Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I would like to restrict users to database entries only they have created. Is their any standard web2py way of doing this? auth.requires_permission looked good, but it appears to require a hard-coded row id, which doesn’t solve my problem.
This shouldn’t be handled by web2py. Your database is supposed to handle user permissions for this, so you will need to look in the documentation for the db backend you are using.
Also, if everyone has a separate user account on your front end that all connect to a single database user, then you won’t be able to control the permissions at all without a bunch of independent “security” code added on top of and around your database. For instance, a table in the database that looks at a field supplied by web2py when it connects to determine the “user” and then set the hand coded privileges accordingly. Databases have users for this very reason.