No, it does not. It must be done in two queries. Can you send me the
patch by email? thanks.
On Sep 8, 8:44 pm, Alexey Nezhdanov <snak...@gmail.com> wrote:
> Updated version of the patch then. Includes case where there is no such row
> ('create' action).
> However, I'm not sure if these changes are GAE-compartible. Not sure if
> bigtable likes .belongs on multiple columns.
> Can anybody test?
>
> Regards
> Alexey.
>
> --- tools.py_ 2010-09-08 08:40:22.266751051 +0400
> +++ tools.py 2010-09-08 09:44:30.050746520 +0400
> @@ -2415,17 +2415,10 @@
> == user_id).select(membership.group_id)
> groups = set([row.group_id for row in rows])
> permission = self.settings.table_permission
> - rows = self.db(permission.name == name)(permission.table_name
> - == str(table_name))(permission.record_id
> - == record_id).select(permission.group_id)
> + rows = self.db(permission.name.belongs((name,'any'))&
> + permission.table_name.belongs((str(table_name),''))&
> +
> permission.record_id.belongs((record_id,0))).select(permission.group_id)
> groups_required = set([row.group_id for row in rows])
> - if record_id:
> - rows = self.db(permission.name
> - == name)(permission.table_name
> - == str(table_name))(permission.record_id
> - == 0).select(permission.group_id)
> - groups_required = groups_required.union(set([row.group_id
> - for row in rows]))
> if groups.intersection(groups_required):
> r = True
> else:
>
> On Wed, Sep 8, 2010 at 5:14 PM, mdipierro <mdipie...@cs.depaul.edu> wrote:
> > I think this should be considered a bug and I agree with the change.
> > Anybody opposed?
>
> > Massimo
>
> > On Sep 7, 11:46 pm, Alexey Nezhdanov <snak...@gmail.com> wrote:
> > > Hi. I think that I found some inconsistency in the topic.
> > > When you do, say,
> > > auth.add_permission(group_id) - it assumes the permission name 'any',
> > table
> > > name empty and record_id 0.
> > > Which in turn feels like "full admin rights" - any action on any table on
> > > any record.
> > > In fact, that gives no permissions whatsoever.
>
> > > I've came out with the following patch to make it work for me, but since
> > > that is the very core of RBAC, I'm not sure if that is the right solution
> > or
> > > if I am looking in the correct direction at all.
>
> > > --- tools.old.py 2010-09-08 08:40:22.266751051 +0400
> > > +++ tools.py 2010-09-08 08:41:25.894746181 +0400
> > > @@ -2420,10 +2420,9 @@
> > > == record_id).select(permission.group_id)
> > > groups_required = set([row.group_id for row in rows])
> > > if record_id:
> > > - rows = self.db(permission.name
> > > - == name)(permission.table_name
> > > - == str(table_name))(permission.record_id
> > > - == 0).select(permission.group_id)
> > > + rows = self.db(permission.name.belongs((name,'any'))&
> > > +
> > > permission.table_name.belongs((str(table_name),''))&
> > > +
> > > permission.record_id.belongs((record_id,0))).select(permission.group_id)
> > > groups_required = groups_required.union(set([row.group_id
> > > for row in rows]))
> > > if groups.intersection(groups_required):
>
> > > Regards
> > > Alexey
>
>
