On Thursday, July 16, 2020 at 3:30:47 PM UTC-7, Paul Ellis wrote:
>
> the situation is that I have permissions associated with auth_groups.
>
> eg. user, team leader, business leader, oversight
>
> now I need a "secretary" or "accounts" group which has access to some
> business leader features i.e reports.
> Some team leader features ie. price maintainence.
> But does not have access to the basic features of normal users.
>
> I can't see how to make an auth_group which has permissions which are
> already associated with another group.
>
> I am hoping for a solution which does not involve hard coding access to
> these features using @auth.has_membership('accounts') as I don't expect
> this to be last case of overlapping permissions.
>
> Ideally I can make an interface where business leaders can make a custom
> permission group and assign it to their employees. Without creating a
> situation where each new employee needs to have a permission allocated for
> every little thing.
> i.e. customer maintenence, customer delete, product related permissions,
> product permissions where special knowledge is required...
>
> Is this possible with the Web2py Auth System?
>
>
I'd look at
<URL:https://web2py.com/books/default/chapter/29/09/access-control#Decorators>
especially the middle of the section where the use of callables is
described.
and also look at the next section
<URLhttps://web2py.com/books/default/chapter/29/09/access-control#Combining-requirements>
I think what you want is for your decorator to have something like
@auth.requires(auth.has_membership(group_of_bosses) or
auth.has_membership(role_updates_catalogs))
for the controller function that handles updating catalogs.
I would define the basic roles in a narrow fashion, and then grant more
privileges to the boss.
/dps
--
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
---
You received this message because you are subscribed to the Google Groups
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to web2py+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/web2py/ee87111e-2f68-4e0d-ae5c-0f05eee85846o%40googlegroups.com.
