I have to redirect to a specific page if a user is not member of a specific group. I'm trying to use requires_membership decorator on my controller.
If I correctly understood documentation, I can specify a string in otherwise parameter in order to redirect the user to a page on failure:
@auth.requires_membership(group_id='fornitori', otherwise='/failure-page')
def index():
return {}
Anyway, this is not working, and looking at the code, it appear that the otherwise argument is only used for the requires_login decorator.
I'm doing something wrong or it's a bug on web2py?
Do you know some other simple way of doing this redirection?
otherwise does work with this decorator as well, but it only takes effect if the failure is due to login, not authorization. To make the redirect conditional upon failed authorization, there are two options. First, auth.settings.on_failed_authorization can be a function, so you could write a function that checks the requested controller/function/args and returns a different redirect URL depending on the request. Second, you could write your own "requires" function that handles the redirect itself:
def check_membership():
if not auth.has_membership(group_id='fornitori'):
redirect(URL('default', 'other'))
@auth.requires(check_membership)
def index():
etc.