[web2py] Re: Access control advice

2013-04-15 Thread Anthony
Have you considered using the permissions system: auth.add_permission(0, 'read', 'en-EN') auth.add_permission(0, 'update', 'nl-NL') Setting the group_id to 0 sets the permission for the unique group of the current logged in user (i.e., it's a user-level permission). You can then check permissio

[web2py] Re: Access control advice

2013-04-15 Thread sander . vinkesteijn
I think I should clarify something, it's not the language of the site itself, it's about what content is available for the users to create/read/update/delete. For example, the base records are English, now we need a Swedish user to translate those (ie create Swedish records). This user should o

[web2py] Re: Access control advice

2013-04-14 Thread 黄祥
why not create the language selector like in admin page? store the language value in cookie something like: *db.py* *# set the language * *if 'language' in request.cookies and not (request.cookies['language'] is None):* *T.force(request.cookies['language'].value)* *default/layout.html*

[web2py] Re: access control in view

2012-11-27 Thread Niphlod
take a good read on http://web2py.com/books/default/chapter/29/09#Authorization, it has all the bits of info you need. On Tuesday, November 27, 2012 11:01:41 AM UTC+1, andrej burja wrote: > > hi > > i want to show link "edit" in view just for users in the group editors > how to check that in vie

[web2py] Re: access control(RBAC)

2011-11-08 Thread RAMKRISHAN BHATT BACK IN ACTION in bangalore
Use RBAC after referring book . Web2py having very good Roll based authentication and access control . Can you please define your problem in more precise manner .

[web2py] Re: Access Control

2011-05-26 Thread Jose
On 24 mayo, 13:47, pbreit wrote: > If your PHP code has no access control then, yes, people will just be able > to copy/paste URLs to gain access and I'm not sure Web2py can help you out. > > But you should be able to set up passwords on the web server. For example, > Cherokee:http://www.cheroke

[web2py] Re: Access Control not in db.py?? How to modify?

2011-04-19 Thread Keith Pettit
That was my bad I was looking at the wrong application. I have too many test apps that I'm playing around with :) Also I just tried the web2py.plugin.useradmin.w2p which I think is OK. It's very basic but has a nice si

[web2py] Re: Access Control not in db.py?? How to modify?

2011-04-19 Thread Anthony
On Tuesday, April 19, 2011 3:07:25 PM UTC-4, Keith Pettit wrote: > > I appreciate the help. I'll give the plugin a try and read through the > docs you suggested. > > One note. auth_user was in db.py if I created a "New simple application" > or went through the "New Application Wizard". Which

[web2py] Re: Access Control not in db.py?? How to modify?

2011-04-19 Thread Keith Pettit
I appreciate the help. I'll give the plugin a try and read through the docs you suggested. One note. auth_user was in db.py if I created a "New simple application" or went through the "New Application Wizard". Which I is part of what was confusing me. Thanks, -Keith

[web2py] Re: Access Control not in db.py?? How to modify?

2011-04-19 Thread Anthony
Also, I haven't tried it, but here's a link to a web2py user admin plugin: http://jaguar.biologie.hu-berlin.de/~fkrause/web2py.plugin.useradmin.w2p. You might also check some of the appliances here: http://www.web2py.com/appliances/ Anthony On Tuesday, April 19, 2011 2:48:05 PM UTC-4, Anthon

[web2py] Re: Access Control not in db.py?? How to modify?

2011-04-19 Thread Anthony
On Tuesday, April 19, 2011 2:16:47 PM UTC-4, Keith Pettit wrote: > > I'm still learning web2py, I'm working on access control and was confused > by a few things I was hoping to understand better. > > 1 - Why is auth_user in db.py, but none of the other auth_ tables are? > Once you create the a

[web2py] Re: Access Control problem: Locked out from my own tables

2010-08-28 Thread mdipierro
with crud.settings.auth=None user has permission to do everything unless explicitly blocked with a check. with crud.settings.auth=auth all access is blocked unless explicitly granted. This means you can only access crud.create on mytbale if you have explicitly created a permission entr

[web2py] Re: Access Control problem: Locked out from my own tables

2010-08-28 Thread Johann Spies
The problem was the setting: crud.settings.auth=auth which I have uncommented in the model. I am not sure why this made that all access to crud functions was blocked - even when a valid user was logged in. Regards Johann --     "Be not deceived; God is not mocked: for whatsoever a      man sow

[web2py] Re: Access Control and Basic Authentication ?

