On Wed, 19 Jul 2000, Jephte CLAIN wrote:
I have the scenario where a user can edit *its* data but not other users's data, unless he has a special role. however, the method used to edit one's data is the same. So I make sure inside the edit_data method that the user has the adequate permissions if he tries to edit another one's data.
Make edit_data unpublishable (remove docstring, rename it to _edit_data) and write two wrappers for it - one for own data, one for other's data. Protect these wrappers with different sets of permissions. Oleg. (All opinions are mine and not of my employer) ---- Oleg Broytmann Foundation for Effective Policies phd@phd.russ.ru Programmers don't die, they just GOSUB without RETURN.