Massimo,
I have a table company, which contains 2000+ company's. Visitors can
search for a company and in the query result click the company name,
which directs to a details function displaying the company's address
and nfa's. Some company managers would like to add a tagline to this
details view. So, I added the tagline table to the model:
db.define_table('tagline',
Field('company_id',db.company,default='',notnull=True,ondelete='CASCADE'),
Field('line',length=84,default='',notnull=True),
migrate=’tagline.table’)
Now, when a manager registers, he should get permission to
create,update and delete a tagline for his company. One solution
would be to customize the auth_user table and add a field company:
auth.settings.table_user=db.define_table('auth_user',
Field('company', db.company, default='',
notnull=True,ondelete='CASCADE', writable=False, readable=False),
...))
In this case I could define a function update_tagline:
def update_tagline():
record=db(db.tagline.company_id==auth.user.company_id).select(db.tagline.id)
record_id=record[0].id
form=crud.update(db.tagline,record_id,next=(URL(r=request,f='index')),message='',deletable=True)
return dict(form=form)
This works, however, in my opinion, it interferes too much with
web2py's authentication and authorization workflow. Therefore, I had
hoped there would be another solution. Like linking user and company
in the permissions table, instead of the user table.
Kind regards,
Annet.
