apply constraint on SQLFORM.grid buttons

Junaid Ahmed

unread,

Nov 28, 2016, 6:25:39 PM11/28/16

to web2py-users

I want to allow permission to only the logged in user to edit his/her own tuples in the SQLFORM grid. Currently even if I'm logged in as a different user I'm able to edit the other person's information.

黄祥

unread,

Nov 28, 2016, 6:47:21 PM11/28/16

to web2py-users

pls try (not tested) :

def grid_constraints():

table = db.test

query = table.created_by == auth.user_id

constraints = dict(test = query)

editable = True if query else False

#editable = True

grid = SQLFORM.smartgrid(table, constraints = constraints,

editable = editable)

return locals()

ref:

http://web2py.com/books/default/chapter/29/07/forms-and-validators#SQLFORM-grid-and-SQLFORM-smartgrid

best regards,

stifan

Anthony

unread,

Nov 28, 2016, 11:39:30 PM11/28/16

to web2py-users

On Monday, November 28, 2016 at 6:47:21 PM UTC-5, 黄祥 wrote:

pls try (not tested) :
def grid_constraints():
table = db.test
query = table.created_by == auth.user_id
constraints = dict(test = query)
editable = True if query else False

No, that won't work -- "query" is a Query object, so "True if query else False" will simply always be True (the query itself is not somehow executed for each row).

Instead, "editable" can be a callable that takes a row and returns True or False. So, if the record has, for example, a created_by field, you could do:

SQLFORM.grid(..., editable=lambda row: row.created_by == auth.user_id)

Anthony

黄祥

unread,

Nov 29, 2016, 2:08:13 AM11/29/16

to web2py-users

a, u right, sorry, my bad, thanks for the correction, anthony.

best regards,

stifan

Reply all

Reply to author

Forward