For example only uploader can download:
db.define_table('stuff',Field('file','upload'),auth.signature)
db.stuff.file.authorize = lambda row: row.created_by==auth.user_id
You should be able to extend this to other policies. The policy will be
enforced automatically by the download action.
On Wednesday, 17 October 2012 14:39:02 UTC-5, Hanyo wrote:
>
> Hi,
>
> i want to build a kind of web shop for file download. What I need is
> individual permission for each uploaded file vs. each user.
>
> So far I see two ways of doing that:
>
> The first way is to create auth_group for each user and add a permission
> tot hat group for each file whixh was bought by user.
>
> The secon way is to greacte a group and a permisson for each file and add
> users to the "file" group.
>
> Which way is better? Is there eve better way than these two?
>
> Best,
> Hanyo
>
--
