Thank you Massimo, my functions/methods takes arguments, so I will try
Bruno's method.
On Dec 30, 1:42 pm, Massimo Di Pierro <massimo.dipie...@gmail.com>
wrote:
> You can try something like this....
>
> Create a module auth.py
> ---- begin module auth.py -----
> def requires_login():
> def lazy(f):
> def lazylazy(f=f):
> from gluon import current, redirect, URL
> if not current.session.auth or not 'user' in
> current.session.auth:
> redirect(URL('not_authorized'))
> return f()
> return lazylazy
> return lazy
> ----- end -----
>
> In your module:
>
> import auth
> @auth.requires_login()
> def any_function(): return dict(....)
>
> I did not try it. May need some tweaks. Will not work if any_function
> takes arguments. That would require some major tweaks.
>
> On Dec 29, 11:22 pm, Bruno Rocha <rochacbr...@gmail.com> wrote:
>
>
>
>
>
>
>
> > Access control decorators are designed to work in controller actions only,
> > because actions define workflow of the application, even if you have code
> > in modules, the action is what your user will call.
>
> > But, you can always use other methods to check permissions etc..
>
> > in modulesyou can do [ auth.has_permission(), auth.has_membership(), if
> > auth.user.id: ]
>
> > but have in mind that if your Auth instance is created in models, you will
> > have to always pass it to the module or use the current object.
>
> > I am not using models anymore, so all my objects (db, crud, auth, service)
> > are created in modules and I have access to them.
>
> > On Fri, Dec 30, 2011 at 12:52 AM, lyn2py <lyn...@gmail.com> wrote:
> > > In controllers, it would look like:
>
> > > @auth.requires_login()
> > > def function():
> > > pass
>
> > > How do I implement requires_login (and other auth decorators)
> > > correctly in module methods that require access control?
>
> > > Thanks!
>
> > --
>
> > Bruno Rocha
> > [http://rochacbruno.com.br]
