If you are sure that the user that will be manage by other user is 1 to
many (many users that can declared which user is their manager), you can do
that (self-reference). But this is only one part of the problem, I think
you need to create a group of admin_user that are allow to manage other
users, the one that reference them, so you can get the list of users that
are mananagable by a given admin user like so : db(db.auth_user.id ==
auth.user_id).select(db.auth_user.id) in this case the auth.user_id is the
admin user that is authenticated.

You better have a group of admin and user web2py RBAC to make sure you have
a better controller over the users allowed to manage other users. That way,
you can user the web2py tool to make sure only the users that have right
can access you manage_user function, something like that :

@auth.requires_login()
@auth.requires(lambda: auth.has_membership('admin'))
def manage_user():
    rows = db(db.auth_user.id == auth.user_id).select(db.auth_user.id)
    id_of_users_to_be_managed = [row.id for row in rows]
    if request.vars.user_id in id_of_users_to_be_managed:
        form = SQLFORM(db.auth_user, user_id)
        ...
    else:
         form = 'You can't manage this user'
    return dict(form=form)


:)

Richard






On Sun, Oct 27, 2013 at 7:05 PM, Mikael Cederberg <mcederb...@gmail.com>wrote:

> Hi there and thanks for a stellar project - really cool.  I am trying to
> solve an issue that arose and was hoping for a pointer so I can solve it.
>
> I am wanting to use the authentication mechanism of web2py pretty much as
> is, but I need to be able to have one registered user, in some cases, be
> given the ability to administrate and act as other registered users.
> My thoughts were along the lines of adding a column parent_of to auth_user
> and if an id is specified here pointing towards another user, the specified
> id can administrate as that user. Would this be a proper way to go about
> it, and how could this be implemented?
>
> Any thoughts or ideas would be welcome.
>
> Tnx, Mikael
>
> --
> Resources:
> - http://web2py.com
> - http://web2py.com/book (Documentation)
> - http://github.com/web2py/web2py (Source code)
> - https://code.google.com/p/web2py/issues/list (Report Issues)
> ---
> You received this message because you are subscribed to the Google Groups
> "web2py-users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to web2py+unsubscr...@googlegroups.com.
> For more options, visit https://groups.google.com/groups/opt_out.
>

-- 
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
--- 
You received this message because you are subscribed to the Google Groups 
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to web2py+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

Reply via email to