You do not have permission to delete messages in this group
Copy link
Report message
Sign in to report message
Show original message
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to web2py-users
I want to allow permission to only the logged in user to edit his/her own tuples in the SQLFORM grid. Currently even if I'm logged in as a different user I'm able to edit the other person's information.
黄祥
unread,
Nov 28, 2016, 6:47:21 PM11/28/16
Reply to author
Sign in to reply to author
Forward
Sign in to forward
Delete
You do not have permission to delete messages in this group
Copy link
Report message
Sign in to report message
Show original message
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
You do not have permission to delete messages in this group
Copy link
Report message
Sign in to report message
Show original message
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to web2py-users
On Monday, November 28, 2016 at 6:47:21 PM UTC-5, 黄祥 wrote:
pls try (not tested) :
def grid_constraints():
table = db.test
query = table.created_by == auth.user_id
constraints = dict(test = query)
editable = True if query else False
No, that won't work -- "query" is a Query object, so "True if query else False" will simply always be True (the query itself is not somehow executed for each row).
Instead, "editable" can be a callable that takes a row and returns True or False. So, if the record has, for example, a created_by field, you could do: