@Massimo - Perhaps consider including: auth.settings.create_user_groups = True in the default db.py, along with a comment explaining that it's mostly useful for crud. I think this would clarify auth config for many users.
On Friday, February 1, 2013 5:21:05 PM UTC-5, Massimo Di Pierro wrote: > > Disabling user groups is only a problem if you use crud which checks for > auth.accessible() records based on permissions. If There are no user groups > you do not know how to make an object accessible to the user who created. > Honestly I envisioned a bigger role in web2py for auth permissions. Turns > out most users (including me) do not use them and prefer to set simpler ad > hoc permission rules. In case there is no problem in disabling user groups. > > On Friday, 1 February 2013 15:42:49 UTC-6, Yarin wrote: >> >> The >> documentation<http://web2py.com/books/default/chapter/29/09#Authorization>states: >> >> "The creation of the group can be disabled with >> >> auth.settings.create_user_groups = None >> >> although we do not suggest doing so." >> >> Massimo also says >> here<https://groups.google.com/d/msg/web2py/gN2LH6pX_IA/kcCBMWeDD8YJ>that >> "If you do not have those groups membership causes a nightmare." >> >> Yet I've never found any use for the individual user groups. Can someone >> explain their utility, and why the warnings against dropping them? >> >> >> -- --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
