- p217: Mail(globals()) -> Mail()
On Jul 13, 5:17 am, Vidul <vidul.pet...@gmail.com> wrote:
> Thank you, Massimo, that's the most reliable forum on this planet (no
> irony)!
>
> On Jul 12, 5:32 pm, mdipierro <mdipie...@cs.depaul.edu> wrote:
>
> > Book ERRATA:
>
> > def give_create_permission(form):
> > group_id=auth.id_group('user_%s' %
> > auth.user.id)
> > auth.add_permission(group_id,'read',db.comment)
> > auth.add_permission(group_id,'create',db.comment)
>
> > def give_update_permission(form):
> > comment_id=form.vars.id
> > group_id=auth.id_group('user_%s' %
> > auth.user.id)
> > auth.add_permission(group_id,'update',db.comment,comment_id)
> > auth.add_permission(group_id,'delete',db.comment,comment_id)
>
> > auth.settings.register_onaccept = give_create_permission
> > crud.settings.auth = auth
>
> > def post_comment():
> > form = crud.create(db.comment, onaccept=give_update_permission)
> > comments = db(db.comment.id>0).select()
> > return dict(form=form, comments=comments)
>
> > def update_comment():
> > form = crud.update(db.comment, request.args(0))
> > retur dict(form=form)
>
> > On Jul 12, 9:28 am, mdipierro <mdipie...@cs.depaul.edu> wrote:
>
> > > Hi Vidul,
>
> > > thanks for reporting this. There are 3 issues:
> > > 1) A bug in tools that is now fixed in trunk
> > > 2) A typo in the code above, should have been
>
> > > db.define_table('asset',Field('name'))
>
> > > # in the
> > > controller:
> > > def give_asset_create_permission(form):
> > > group_id=auth.id_group('user_%s' % auth.user.id)
> > > auth.add_permission(group_id,'read',db.asset)
> > > auth.add_permission(group_id,'create',db.asset)
>
> > > def give_asset_update_permission(form):
> > > asset_id=form.vars.id
> > > group_id=auth.id_group('user_%s' % auth.user.id)
> > > auth.add_permission(group_id,'update',db.asset,asset_id)
> > > auth.add_permission(group_id,'delete',db.asset,asset_id)
>
> > > auth.settings.register_onaccept = give_asset_create_permission
> > > crud.settings.auth = auth
>
> > > @auth.requires_login()
> > > def post():
> > > form = crud.create
> > > (db.asset,onaccept=give_asset_update_permission)
> > > query = auth.accessible_query('read',db.asset,auth.user.id)
> > > assets = db(query).select(db.asset.ALL)
> > > return dict(form=form, assets=assets)
>
> > > 3) make sure you run "post" with an account created after
> > > "auth.settings.register_onaccept = give_asset_create_permission" was
> > > inserted in the code.
>
> > > Sorry about this.
>
> > > Massimo
>
> > > On Jul 12, 8:38 am, Vidul <vidul.pet...@gmail.com> wrote:
>
> > > > My apologies for raising my voice again - did anyone manage to replay
> > > > the example about:
> > > > "how to allow a visitor to post comments, but only update their own
> > > > comments
> > > > (assuming crud, auth and db.comment are defined)" (that's on page 84)?
> > > > If so - please let me know, this will save me a lot of time for a
> > > > migration from Rails to WEB2PY (the project's name is Solunas btw).
>
> > > > Thank you!
>
> > > > On Jul 12, 10:30 am, Hans Donner <hans.don...@pobox.com> wrote:
>
> > > > > and for chapter 8:
>
> > > > > - p213, cite the url and date
> > > > > - p214, 1st bullet - passwords are not always stored. (refer to later
> > > > > section)
> > > > > - p214, make clear that aut.permission is optional
> > > > > - p214, last two sentences start alike, please rephrase.
> > > > > - p215, 1st code example, please explain the code and refer to the
> > > > > sections where it is discussed in more detail
> > > > > - p215/216, the list on p216 seems also to belong to the sentence on
> > > > > p215 "the controller ... multiple actions". Because of the code
> > > > > listing the connection is lost. Adding a phrase like "An explanantion
> > > > > of the actions: " after the code listing and before the text will help
> > > > > - p216, not_authorized - how does this relate to the redirect by
> > > > > auth.settings.on_failed_authorisation (p225)
> > > > > - p216, "all are exposed ... to restrict", where /how to restrict. As
> > > > > per example on p218?
> > > > > - p216, subclassing auth. Can you provide examples or refer to ...
> > > > > - p216, last word "exmaple" -> "example"
> > > > > - p217, code example. auth refers here to the global variable auth as
> > > > > defined in the example on p215. As with the db global variable
> > > > > convention, please indicate the same in this chapter
> > > > > - p217, is there a seperate mail chapter? Yes: make a reference. No:
> > > > > make one
> > > > > - p218, appadmin interface doesnt use the markup and perhaps refer to
> > > > > the appadmin section (do we have one?)
> > > > > [p218, we might some proper user admin gui instead of using appadmin]
> > > > > - p218 r eblocking users. When will blocking users be active? On
> > > > > session expiration (when/how), logoff/login etc.
