These are readable, but not writable. What I want is for widget to get "grayed-out" and not be usable when user doesn't have permission to fill in the field.
Ideally, I think it would make sense to be able to do this as a requirement to a field, something like: requires=HAS_MEMBERSHIP(auth.id_group('admin'),auth.user.id), or requires=HAS_PERMISSION(...) or maybe clearer yet, have a permission authenticator: permission=HAS_MEMBERSHIP(...) or permission=HAS_PERMISSION(...) On Feb 7, 4:24 am, mdipierro <mdipie...@cs.depaul.edu> wrote: > I am not sure non-writable fields have widgets. I will check. Most > likely they do not if they are not writable and not readable. > > On Feb 7, 2:02 am, weheh <richard_gor...@verizon.net> wrote: > > > > > I'm using crud and want to disable access to certain fields if user is > > not a member of the admin group. For instance, content can only be > > approved by admin. I want to register the id of the user who approved > > the content, too. So I'd like to say: > > > if not auth.has_membership(auth.id_group('Admin'),auth.user.id): > > db.content.approved.writable=False > > db.content.signature.writable=False > > form = crud.update(db.content,...) > > > so that even if the view has this: > > {{=form.custom.widget.approved}} > > {{=form.custom.widget.signature}} > > > the fields shouldn't be fillable by an unauthorized user. Problem is, > > this doesn't work and I get this ticket: > > > Traceback (most recent call last): > > File "C:\web2py\gluon\restricted.py", line 173, in restricted > > exec ccode in environment > > File "C:/web2py/applications/myapp/controllers/admin.py", line 187, > > in <module> > > File "C:\web2py\gluon\globals.py", line 96, in <lambda> > > self._caller = lambda f: f() > > File "C:\web2py\gluon\tools.py", line 1873, in f > > return action(*a, **b) > > File "C:/web2py/applications/myapp/controllers/admin.py", line 59, > > in marketing > > form = crud.update(db.content,request.args(2),message=T('Updated > > content')) > > File "C:\web2py\gluon\tools.py", line 2270, in update > > keepvalues=self.settings.keepvalues): > > File "C:\web2py\gluon\sqlhtml.py", line 755, in accepts > > onvalidation, > > File "C:\web2py\gluon\html.py", line 1267, in accepts > > status = self._traverse(status) > > File "C:\web2py\gluon\html.py", line 449, in _traverse > > newstatus = c._traverse(status) and newstatus > > File "C:\web2py\gluon\html.py", line 449, in _traverse > > newstatus = c._traverse(status) and newstatus > > File "C:\web2py\gluon\html.py", line 449, in _traverse > > newstatus = c._traverse(status) and newstatus > > File "C:\web2py\gluon\html.py", line 449, in _traverse > > newstatus = c._traverse(status) and newstatus > > TypeError: 'NoneType' object is not callable > > > Anybody know what's going on here?- Hide quoted text - > > - Show quoted text - -- You received this message because you are subscribed to the Google Groups "web2py-users" group. To post to this group, send email to web...@googlegroups.com. To unsubscribe from this group, send email to web2py+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/web2py?hl=en.