OK to answer my own second question: if not auth.has_permission("delete", "mytable"): crud.settings.update_deletable = False
On May 29, 9:06 pm, apple <simo...@gmail.com> wrote: > I have added auth to my application using crud. However there are a > couple of areas where it does not act as I was expecting. > > 1) If I have change a permission from create to update then I now have > both permissions until I log off. I guess it has > cached the old permission somewhere. Is it possible to force any > changes to happen immediately? > > 2) If I have update permission it allows me to delete as well. Is it > possible to allow update but not delete? As I am using crud in the > application it is the same function for update and delete so it is not > possible to use a decorator nor to put a test within the code for > permissions.