I've been implementing role/permission checking this week, and I'd like to propose an enhancement.
requires_membership() takes a role, and unconditionally converts it to a group_id: group_id = self.id_group(role) (and then calls has_membership(). has_membership() takes a group_id It's a little confusing, because given the names of the functions, you'd expect them to take the same argument. One potential solution would be to accept either, interpreting the argument as a group_id if it's numeric. There's a small risk of a compatibility break if someone has numeric roles, since the semantics of requires_membership() would change in such a case. Another solution is to add has_role() and requires_role(), to do the obvious thing (requires_role would just be a synonym for requires_membership), but that doesn't fix the _membership inconsistency. Same argument wrt add_membership. -- You received this message because you are subscribed to the Google Groups "web2py-users" group. To post to this group, send email to web...@googlegroups.com. To unsubscribe from this group, send email to web2py+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/web2py?hl=en.
