I am somewhat new to sqla and python. I am developing a module of sqla OR mapped objects that will be used by other developers. Those developers who will not be involved in the (currently postgres) database or model details. They will be using the module to write their own python clients to upload data sets or retrieve and delete data. Hopefully they will just be using sessions and adding objects or calling object methods.
Some will be 'power users' that can do most anything, while for others I need to be able to restrict what objects they can create, delete etc or which object methods they can access. My question is where/how to manage permissions? Is there some example, template, pattern that could guide me. Part could be possibly be done through database permission Non-power-users should at minimum only be able to create-but-not- delete data, which might best be at a database user or group permission-level since someone could inadvertently send damaging pure sql. But ideally, be able to think about create/delete/update data as python objects that belong to them and do damage to others. Power- users would be able to most anything across all users. Perhaps I need a business layer in the database like views or stored procedures to protect my base tables... or should that layer be on the python and/or sqlalchemy . Perhaps I need two modules - one for power users? What is recommended? Where do I start? Is there a project out there somewhere that I can learn from? Thanks in advance for any help! Rich -- You received this message because you are subscribed to the Google Groups "sqlalchemy" group. To post to this group, send email to sqlalch...@googlegroups.com. To unsubscribe from this group, send email to sqlalchemy+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/sqlalchemy?hl=en.
