Commit 1efdee91 authored by Vidjil Team's avatar Vidjil Team
Browse files

patient.py: do not automatically grant access to users of the same groups

Everyone belongs to 'public', so it may be a bad idea.
parent e84cc19d
......@@ -221,12 +221,6 @@ def add_form():
auth.add_permission(user_group, 'read', db.patient, id)
auth.add_permission(user_group, 'anon', db.patient, id)
#tmp: share rights with users of the same group
for g in auth.user_groups :
auth.add_permission(g, 'admin', db.patient, id)
auth.add_permission(g, 'read', db.patient, id)
patient_name = request.vars["first_name"] + ' ' + request.vars["last_name"]
res = {"redirect": "patient/info",
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment