Commit 77928b74 authored by Marc Duez's avatar Marc Duez
Browse files

server.js : controller patient permission

parent c3113414
......@@ -152,3 +152,10 @@ def delete():
res = {"success": "true" }
return gluon.contrib.simplejson.dumps(res, separators=(',',':'))
def permission():
if request.env.http_origin:
response.headers['Access-Control-Allow-Origin'] = request.env.http_origin
response.headers['Access-Control-Allow-Credentials'] = 'true'
response.headers['Access-Control-Max-Age'] = 86400
return dict(message=T('permission'))
......@@ -147,10 +147,14 @@ if db(db.auth_user.id > 0).count() == 0:
db.auth_group.insert(role='group_1')
db.auth_group.insert(role='group_2')
db.auth_group.insert(role='group_3')
db.auth_group.insert(role="guest")
db.auth_group.insert(role="public")
db.auth_membership.insert(user_id=id_first_user, group_id=id_admin_group)
db.auth_membership.insert(user_id=id_first_user, group_id=id_sa_group)
##permission
auth.add_permission(id_admin_group, 'read', db.patient, 0)
auth.add_permission(id_admin_group, 'admin', db.patient, 0)
## after defining tables, uncomment below to enable auditing
......
......@@ -14,17 +14,17 @@
<td> info </td>
<td class="column5"> </td>
<td class="column5"> </td>
<td class="column5"> </td>
</tr>
</thead>
{{
query = None
c_id = ""
query = db(db.patient).select()
query = db(auth.accessible_query('read', db.patient)).select()
for row in query :}}
<tr onclick="db.call('patient/info', {'id' :'{{=row.id}}'} )" >
<td> {{=row.last_name + " " + row.first_name }} </td>
<td> {{=row.birth }} </td>
<td> {{=row.info }} </td>
<td onclick="db.call('patient/permission', {'id' :'{{=row.id}}'} )" > p </td>
<td onclick="db.call('patient/edit', {'id' :'{{=row.id}}'} )" > e </td>
<td onclick="db.call('patient/confirm', {'id' :'{{=row.id}}'} )" > X </td>
</tr>
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment