While reading the web2py manual, I came across this following:
‘Once a new user is registered, a new group is created to contain the
user. The role of the new user is conventionally “user_[id]” where
[id] is the id of the newly created id.’
which makes me wonder why Web2py does this. More specifically, why do we need to have so many seemingly redundant groups created where each only contains a single user? For example, what is the purpose of having a group called 'user_2' created just for containing the user with id '2'?
If no particular justification exists, is there any way to disable this default behavior of automatically creating unique groups for individual users, so that more meaningful groups can be created separately? Thanks.
The very next sentence says:
It goes on to say:
It is a role-based access control (RBAC) system, so groups/roles rather than individual users are given permissions, and users gain access by virtue of the groups to which they belong (including their own user-specific group). This is explained more fully in the chapter intro.
If you don’t need to give specific permissions to individual users but only to more broadly defined groups/roles, then feel free to disable the automatic user-specific group creation as per the above.