You cannot with auth. If you pass it to modules you will run into issues with threads. Open a ticket we can create a lazy_auth decorator that allows something like what you want.
On Wednesday, 25 September 2013 00:10:45 UTC-5, Mandar Vaze wrote: > > Even I have come across such requirements. > Similar to Reza's requirement - we want to allow read operations to > anyone, but insert/update/delete only for logged in user. Moreover, we also > want to check auth.has_membership too. > > DB operations could be invoked from several different places, different > controller methods, as well as scripts. > So as not to repeat same/similar code across various controllers/scripts - > common method(s) in modules make sense. > > While adding @auth. decorators to each calling function is an option (I > would rather say workaround) - a check at the lowest level where DB > operation is about to take place, seems like right thing to do. > > So again - is it possible ? > I'm thinking to pass "auth" (and db) object to methods in modules, and > then call auth.has_membership() and such in each module level method. > using decorator seems easier/cleaner/nicer that's all. > > -Mandar > > > On Monday, April 15, 2013 9:51:19 AM UTC+5:30, Reza Shah wrote: >> >> I want to have something like user controller in default.py. >> def user(): >> """ >> exposes: >> http://..../[app]/default/user/login >> http://..../[app]/default/user/logout >> http://..../[app]/default/user/register >> http://..../[app]/default/user/profile >> """ >> return dict(form=auth()) >> >> So i would like to have: >> def item(): >> """ >> http://..../[app]/default/item/list >> http://..../[app]/default/item/add_product >> """ >> return dict(form=product()) >> >> And when user invoke url for add_product, the request should be rejected >> if not login yet, i though i just decorate the add_product function in >> module with @auth. >> I think i should try your suggestion to check for the auth beforehand and >> invoke the proper method of Product class. >> >> On Monday, April 15, 2013 1:03:49 AM UTC+9, Anthony wrote: >>> >>> Can you show the code where you are calling the add_product() method? >>> Using the @auth.requires_login() decorator is not the only way to control >>> access. You can also do "if auth.user:" to test for login before allowing a >>> method to be called. >>> >>> Anthony >>> >>> On Sunday, April 14, 2013 7:06:15 AM UTC-4, Reza Shah wrote: >>>> >>>> Hi, >>>> >>>> I'm learning web2py and i want to put my business logic inside a class >>>> in module. >>>> I like to have a behaviour similar to user controller inside default.py >>>> which exposes several functions. >>>> >>>> I have a controller item which i put inside default.py >>>> def item(): >>>> return dict(form=product()) >>>> >>>> in module i create product class >>>> >>>> class Product(object): >>>> def __init__: >>>> >>>> def list(self): >>>> >>>> @auth.requires_login() >>>> def add_product(self): >>>> >>>> The Product.list function can be accessed by anyone, but for adding new >>>> product need user login first. >>>> Is this possible? >>>> Does the auth can used directly or i need to import something first? >>>> >>>> Thank, >>>> Reza >>>> >>> -- Resources: - http://web2py.com - http://web2py.com/book (Documentation) - http://github.com/web2py/web2py (Source code) - https://code.google.com/p/web2py/issues/list (Report Issues) --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
