Re: [web2py] Re: let user choose it membership

Wed, 22 Sep 2010 09:49:21 -0700 

Here an improved version of the controller that takes care if user has
membership to differents groups. The "try" is to check if the user has a set
of group allowed... It could be better in the future to make a function
"has_group_allowed".

You need to add this model :

db.define_table('auth_group_allowed',
    Field('id','id'),
    Field('user_id','db.auth_user'),
    Field('group_id','db.auth_group'),
    Field('active_gr','boolean'),
    migrate=False,
    sequence_name='auth_group_allowed_id_seq')

db.auth_group_allowed.user_id.requires=IS_IN_DB(db,'auth_user.id','%(first_name)s
%(last_name)s (%(id)s)')
db.auth_group_allowed.group_id.requires=IS_IN_DB(db,'auth_group.id','%(role)s
(%(id)s)')

Then configure your RBAC correctly... Add to user you want the permission to
change his role by adding the set of allowed roles he is allowed. Then
specify wich role he is already in or the function chmembership will fix it
automatically anyway at first execution.

Here the function :

@auth.requires_login()
def chmembership():
    try:
        if db(db.auth_group_allowed.user_id==auth.user.id)\

 .select(db.auth_group_allowed.user_id,distinct=True).first().user_id==
auth.user.id:
            if auth.has_membership(auth.id_group('technician')) or
auth.has_membership(auth.id_group('coordinator')) or
auth.has_membership(auth.id_group('admin')):
                active_gr=db(db.auth_group_allowed.user_id==auth.user.id\
                                and
db.auth_group_allowed.active_gr=='TRUE')\

 .select(db.auth_group_allowed.group_id).first().group_id
                membershipID=db(db.auth_membership.group_id==active_gr\
                                and db.auth_membership.user_id==auth.user.id
)\
                                .select(db.auth_membership.id).first().id
                rows=db(db.auth_group_allowed.user_id==auth.user.id
).select(db.auth_group_allowed.group_id)
                groupSet={}
                for row in rows:
                    authgrouprole=db(db.auth_group.id
==row.group_id).select(db.auth_group.role).first().role
                    groupSet[row.group_id]=authgrouprole
                db.auth_membership.group_id.requires=IS_IN_SET(groupSet)
                form = crud.update(db.auth_membership,membershipID)
                new_gr=db(db.auth_membership.id
==membershipID).select(db.auth_membership.group_id).first().group_id
                db(db.auth_group_allowed.user_id==auth.user.id\
                                and
db.auth_group_allowed.active_gr=='TRUE').update(active_gr='FALSE')
                db(db.auth_group_allowed.user_id==auth.user.id\
                                and
db.auth_group_allowed.group_id==new_gr).update(active_gr='TRUE')
                return dict(form=form, active_gr=active_gr,
membershipID=membershipID, groupSet=groupSet)
    except AttributeError:
        redirect(URL(request.application,'default','index'))
        session.flash = T('invalid request')


It is not correctly tested so there is no garranty ;-)

I appreciate feed back!

Regards

Richard

On Tue, Sep 21, 2010 at 7:09 PM, Richard Vézina <ml.richard.vez...@gmail.com
> wrote:

> Hello Massimo,
>
> Here what I found as a temporarily solution :
>
> I made a auth_group_allowed that is a m2m relation between auth_user and
> auth_group. So, we can attribute each user a set of groups in which he is
> allowed to change with.
>
> Then this controller can let the user pick the group he want :
>
> @auth.requires_login()
> def chmembership():
>     j=db(db.auth_membership.user_id==auth.user.id).select(
> db.auth_membership.id).first().id
>     rows=db(db.auth_group_allowed.user_id==auth.user.id
> ).select(db.auth_group_allowed.group_id)
>     groupSet={}
>     for row in rows:
>         authgrouprole=db(db.auth_group.id
> ==row.group_id).select(db.auth_group.role).first().role
>         groupSet[row.group_id]=authgrouprole
>     db.auth_membership.group_id.requires=IS_IN_SET(groupSet)
>     form = crud.update(db.auth_membership,j)
>
>     return dict(form=form, j=j, groupSet=groupSet)
>
> It's just the beginning since I can't handle the case were a user is
> involve in more then one group for now.
>
> Please comment?
>
> Regards
>
> Richard
>
>
> On Fri, Sep 17, 2010 at 9:56 AM, mdipierro <mdipie...@cs.depaul.edu>wrote:
>
>> no and it is very much needed. Any takers?
>>
>> On Sep 17, 8:50 am, Richard Vézina <ml.richard.vez...@gmail.com>
>> wrote:
>> > Hello,
>> >
>> > I need to let some of my user changing of membership into a plage of
>> > existing members number. Is there mechanism already existing in web2py
>> or do
>> > I have to program it from scratch?
>> >
>> > Thanks
>> >
>> > Richard
>>
>
>

Reply via email to