The main issue is not to do the database hit to generate the
list_of_roles_manger_site until you actually need to check the roles. You
code below is not ideal because the expensive operation is generating the
list, and you are generating the list every time the controller file is
accessed. You should move the code that generates the list inside the
function that gets called by auth.requires. For example, in a model file,
module, or even in the controller file, you could have:
def verifica_manager_site():
roles = [query to get roles from the database]
...
(If the above is in a controller, name it __verifica_manager_site, so it
won't be exposed as an action.)
Then:
@auth.requires(verifica_manager_site)
def myaction():
...
Anthony
On Monday, April 24, 2017 at 11:20:26 AM UTC-4, Andrea Fae' wrote:
>
> As Anthony suggested me (and thank you for his help), I use for example
> these function to control authorization
>
> @auth.requires(lambda: verifica_manager_site(list_of_roles_manager_site))
>
> At the starting of default.py, where I have the other function that needs
> authotiation, I putted code to populate "list_of_roles_manager_site" and
> the function "verifica_manager_site".
> The list is retrieved from database.
>
> Is it the correct place? OR I have to put in another place or create
> another file..I don't know...
> thanks
>
>
--
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
---
You received this message because you are subscribed to the Google Groups
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to web2py+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
