You need to enforce it at controller level... What I usually do it to
filter the record user can view base on their role... The drawback depends
of your exact requirement is that they only see in grid what they are
allowed to modify or access...
But nothing prevent you to display all record and on
if there was a way to make only specific tables multi-tenant, that would
work as well
--
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
---
You received this m
Prefer not to address permissions in controller. One problem is in grid,
user can change the parms in the address bar and start editing another
user's data
Tried doing a record-by-record check below in grid but creates false
positive each time
db.auth_group.organizationID.represent = lambda v
3 matches
Mail list logo