in your case i would suggest using the requires login decorator, and then in the controller function limiting what rows are viewed/updated by writing a query where created_by==auth.user.id (or something similar based on your schema). yes, you would have to write a (hopefully simple) controller and not just use the default CRUD things, but it should allow you to get the control you need without a join.
good luck! cfh On Sunday, November 25, 2012 12:00:53 PM UTC-8, Gian Luca Decurtins wrote: > > Hi all > > How do I enable row level access features on GAE datastore? > In the documentation is written that the accessible_query does not work > because of the usage of JOIN. Is there an other way of using it? > > I think it could work using google:sql instead of google:datastore, but > I'm trying to avoid using google:sql. > Also I do think it does not work using decorators in controllers. They > seem to just limit access to functions, not the queries. > > I do want to create a device table where users can only view or edit their > own entries. How would you implement this on GAE? > > Greetings > -Luca. > --
