On Tue, Jul 22, 2014 at 4:16 AM, Monte Milanuk <memila...@invalid.com> wrote: > On 2014-07-21, Chris Angelico <ros...@gmail.com> wrote: >> On Tue, Jul 22, 2014 at 2:07 AM, Monte Milanuk <memila...@invalid.com> wrote: >>> So I guess I'm asking for advice or simplified examples of how to >>> go about connecting a client desktop app to a parent/master desktop app, >>> so I can get some idea of how big of a task I'm looking at here, and >>> whether that would be more or less difficult than trying to do the >>> equivalent job using a web framework. >> >> Easier way: Don't have a "master desktop app", but instead have a >> master database. Since you're posting this to python-list, I'll assume >> you currently intend writing this in Python; you can make a really >> simple transition from single-user-single-desktop to a networked >> system, although of course you'll want to think in terms of multiple >> users from the start. > > So... if everybody is using the same application to access the same > database, how would you prevent say, a data entry user from accidentally > breaking something above their pay-grade? Set up some sort of > role-based privilege system to limit them to write access for some > portions and read-only for others?
That would be one way, yes. The first question you'd need to ask is: How do you know who's data-entry and who's admins? As soon as you solve that (probably with some sort of login), you tie the access level to that. If you need absolute security, you would have the user enter a login and password which would actually be the database credentials. Then you grant exact rights in the database manager, permitting ONLY what that user is allowed to do. It's then utterly impossible, even for someone who knows Python and SQL, to do damage. But more likely, what you really want is a cut-down UI that simplifies things: if the user is data-entry level, you take away all the admin-type options. It might be possible to fiddle around in internals and gain elevated access, but that's not an issue in many environments. In any case, these are issues you'd need to figure out regardless of the development model. Ultimately, you could treat the entire computer, network, database, etc as a black box, and just look at two entities: the human, and the UI s/he is using. All permissions issues can be explained at that level. ChrisA -- https://mail.python.org/mailman/listinfo/python-list
