This is something about your design, not about the web2py. You may, for example, define your "rules" table, and let your app's user (ok, "maybe he is a system administrator") to define new rules. But after all, these rules are logically stored as data inside web2py's db. Then, you may define specific actions to use those rules.
PS: I am doing same thing in my app, an order management system. Perhaps we can exchange some experience in private mail. On May 27, 12:57 am, BearXu <[email protected]> wrote: > The reason to save some rules into the database is because sometimes these > rules are changing with time. So maybe every year we have a new version of > rules. We may add some new rules in the future. > What is a better solution? > > 2009/5/26 BearXu <[email protected]> > > > yesMaybe the customer is a system-administrator. > > > 2009/5/26 dlypka <[email protected]> > > >> In "By the way, what is your circumstance which need user to create a > >> function to manipulate data in db? Sounds vulnerable. " > >> and in > >> "Thus the customer can create or modify their own function > >> to manipulate other data in the database. " > > >> I believe "customer" / "user" really refers to 'developer", not "end > >> user", not "customer" > > >> i.e I believe BerXu meant to say > >> "Thus the developer can create or modify their own function > >> to manipulate other data in the database. ' > > >> I hope my guess is correct... > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "web2py Web Framework" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/web2py?hl=en -~----------~----~----~----~------~----~------~--~---
