Changes between Version 27 and Version 28 of BluePrintAuthorization


Ignore:
Timestamp:
06/19/10 16:41:40 (15 years ago)
Author:
Fran Boon
Comment:

Caching

Legend:

Unmodified
Added
Removed
Modified

  • BluePrintAuthorization

    v27 v28  
    7676        user_id = auth.user.id
    7777        _memberships = db.auth_membership
    78         memberships = db(_memberships.user_id == user_id).select(_memberships.group_id)
     78        memberships = db(_memberships.user_id == user_id).select(_memberships.group_id, cache=(cache.ram, 60))
    7979    except:
    8080        memberships = None
     
    120120        user_id = auth.user.id
    121121        _memberships = db.auth_membership
    122         memberships = db(_memberships.user_id == user_id).select(_memberships.group_id)
     122        memberships = db(_memberships.user_id == user_id).select(_memberships.group_id, cache=(cache.ram, 60))
    123123    except:
    124124        memberships = None
     
    135135    else:   
    136136        # Option 1
    137         #restriction = db(db.auth_permission.table_name == tablename).select(db.auth_permission.group_id, limitby=(0, 1)).first().group_id
     137        #restriction = db(db.auth_permission.table_name == tablename).select(db.auth_permission.group_id, limitby=(0, 1), cache=(cache.ram, 60)).first().group_id
    138138        #if restriction:
    139139        #   authorised = False
     
    207207   * Have a single checkbox for 'Restrict access' which then opens out the 2 fields.
    208208
     209 * A Developer needs to be able to restrict access to a '''Field''':
     210  * In model (for access by all controllers, such as sync):
     211{{{
     212try:
     213    user_id = auth.user.id
     214    _memberships = db.auth_membership
     215    memberships = db(_memberships.user_id == user_id).select(_memberships.group_id, cache=(cache.ram, 60))
     216except:
     217    memberships = None
     218
     219roles = []
     220for membership in memberships:
     221    roles.append(membership.group_id)
     222
     223if 1 not in roles and myrole not in roles:
     224    table.field.readable = False
     225}}}
     226   * NB If doing this then the roles checks inside {{{shn_has_permission()}}} & {{{shn_accessible_fields()}}} should be modified to read this global value
     227
    209228=== Specific Examples ===
    210229 * A Person's Contacts shouldn't be visible by default.
     
    212231   * Simply add the Authenticated group (2) to the table (or records in the table if using Option 3)
    213232   * ~~This requires all authenticated users to be added to the 'Authenticated' group~~
    214   * What if just some fields should be protected?
    215233
    216234 * A Person's Subscriptions shouldn't be visible by default.