I think that the RBAC built-in in web2py can handle most part of your need, but I think you will have to build the logic you need around RBAC, noting that fancy come out of the box. Maybe there is already available app that does something similar.
Richard On Mon, May 14, 2012 at 3:11 PM, Remco K <remc...@gmail.com> wrote: > Hello everyone, > > I need -a little push in the right way- on implementing authorization. > > Here is what I have and what I want: > > 'ProjectA' has: > > * Multiple Users > * Multiple Documents > * Multiple Groups > > A user can have many documents > A user can be a member of multiple groups > A user can have multiple roles > A document can belongs to a groups > > Some rules: > * Users need to log in to access the functionality > * A document can be assigned to a group > * Users that are not a member of group A, which contains 'Document > private', should not be able to read this document > * When an user adds a new document the users should only be allowed to > attach this document to the groups which the user is member of. > > I tried to use build-in authentication model but don't get this working. > Is there any web2py-based implementation to achieve this?
