I'm wondering how to filter query results based on some sort of user access rights. Can this be accomplished with Auth?
The basic use case is giving access to all records to all users, and then have certain users create records that will be only accessible to a limited number of users. Limited access records could/should be assigned to a group. just like in Auth! My problem is that Auth permissions seem designed to give access, and not to restrict access. That is in order to access a record you must have either explicit permission for that record_id or full-blown permission for the table. This way if one wants to restrict access to 90 records in a 100,000 record table it would be necessary to give access to 99,910 records in that table. What I'm looking for is just the opposite: give me all the records except those that are restricted (only accessible by a certain group or groups). I've just started looking at Auth but what I've seen (Book, AlterEgo, Wiki, Slices) suggests this can't be done by default. I guess this could be customized, but I also think it's quite a common use case, so perhaps I'm missing something? Miguel--
You received this message because you are subscribed to the Google Groups "web2py-users" group.
To post to this group, send email to web...@googlegroups.com.
To unsubscribe from this group, send email to web2py+unsubscr...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/web2py?hl=en.