can we paint a def function with multiple memberships

111 views
Skip to first unread message

lucas

unread,
Aug 19, 2013, 9:23:21 PM8/19/13
to web...@googlegroups.com
i am aware of:

@auth.requires_membership('Administrator')
def users():
  etc

however, can we allow for multiple or's, like

@auth.requires_membership('Administrator') or @auth.requires_membership('Manager')

which, of course, is pseudocode cuz i don't really know the syntax.  or perhaps in a set like

@auth.requires_membership(IS_IN_SET(('Administrator','Manager'))

so, can we already do this or can it be suggested?  thanx in advance, lucas

Fabiano

unread,
Aug 20, 2013, 1:11:17 AM8/20/13
to web...@googlegroups.com
Almost ;)

@auth.requires(auth.has_membership('Administrator') or auth.has_membership('Manager'))


http://www.web2py.com/books/default/chapter/29/09/access-control#Combining-requirements

Fabiano.

Anthony

unread,
Aug 20, 2013, 1:22:53 AM8/20/13
to web...@googlegroups.com
On Monday, August 19, 2013 10:11:17 PM UTC-7, Fabiano wrote:
Almost ;)

@auth.requires(auth.has_membership('Administrator') or auth.has_membership('Manager'))

Better to put the condition in a lambda so it only gets evaluated when the decorated function is called rather than every time the controller is called:

@auth.requires(lambda: auth.has_membership('Administrator') or auth.has_membership('Manager'))

We should probably update the book example, as this issue is mentioned immediately before the example.

And if you have a long list of roles to check, you can do something like:

@auth.requires(lambda: any([auth.has_membership(r) for r in ['list', 'of', 'roles']))

Anthony

lucas

unread,
Aug 20, 2013, 6:01:28 AM8/20/13
to web...@googlegroups.com
thanx fabiano and anthony, awesome.  lucas
Reply all
Reply to author
Forward
0 new messages