Ok. Let me explain it better. I am trying to build an app. where
inspectors (construction) will entered gathered data. The thing is
that the inspectors are from different companies. I want the different
companies to see what they have gathered only.
Example:
Company A can only see what they gathered and entered
Company B can only see what they gathered and entered.
Right now users can log (no matter which company) and see all the
data, so I am missing something. Is it in the authentication? or is it
in the sql logic of it??
Thanks
d
On May 10, 4:58 pm, mdipierro <mdipie...@cs.depaul.edu> wrote:
> Do you mean you want to limit which fields will be visible to users
> when they register and edit their profile?
>
> You need to use a custom auth_user table and set writable=False for
> those fields they cannot edit, and readable=False for those that
> should not be visible. For example:
>
> db.define_table('auth_user',
> Field('first_name', length=512,default=''),
> Field('last_name', length=512,default=''),
> Field('username',length=32,default='',
>
> requires=(IS_NOT_EMPTY(),IS_NOT_IN_DB(db,'auth_user.username'))),
> Field('email', length=512,default='',
>
> requires=(IS_EMAIL(),IS_NOT_IN_DB(db,'auth_user.email'))),
> Field('password', 'password', readable=False,
> label='Password',
> requires=[CRYPT(auth.settings.hmac_key)]),
>
> Field('is_admin','boolean',default=True,readable=False,writable=False),
> Field('registration_key', length=512,writable=False,
> readable=False,default=''),
> Field('reset_password_key', length=512,writable=False,
> readable=False, default='',
> label=auth.messages.label_reset_password_key),
> )
>
> As you can see is_admin is not readable and writable.
> auth.define_tables() # creates all needed
> tables
>
> On May 10, 12:39 pm, greenpoise <danel.sega...@gmail.com> wrote:
>
> > Whenever I use authentication on its basic form:
>
> > 1. Any user can register something I do not want.
> > 2. Any user can see all the data
>
> > I want to be more specific and have control of the registration
> > process as to where I create the users and group they pertain to and
> > hence look at their specific data only. Where is this defined? within
> > the Authentication/Groups or do I have to add another specifying
> > field?? I read the Authentication part of the book but I simply dont
> > know how to tackle this problem.
>
> > Also while at it, is it a good practice to use the same database for
> > different clients?
>
> > Thanks
