[web2py] Re: Purpose of creating group for each user?

[Yarin]

@Massimo - Perhaps consider including: 
auth.settings.create_user_groups = True
in the default db.py, along with a comment explaining that it's mostly 
useful for crud. I think this would clarify auth config for many users.


On Friday, February 1, 2013 5:21:05 PM UTC-5, Massimo Di Pierro wrote:
>
> Disabling user groups is only a problem if you use crud which checks for 
> auth.accessible() records based on permissions. If There are no user groups 
> you do not know how to make an object accessible to the user who created. 
> Honestly I envisioned a bigger role in web2py for auth permissions. Turns 
> out most users (including me) do not use them and prefer to set simpler ad 
> hoc permission rules. In case there is no problem in disabling user groups.
>
> On Friday, 1 February 2013 15:42:49 UTC-6, Yarin wrote:
>>
>> The 
>> documentationstates:
>>
>> "The creation of the group can be disabled with
>>
>> auth.settings.create_user_groups = None
>>
>> although we do not suggest doing so."
>>
>> Massimo also says 
>> herethat 
>> "If you do not have those groups membership causes a nightmare."
>>
>> Yet I've never found any use for the individual user groups. Can someone 
>> explain their utility, and why the warnings against dropping them?
>>
>>
>>

-- 

--- 
You received this message because you are subscribed to the Google Groups 
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to web2py+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

[web2py] Re: Purpose of creating group for each user?

[VP]

I think the current web2py access control mechanism is unnecessarily 
complicated.  It is both role based and task based.  But this difference 
here is just semantics (i.e. you can define a group that can do a certain 
task).

The only actually difference is in terms of implementation, not conceptual. 
 Task based access can be defined on "objects" (tables).  But then again, 
this is just unnecessary, because role based access can also be made to 
operate on objects/tables.


-- 

--- 
You received this message because you are subscribed to the Google Groups 
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to web2py+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

[web2py] Re: Purpose of creating group for each user?

[Yarin]

Got it- thanks for the explanation

On Friday, February 1, 2013 5:21:05 PM UTC-5, Massimo Di Pierro wrote:
>
> Disabling user groups is only a problem if you use crud which checks for 
> auth.accessible() records based on permissions. If There are no user groups 
> you do not know how to make an object accessible to the user who created. 
> Honestly I envisioned a bigger role in web2py for auth permissions. Turns 
> out most users (including me) do not use them and prefer to set simpler ad 
> hoc permission rules. In case there is no problem in disabling user groups.
>
> On Friday, 1 February 2013 15:42:49 UTC-6, Yarin wrote:
>>
>> The 
>> documentationstates:
>>
>> "The creation of the group can be disabled with
>>
>> auth.settings.create_user_groups = None
>>
>> although we do not suggest doing so."
>>
>> Massimo also says 
>> herethat 
>> "If you do not have those groups membership causes a nightmare."
>>
>> Yet I've never found any use for the individual user groups. Can someone 
>> explain their utility, and why the warnings against dropping them?
>>
>>
>>

-- 

--- 
You received this message because you are subscribed to the Google Groups 
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to web2py+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

[web2py] Re: Purpose of creating group for each user?

[Massimo Di Pierro]

Disabling user groups is only a problem if you use crud which checks for 
auth.accessible() records based on permissions. If There are no user groups 
you do not know how to make an object accessible to the user who created. 
Honestly I envisioned a bigger role in web2py for auth permissions. Turns 
out most users (including me) do not use them and prefer to set simpler ad 
hoc permission rules. In case there is no problem in disabling user groups.

On Friday, 1 February 2013 15:42:49 UTC-6, Yarin wrote:
>
> The 
> documentationstates:
>
> "The creation of the group can be disabled with
>
> auth.settings.create_user_groups = None
>
> although we do not suggest doing so."
>
> Massimo also says 
> herethat "If 
> you do not have those groups membership causes a nightmare."
>
> Yet I've never found any use for the individual user groups. Can someone 
> explain their utility, and why the warnings against dropping them?
>
>
>

-- 

--- 
You received this message because you are subscribed to the Google Groups 
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to web2py+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.