try this:
# model
db.define_table('adress',
Field('name'),
Field('email'),
Field('created_by', db.auth_user, default=auth.user_id))
# controller
def index():
"""
example action using the internationalization operator T and flash
rendered by views/default/index.html or views/generic.html
"""
# user_id = db.adress.select()
query=((db.adress.created_by==auth.user_id))
grid = SQLFORM.grid(query=query)
return locals()
OF.
Am Samstag, 3. März 2012 18:18:09 UTC+1 schrieb Serpent_Guard:
>
> Yeah, I saw that, I guess I'm just a bit confused on how to implement it;
> what I want is for each user to have CRUD permissions on a given table, but
> only for records they've created themselves. Not sure how to do that with
> groups. I have it working now with a custom DAL query, so it's not
> super-critical at this point that I get it working with groups at this
> point, but it'd be good to know.
>
>
> On Friday, March 2, 2012 2:52:24 AM UTC-7, Oli wrote:
>>
>> look at this:
>> http://web2py.com/books/default/chapter/29/7?search=Permission
>>
>> Am Freitag, 2. März 2012 10:40:58 UTC+1 schrieb Serpent_Guard:
>>
>>> Is there a way to limit CRUD and/or SQLFORM.grid objects to only
>>> operating on a subset of records, so they can be used as managers for
>>> records based on ownership? As far as I can tell, CRUD works on either a
>>> whole table level or single record label, nothing in between. SQLFORM.grid
>>> does this quite well, with its second argument being a database query to
>>> select its records. This is nice, but the problem is that I can still use
>>> the form to view or edit other records that don't belong to me
>>> (/index/view/4 - I can change the '4' to any number I want, and the grid
>>> brings in the data without complaint). It seems the query is only used
>>> when displaying the records as a list, after that there's no validation to
>>> make sure that the record being requested for editing actually matches the
>>> query passed into the form constructor.
>>
>>
