> > 3. SQLFORM.grid contains a built-in search field, which is useful. > However, it uses a form with method type GET. Normally this isn't a > problem, but if the form is being displayed by a controller function that > is decorated by @auth.requires_signature(), the search field dumps the user > to the 'insufficient-privileges' page. The reason is that the signature > token is being appended to the form action as a URL argument. Since the > form method is GET, this is overridden. It should be a hidden input value, > or the form method should be POST. I hacked together a jQuery fix, but > it's not ideal. >
Note, SQLFORM.grid itself takes a user_signature argument (which defaults to True), so you may not need the @auth decorator. Also, is the user logged in -- signature requires login? Anthony
