The web.auth module has two methods of setting access priviledges, the first is by setting an access level which is simply a positive integer. The higher the number the greater the access level. An access level of 0
or None
means no access. You can then check that the signed in user has an access level which is high enough to grant them access to a particular piece of functionality.
The second method is using roles; these are best described using an example. In a content management system users may be allowed to add, edit and remove pages so you might create the roles add
, edit
and remove
. An administrator might have all three roles and an editor might only be specified the role edit
. You can then grant users access to different parts of your application based on their role.
For the timebeing we will describe how to use access levels since they are simpler.
You can set the access level for a particular user or applicaiton using the admin.setLevel() method of the admin object. Each user can have a different access level to each application so you must specify the username, app name and level to set an access level.
admin.setLevel(username='john', app='app', level=1)