I could create a new auth method that allows:
db(auth.accessible(db.yourtable,"read")&..yourquery..).select
(db.yourtable.ALL)
but it would not work on GAE because of the JOIN. Should I add it
anyway?
Massimo
On Apr 2, 8:54 am, mdipierro <mdipie...@cs.depaul.edu> wrote:
> This gives you a list of all record you can "read"
>
> db(db.auth_permission.name=="read")&
> (db.auth_permission.table_name=="yourtable")&
> (db.auth_permission.group_id==db.auth_membership.group_id)&
> (db.auth_membership.user_id==auth.user.id)).select
> (db.auth_permission.record_id)
>
> record_id=="0" indicates (all records in the table "yourtable").
>
> You can combine the above query with a query to your table. I suggest
> you write a function that does it.
>
> Massimo
>
> On Apr 2, 4:29 am, kellda <dan...@kellnet.ch> wrote:
>
> > Using auth.has_permission for a single record (update, read) is clear
> > for me but how to check the permission in a form with a list of
> > records?
>
> > def list():
> > records=db((db.test.id>0)).select()
> > return dict(records=records)
>
> > how to filter only the records with the permission? Do I have to check
> > this in the the form
>
> > {{=for record in records}} {{if has_permission ..}}
>
> > or can I do this in the controller?
>
> > Thanks
> > Daniel
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"web2py Web Framework" group.
To post to this group, send email to web2py@googlegroups.com
To unsubscribe from this group, send email to
web2py+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/web2py?hl=en
-~----------~----~----~----~------~----~------~--~---
