Re: [web2py] Re: how to decorate a function without using auth?

Thu, 20 Dec 2012 09:04:15 -0800 

the first problem i solved with loggout then login


2?


2012/12/20 António Ramos <ramstei...@gmail.com>

> Now i have 2 problems.
> Recap
> 1 -
>     print auth.user.isempreiteiro  # *returns None*
>     record=db(db.auth_user.id==auth.user_id).select()[0]
>     print  record['isempreiteiro'] #*returns True  "This is the real
> value"*
> Why?
>
> 2 -
> my decorated function in controller default works ok when user logged in
>
> @auth.requires_login()
> *#@auth.requires(checkempreiteiro(auth.user_id)==True) *
> def inserttrab():
>     form = SQLFORM(db.trabalhador)
>     if form.accepts(request.vars, session):
>         session.flash = 'registo inserido com sucesso'
>         redirect(URL())
>     return dict(form=form)
>
> but gives an error when the user does logout. logging out should redirect
> to login page but the line
>
> *#@auth.requires(checkempreiteiro(auth.user_id)==True) *
> def inserttrab():
> ...
>
> give a ticket with the error msg.
>
>  File "C:\web2pyGit\web2py\gluon\dal.py", line 9170, in __getitem__
>
>
>     row = self.records[i]
>
> IndexError: list index out of range
>
>
>
> When i browse to index page the same error .Why?
>
>
>
>
>
>
> thank you
>
>
>
> 2012/12/20 António Ramos <ramstei...@gmail.com>
>
>> extra fields are available in my auth.user var  but they have "None"
>> instead of the real value
>>
>>  so i create an extra function
>>
>>
>> def checkempreiteiro(user):
>>     print auth.user.isempreiteiro  # *returns None*
>>     record=db(db.auth_user.id==user).select()[0]
>>     return record['isempreiteiro'] #*returns True*
>>
>>
>> @auth.requires_login()
>> @auth.requires(checkempreiteiro(auth.user_id)==True)
>>
>>
>>
>> 2012/12/20 Anthony <abasta...@gmail.com>
>>
>>> Note, should be @auth.requires(...).
>>>
>>> Anthony
>>>
>>>
>>> On Thursday, December 20, 2012 10:04:26 AM UTC-5, Massimo Di Pierro
>>> wrote:
>>>>
>>>> @requires(auth.user.F1=='F')
>>>> def yourfunction(...): ....
>>>>
>>>> On Thursday, 20 December 2012 06:40:09 UTC-6, Ramos wrote:
>>>>>
>>>>> hello i have a function to be acessed only by users with an extra
>>>>> field F1 set to "F"
>>>>>
>>>>> how to protect this function to not be used bu everyone?
>>>>>
>>>>> what is the best way?
>>>>>
>>>>> thank you
>>>>> António
>>>>>
>>>>  --
>>>
>>>
>>>
>>>
>>
>>
>

--

Reply via email to