2010-08-17 Thread mdipierro
will look into this.. On Aug 17, 2:41 am, Niphlod wrote: > sorry for the late answer... > > in order to let web2py be a real kickass framework also for web > services, I think that some validators have to be rewritten/added. > > Usually I tend not to harrass the devs if what I want isn't there, b

[web2py] Re: Access Control and Basic Authentication ?

2010-08-17 Thread Niphlod
sorry for the late answer... in order to let web2py be a real kickass framework also for web services, I think that some validators have to be rewritten/added. Usually I tend not to harrass the devs if what I want isn't there, but you look real active, so...I think that web2py needs 1 more settin

[web2py] Re: Access Control and Basic Authentication ?

2010-08-16 Thread mdipierro
could it be a problem with escaping basic auth parameters? On Aug 16, 2:20 pm, David Marko wrote: > Cause a lack of time I gave up for the moment. I removed > authentication requirement from my method and used security token as > an parameter for my method. Using SSL for encrypted communication >

[web2py] Re: Access Control and Basic Authentication ?

2010-08-16 Thread David Marko
Cause a lack of time I gave up for the moment. I removed authentication requirement from my method and used security token as an parameter for my method. Using SSL for encrypted communication gives me enough security. But things are working fine as tested using cURL ... will investigate at the end

[web2py] Re: Access Control and Basic Authentication ?

2010-08-16 Thread Niphlod
if you save request.headers somewhere I think it'll be easy to see the differences Niphlod On Aug 16, 11:02 am, David Marko wrote: > U just downloaded cURL for windows and tried this. And its working ... > so it not web2py issue but something on my side ... will try to look > to request beei

[web2py] Re: Access Control and Basic Authentication ?

2010-08-16 Thread David Marko
U just downloaded cURL for windows and tried this. And its working ... so it not web2py issue but something on my side ... will try to look to request beeing sent. David On 16 srp, 10:25, Niphlod wrote: > I usually use curl and derivatives > > in order to help me/us knowing what's going on,

[web2py] Re: Access Control and Basic Authentication ?

2010-08-16 Thread Niphlod
I usually use curl and derivatives in order to help me/us knowing what's going on, could you please save somewhere the request object and past here it ?

[web2py] Re: Access Control and Basic Authentication ?

2010-08-15 Thread David Marko
I use MS Windows specific:(its excerpt from Lotus Script) Set objhttp = CreateObject("MSXML2.ServerXMLHTTP") Set objXMLDocument = CreateObject ("Msxml2.DOMDocument.3.0") Call objhttp.Open("POST",URL, False,settings.api_email(0),settings.api_password(0)) Things are working fine when authentication

[web2py] Re: Access Control and Basic Authentication ?

2010-08-15 Thread mdipierro
How would you like it to work? On 15 Ago, 17:27, Niphlod wrote: > how are you posting data to the consumer ? > > apart from auth.settings.allow_basic_login = True  there's nothing I > did to enable itand it's working (sadly not the way I'd like, but > works as intended (additional method of a

[web2py] Re: Access Control and Basic Authentication ?

2010-08-15 Thread Niphlod
how are you posting data to the consumer ? apart from auth.settings.allow_basic_login = True there's nothing I did to enable itand it's working (sadly not the way I'd like, but works as intended (additional method of authentication...))

[web2py] Re: Access Control and Basic Authentication ?

2010-08-13 Thread David Marko
Is there anyone who succesfully use basic auth for services? can you share you experience, how did you get things working? David On 13 srp, 17:05, David Marko wrote: > It doesnt work for me or I miss something. > > I have added following line into my db.py > auth.settings.allow_basic_login = Tru

[web2py] Re: Access Control and Basic Authentication ?

2010-08-13 Thread David Marko
It doesnt work for me or I miss something. I have added following line into my db.py auth.settings.allow_basic_login = True Now I'm trying post data to some API method from my service consumer code. But it doesnt authenticate but instead the response I'm getting is html page with login form. Is

[web2py] Re: Access Control and Basic Authentication ?

2010-08-13 Thread mdipierro
yes On Aug 13, 3:01 am, David Marko wrote: > http://web2py.com/book/default/chapter/08#Access-Control-and-Basic-Au... > ### does it mean, that both authentication will work together? The > default form based will remain working and basic_auth will be > available, when client program(some service