I'm trying to put some access control around some of my functions.
When I use the admin interface to define a new auth_permission, the
form allows a tablename from a drop-down list containint *ONLY* the 4
predefined auth_* tables.
   It does not list any of my own tables in the drop-down list.
Shouldn't it?
   Also shouldn't an empty field be allowed here?
   Also shouldn't an empty record id field also be allowed?   It not,
       but using a zero is a workaround.


To work around the disallowed table problem, I did it programmaticaly
with calls to
   auth.add_permission(group_id, 'create', db.MyTable)
but the question is now: Where should I put these?  I made the mistake
of putting them in the db.py file, and got a new auth_permission
record everytime the DB is hit.  So I preceded the calls with a
db.auth_permission.truncate()...  But there has to be a better way!!!

Any help would be appreciated.

Reply via email to