id).select(_memberships.group_id, cache=(cache.ram, 60)) 123 123 except: 124 124 memberships = None … … 135 135 else: 136 136 # Option 1 137 #restriction = db(db.auth_permission.table_name == tablename).select(db.auth_permission.group_id, limitby=(0, 1) ).first().group_id137 #restriction = db(db.auth_permission.table_name == tablename).select(db.auth_permission.group_id, limitby=(0, 1), cache=(cache.ram, 60)).first().group_id 138 138 #if restriction: 139 139 # authorised = False … … 207 207 * Have a single checkbox for 'Restrict access' which then opens out the 2 fields. 208 208 209 * A Developer needs to be able to restrict access to a '''Field''': 210 * In model (for access by all controllers, such as sync): 211 {{{ 212 try: 213 user_id = auth.user.id 214 _memberships = db.auth_membership 215 memberships = db(_memberships.user_id == user_id).select(_memberships.group_id, cache=(cache.ram, 60)) 216 except: 217 memberships = None 218 219 roles = [] 220 for membership in memberships: 221 roles.append(membership.group_id) 222 223 if 1 not in roles and myrole not in roles: 224 table.field.readable = False 225 }}} 226 * NB If doing this then the roles checks inside {{{shn_has_permission()}}} & {{{shn_accessible_fields()}}} should be modified to read this global value 227 209 228 === Specific Examples === 210 229 * A Person's Contacts shouldn't be visible by default. … … 212 231 * Simply add the Authenticated group (2) to the table (or records in the table if using Option 3) 213 232 * ~~This requires all authenticated users to be added to the 'Authenticated' group~~ 214 * What if just some fields should be protected?215 233 216 234 * A Person's Subscriptions shouldn't be visible by default.