| 1 | # -*- coding: utf-8 -*- |
|---|
| 2 | # ------------------------------------------------------------------------- |
|---|
| 3 | # This is a sample controller |
|---|
| 4 | # this file is released under public domain and you can use without limitations |
|---|
| 5 | # ------------------------------------------------------------------------- |
|---|
| 6 | |
|---|
| 7 | # ---- example index page ---- |
|---|
| 8 | def index(): |
|---|
| 9 | response.flash = T("Hello World") |
|---|
| 10 | return dict(message=T('Welcome to web2py!')) |
|---|
| 11 | |
|---|
| 12 | # ---- API (example) ----- |
|---|
| 13 | @auth.requires_login() |
|---|
| 14 | def api_get_user_email(): |
|---|
| 15 | if not request.env.request_method == 'GET': raise HTTP(403) |
|---|
| 16 | return response.json({'status':'success', 'email':auth.user.email}) |
|---|
| 17 | |
|---|
| 18 | # ---- Smart Grid (example) ----- |
|---|
| 19 | @auth.requires_membership('admin') # can only be accessed by members of admin groupd |
|---|
| 20 | def grid(): |
|---|
| 21 | response.view = 'generic.html' # use a generic view |
|---|
| 22 | tablename = request.args(0) |
|---|
| 23 | if not tablename in db.tables: raise HTTP(403) |
|---|
| 24 | grid = SQLFORM.smartgrid(db[tablename], args=[tablename], deletable=False, editable=False) |
|---|
| 25 | return dict(grid=grid) |
|---|
| 26 | |
|---|
| 27 | # ---- Embedded wiki (example) ---- |
|---|
| 28 | def wiki(): |
|---|
| 29 | auth.wikimenu() # add the wiki to the menu |
|---|
| 30 | return auth.wiki() |
|---|
| 31 | |
|---|
| 32 | # ---- Action for login/register/etc (required for auth) ----- |
|---|
| 33 | def user(): |
|---|
| 34 | """ |
|---|
| 35 | exposes: |
|---|
| 36 | http://..../[app]/default/user/login |
|---|
| 37 | http://..../[app]/default/user/logout |
|---|
| 38 | http://..../[app]/default/user/register |
|---|
| 39 | http://..../[app]/default/user/profile |
|---|
| 40 | http://..../[app]/default/user/retrieve_password |
|---|
| 41 | http://..../[app]/default/user/change_password |
|---|
| 42 | http://..../[app]/default/user/bulk_register |
|---|
| 43 | use @auth.requires_login() |
|---|
| 44 | @auth.requires_membership('group name') |
|---|
| 45 | @auth.requires_permission('read','table name',record_id) |
|---|
| 46 | to decorate functions that need access control |
|---|
| 47 | also notice there is http://..../[app]/appadmin/manage/auth to allow administrator to manage users |
|---|
| 48 | """ |
|---|
| 49 | return dict(form=auth()) |
|---|
| 50 | |
|---|
| 51 | # ---- action to server uploaded static content (required) --- |
|---|
| 52 | @cache.action() |
|---|
| 53 | def download(): |
|---|
| 54 | """ |
|---|
| 55 | allows downloading of uploaded files |
|---|
| 56 | http://..../[app]/default/download/[filename] |
|---|
| 57 | """ |
|---|
| 58 | return response.download(request, db) |
|---|
