using the auth. infrastructure to manage another user list

[icodk]

I have a "standard"  web2py application that uses the built in authentication system with sign in, login/out , forgot/change password etc.

In addition, I need to  manage "departmental" users that should not have access to the main application but only to a subset of services.

Is there a way to leverage the authentication system but  to use a different user table. In other words I would like to run two parallel  but separated authentication system 

Any idea  how to do it ? 

[Jim S]

Sounds to me like the authorization system in web2py would work perfectly.  Give a set of users access to a subset of the functionality.

Have you read through http://web2py.com/books/default/chapter/29/09/access-control?

Using auth_group, auth_membership and auth_permission along with the method decorators should give you all the control you need to restrict these users to a subset of your application.

I don't think you need a separate user table, just assign the users to groups.  You wouldn't even need permissions, just authorize/restrict based on group membership.

Give that a try and then let us know if it will work for you.

-Jim

[icodk]

That was fast response😊
Thanks.
Not sure it is an issue but for the departmental user registration, i want to use different messages, and handling. For example, departmental user should be approved automatically, while main users manually.

[Jim Steil]

So, then maybe you just add users and they all get departmental access and then have a button on the site where they can request admin access?

Then you can add them to an admin group that would give access to all features.

Would that help?

Jim

--
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
---
You received this message because you are subscribed to a topic in the Google Groups "web2py-users" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/web2py/J7xDgqtJTvE/unsubscribe.
To unsubscribe from this group and all its topics, send an email to web2py+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[icodk]

It is getting muddy...

What about the different messages I want to show depending on the type of user ?

To unsubscribe from this group and all its topics, send an email to web2py+un...@googlegroups.com.

[Dave S]

On Thursday, February 15, 2018 at 1:14:39 AM UTC-8, icodk wrote:

It is getting muddy...

What about the different messages I want to show depending on the type of user ?

Where are you wanting to show these messages?  At registration, or on a page for showing or entering data?

For the latter, you can do something like

  if auth.has_membership(group_id='admin'):
    report = CAT("Click ", A("here", callback=URL("advanced")), " to do advanced editing")
  else:
    report = "Contact a supervisor if this data contains errors"
  report += my_render(data)
  return dict(report = report)

the auth.function() stuff normally appears in a decorator, but can be used inline as well.

/dps

[Jim Steil]

I would think you could manage that by conditioning response.flash messages with auth.is_member tests.

Also, have you played around with the user method of default.py?

Jim

To unsubscribe from this group and all its topics, send an email to web2py+unsubscribe@googlegroups.com.

[Anthony]

On Thursday, February 15, 2018 at 4:14:39 AM UTC-5, icodk wrote:

It is getting muddy...

What about the different messages I want to show depending on the type of user ?

Just use conditional logic to change the auth settings and any relevant code in the user() action and user.html view.

Anthony