Changes between Version 33 and Version 34 of S3/S3AAA


Ignore:
Timestamp:
01/18/11 00:45:07 (11 years ago)
Author:
Dominic König
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • S3/S3AAA

    v33 v34  
    143143  - the controller uses auth.s3_has_permission() and/or auth.s3_accessible_query() to check permissions before exposing any data to the user
    144144
    145 === s3_has_permission ===
    146 
     145=== Checking Permissions ===
     146
     147To check permissions to access a table (or a particular record) with a certain method, use the {{{auth.s3_has_permission()}}} method:
     148
     149{{{
     150authorised = auth.s3_has_permission("read", db.my_table)
     151if authorised:
     152    # User may read in the db.my_table
     153}}}
     154
     155{{{
     156authorised = auth.s3_has_permission("read", db.my_table, record_id=x)
     157if authorised:
     158    # User may read record x in db.my_table
     159}}}
     160
     161The access method can be one of these strings:
     162
     163    - "create": create new records in this table
     164    - "read": read in this table (or this particular record, if specified)
     165    - "update": update existing records in this table (or this particular record, if specified)
     166    - "delete": delete records from this table (or this particular record, if specified)
    147167=== s3_accessible_query ===
    148168