Thank you, so you mean is bad practice the way I implemented the tables? When I designed it like that, I thought it would be convenient in altering the relations between the records.
On Monday, September 8, 2014 11:47:57 AM UTC+3, Leonel Câmara wrote: > > Frankly, I would just store the user as the owner in all of those tables. > Probably using auth.signature(). > > You could do a very inefficient recursive select but I don't see any > advantage. > > Something like: > > task = db.tasks[5] > > if task.job.project.owner != auth.user_id: # You are doing a select for > each dot you see here: > raise HTTP(403) # Forbidden > -- Resources: - http://web2py.com - http://web2py.com/book (Documentation) - http://github.com/web2py/web2py (Source code) - https://code.google.com/p/web2py/issues/list (Report Issues) --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