> > > > > - p218, last part of restrictions: "you can also block" and "can be
> > > > > restricted". What is it? Blocking seems to be the right word here
> > > > > (restricting for me means that there is still some parts accessible)
> > > > > - p218, recaptcha now only lists a partial signature. As per previous
> > > > >chapters, please list the full signature
> > > > > - p219, is the code listing correct? first "auth_table =
> > > > > db.define_table", followed by "auth_table = auth.settings.table_user"
> > > > > [ perhaps we need to include a helper in auth to do some basic chores
> > > > > and check onuser defined auth tabled ]
> > > > > - p219 "you can add any field ... cannot remove the required fields
> > > > > shown...". What you are saying is that the example shows the mimimum
> > > > > required fields, and more fields can be added as needed
> > > > > - p220, why not list the default supplied atlernate methods as you do
> > > > > with the validators?
> > > > > - p221, first half is a confusing text part. It seems to assume that
> > > > > some technical knowledge is present, and perhaps a reference can be
> > > > > made to apache .htaccess files that set up such a scheme.
> > > > > - p222, GAE "api is a little different but not too much". What is
> > > > > different? using login_form instead of login_methods, and no chaining.
> > > > > - p223 " although we suggest so" - why?
> > > > > - p223, use a bullet list to display the various actions (as per
> > > > > previous listing of attributes and methods/actions)
> > > > > - p224, first metion of crud. refer to the later section where it is
> > > > > discusse din more detail
> > > > > - pp24, the parts starting with the "row" code listing and " assuming
> > > > > following" should stand more apart
> > > > > [ accessible query on the todo to get something simmilar on GAE ]
> > > > > - p224, please explain the example - it now stands on its own
> > > > > - p224, first paragraph of the decorators should perhaps already being
> > > > > mentioned earlier (you first dive into the details and technical parts
> > > > > and the it is, "but here is how you should really do it"
> > > > > - p225, perhpas give more meaning full action names instead of "
> > > > > function_one"
> > > > > - p225, you really want users to run function_five?
> > > > > - p225, function_six should better be explained using the return
> > > > > example as per the other functions.
> > > > > - p226, refer to the crud (currently in ch 7)?
> > > > > - p226, the code listing is not explained
> > > > > - p227, download authorisation. Can you explain why it is different?
> > > > > (the reason behind it)
> > > > > - p227, "basic authorisation" how does this relate to the "basic" on
> > > > > p221
> > > > > - p228, make use of a bulleted list
> > > > > - p229, "as dicussed prveiously", please more specific references
> > > > > - p230 second line "funciton" - > "function"
> > > > > - p230, code listing, some lines are not wrapped (python wise)
> > > > > correctly
> > > > > - p231, the "..." in the listing will be filled?
>
> > > > > Hans
>
> > > > > On Sun, Jul 12, 2009 at 12:17 AM, Hans Donner<hans.don...@pobox.com>
> > > > > wrote:
> > > > > > And for chapter 7:
>
> > > > > > - p174, halfway " can be done in the view or the action". I assume
> > > > > > action is defined earlier - Perhaps a quick reference.
> > > > > > - general, sometime you amke an update of a previous example. Please
> > > > > > make explicit in the code, eg by using comments, where the
> > > > > > new/changed
> > > > > > stuff is. Makes it easier to spot
> > > > > > - p175, 1st bullter re the validator. refer to later section
> > > > > > covering validators
> > > > > > - p17s, lower part. Explain that this message is generated by
> > > > > > default
> > > > > > by the validator in the used example
> > > > > > - p175, 3rd line below "bee submitted"
> > > > > > - p177, last bullet. consider switching the the last sentences
> > > > > > - p178, re the explanition of accept and errors. Perhaps add that
> > > > > > accepts calls the validators and the optionally onvalidate that doe
> > > > > > the actual adding of error messages
> > > > > > - p178, keepvalues - also covers the signature of accepts. should be
> > > > > > before the keep value
> > > > > > - p179 - what is field d doing in this example?
> > > > > > - p 180/181 multple forms/self sunmission. Both refer to SQLFORM
> > > > > > that
> > > > > > is only discussed later
> > > > > > - p180 multiple form submission. So by leaving out the session
> > > > > > variable where open again for double submission. Can we prevent it,
> > > > > > or
> > > > > > did we open a new hole?
> > > > > > [note: perhaps we need more explicit ways to deal with this in
> > > > > > web2py,
> > > > > > as leaving out a session variable can be overlooked]
> > > > > > - p181, self submission - what is the use case for having this? teh
> > > > > > code example on shows how it is done, but gives little information
> > > > > > on
> > > > > > why it is done...
> > > > > > - p182 '( it can be psddrf with the fields...)' - how?
> > > > > > - p182, last part - gae stores in the db
> > > > > > - p183, last half ' single biggest time saver' - why? how?
> > > > > > - p183, just below previous: how and why to overlaod the xml
>
> ...
>
> read more »
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"web2py-users" group.
To post to this group, send email to web2py@googlegroups.com
To unsubscribe from this group, send email to
web2py+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/web2py?hl=en
-~----------~----~----~----~------~----~------~--~---
