Richard, I was about to post a similar question, but let me just ask you. I am also new to web2py, and I am not able to find any good resources in relation to creating multiple groups or assigning roles to users. For example, lets say I have a group of users that I want to categorize as company, drivers, and passengers. Can you shed some light of how I can take the built-in auth_user function and create these various groups.
Rafer On Monday, October 28, 2013 9:21:58 AM UTC-5, Richard wrote: > > If you are sure that the user that will be manage by other user is 1 to > many (many users that can declared which user is their manager), you can do > that (self-reference). But this is only one part of the problem, I think > you need to create a group of admin_user that are allow to manage other > users, the one that reference them, so you can get the list of users that > are mananagable by a given admin user like so : db(db.auth_user.id == > auth.user_id).select(db.auth_user.id) in this case the auth.user_id is > the admin user that is authenticated. > > You better have a group of admin and user web2py RBAC to make sure you > have a better controller over the users allowed to manage other users. That > way, you can user the web2py tool to make sure only the users that have > right can access you manage_user function, something like that : > > @auth.requires_login() > @auth.requires(lambda: auth.has_membership('admin')) > def manage_user(): > rows = db(db.auth_user.id == auth.user_id).select(db.auth_user.id) > id_of_users_to_be_managed = [row.id for row in rows] > if request.vars.user_id in id_of_users_to_be_managed: > form = SQLFORM(db.auth_user, user_id) > ... > else: > form = 'You can't manage this user' > return dict(form=form) > > > :) > > Richard > > > > > > > On Sun, Oct 27, 2013 at 7:05 PM, Mikael Cederberg > <mcede...@gmail.com<javascript:> > > wrote: > >> Hi there and thanks for a stellar project - really cool. I am trying to >> solve an issue that arose and was hoping for a pointer so I can solve it. >> >> I am wanting to use the authentication mechanism of web2py pretty much as >> is, but I need to be able to have one registered user, in some cases, be >> given the ability to administrate and act as other registered users. >> My thoughts were along the lines of adding a column parent_of to >> auth_user and if an id is specified here pointing towards another user, the >> specified id can administrate as that user. Would this be a proper way to >> go about it, and how could this be implemented? >> >> Any thoughts or ideas would be welcome. >> >> Tnx, Mikael >> >> -- >> Resources: >> - http://web2py.com >> - http://web2py.com/book (Documentation) >> - http://github.com/web2py/web2py (Source code) >> - https://code.google.com/p/web2py/issues/list (Report Issues) >> --- >> You received this message because you are subscribed to the Google Groups >> "web2py-users" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to web2py+un...@googlegroups.com <javascript:>. >> For more options, visit https://groups.google.com/groups/opt_out. >> > > -- Resources: - http://web2py.com - http://web2py.com/book (Documentation) - http://github.com/web2py/web2py (Source code) - https://code.google.com/p/web2py/issues/list (Report Issues) --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.