Thanks again Richard, Dave for your useful hints.
Just to clarify, the need of trusting a user with formula editing is for
allowing a non-IT trusted user to edit the business logic that has to be
processed in an application. That means getting data from the database,
processing it, storing the
Good points... I forgot about the aspect of changing site way to make
calculation... At the same time, I understand the need as more specific for
some user the rest of the crowd stock with the basic calculation if they
don't know how to hack their own calculation function... In this context
On Thursday, April 28, 2016 at 12:01:50 PM UTC-7, Richard wrote:
>
> Why not just found a way to attach Ipython notebook (which seem to had
> been renamed Jupyter) to your app??
>
> https://jupyter.org/
>
> By providing dataset over which users can interact with... I am not sure
> exactly how
Why not just found a way to attach Ipython notebook (which seem to had been
renamed Jupyter) to your app??
https://jupyter.org/
By providing dataset over which users can interact with... I am not sure
exactly how to do that, but one idea could be to db select data that user
can play with inside
Thank you very much Leonel. This is also a very useful hint. As with the
previous recommendation I need a deeper knowledge about the subject to make
a decission, and this is a good point to start with.
Thank you and best regards.
El miércoles, 27 de abril de 2016, 14:48:18 (UTC+2), Leonel
Have you considered creating a DSL? Creating a DSL in python is quite easy.
Python might be easy but it is still an imperative language,
non-programmers don't think in either imperative or functional terms, they
think declaratively, they want to declare what they want to the computer
and let
Thanks a lot Alfonso for your quick and useful answer.
I agree with your concerns about security. It's a real issue.
On the other side, I'm taking into account some issues that help to
mitigate the risks:
- It will be a trusted and trained user of my company(non IT person),
not the
Allowing users to execute random code within the webapp environment is a
really bad idea.
A simple db.auth_user.truncate() within any of those user functions would
tear your whole app apart.
Some suggestion is the creation of any kind of engine or environment in
which to execute code safely.
8 matches
Mail list logo