I have a couple of questions about the Auth class. To use
authentication I uncommented the following functions in db.py:
mail = Mail()
mail.settings.server = 'smtp.yourdomain.com:25'
mail.settings.sender = 'y...@yourdomain.com'
mail.settings.login = 'usern...@password'
auth = Auth(globals(), db)
auth.define_tables()
auth.settings.captcha = Recaptcha
(request,public_key='RECAPTCHA_PUBLIC_KEY',private_key='RECAPTCHA_PRIVATE_KEY')
Furthermore, I defined a custom user table.
1) To register the visitor should complete a registration form, which
will be emailed from the application to the site administrator, who
will accept or reject the registration, and in case of acceptance
enter the registrants data into the auth_user table and
auth_membership table. So, I need a custom registration function and I
don't need the verify_email function. This makes me wonder whether I
could just uncomment the def user(): return dict(form=auth()) function
in default.py and add a custom def register(): function to default.py,
or whether I have to leave def user(); commented and add the functions
I do need like this: def login(): return (form=auth.login()) etc.
2) The custom user table has a field called company_id, when the user
logs in he should only be able to create, retrieve, update and delete
records that have this company_id, is this possible using CRUD or do I
have to write custom functions.
3) When assigning permissions, do I have to assign every permission
separately to every table for every group or is there a more efficient
way. I have 2 groups, 6 permissions and 20 tables, that would be 240
entries in auth_permission, wouldn't it?
4) I created two groups, datamanager and sitemanager, where
datamanager is an intersection of sitemanager. For example,
datamanager and sitemanager both have permission to update the address
table, but only sitemanager has permission to create, update and
delete the event table. Is there an efficient way to implement this?
5) Does record_id in the auth_permission table reference a specific
record? When would I use this?
6) What does the following decorator imply: @auth.requires_permission
('create',tablename',1)
Doesn't @auth.requires_membership('Manager') and Manager through
auth_permission having a name:create, Table Name:tablename, Record Id:
1 permission accomplish the same?
I am looking forward to your answers to my questions,
Annet.
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"web2py Web Framework" group.
To post to this group, send email to web2py@googlegroups.com
To unsubscribe from this group, send email to
web2py+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/web2py?hl=en
-~----------~----~----~----~------~----~------~--~---
