I was looking a long time ago for a RBAC that could permit a group to belong to a group...
Nice job Regards 2017-10-15 16:38 GMT+01:00 Bernhard Radermacher <bernh...@radermacher.us>: > Forgot to mention that assignment is a bit easier, too: > > > <https://lh3.googleusercontent.com/-2Cctqex15cM/WeOA47AkisI/AAAAAAAAAWo/5jQYiHjGd-klO_rTSEs6ku3n1NYDVCF2wCLcBGAs/s1600/auths.png> > > > <https://lh3.googleusercontent.com/-W44XgCn2ILE/WeOA8lk9SlI/AAAAAAAAAWs/sg3JAe6vh4I2HXRVb_x5qm0wwGmrRaL8QCLcBGAs/s1600/subroles.png> > > > On Sunday, October 15, 2017 at 5:30:09 PM UTC+2, Bernhard Radermacher > wrote: >> >> That is correct. But this accesses the respective auth tables directly. >> >> authman adds additional tables, that allow >> >> - extensive editing before activation >> - roles can be included in other roles, thereby creating an >> organizational structure. For example: >> >> - Role Accounting Manager includes >> - Role A/P clerk >> - Role A/R clerk >> >> In addition the magic role 'root' gets all permissions... that works nice >> for testing when you just don't want to be bothered by auth checks. >> >> On Sunday, October 15, 2017 at 3:40:27 PM UTC+2, Anthony wrote: >>> >>> Very nice. Thanks for posting. This appears to be much more complete, >>> but note that every app includes some basic functionality for managing >>> users, roles, and permissions via the URL /myapp/appadmin/manage/auth. All >>> you have to do is include the following line in a model: >>> >>> auth.settings.auth_manager_role = 'my_auth_admin_role' >>> >>> and anyone in the 'my_auth_admin_role' group will have access to the >>> functionality. The above URL can also be accessed by anyone who is logged >>> into the admin app even if no auth.settings.auth_manager_role has been >>> set. >>> >>> This is a special case of the more general auth.settings.manager_actions >>> functionality described at http://web2py.com/books/defaul >>> t/chapter/29/09/access-control#Application-Management-via-pr >>> ivileged-users--Experimental-. >>> >>> Anthony >>> >>> On Sunday, October 15, 2017 at 9:12:40 AM UTC-4, Bernhard Radermacher >>> wrote: >>>> >>>> I developed a little plugin to facilitate authorization management. It >>>> can be found at: >>>> >>>> https://github.com/bradermacher/web2py-plugin-authman >>>> >>>> I appreciate any comments. >>>> >>> -- > Resources: > - http://web2py.com > - http://web2py.com/book (Documentation) > - http://github.com/web2py/web2py (Source code) > - https://code.google.com/p/web2py/issues/list (Report Issues) > --- > You received this message because you are subscribed to the Google Groups > "web2py-users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to web2py+unsubscr...@googlegroups.com. > For more options, visit https://groups.google.com/d/optout. > -- Resources: - http://web2py.com - http://web2py.com/book (Documentation) - http://github.com/web2py/web2py (Source code) - https://code.google.com/p/web2py/issues/list (Report Issues) --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
