Jon Erickson wrote:
I've run into a problem while developing a multi-user database application using Postgresql and Zope with ZSQL methods. I need user\group based security for the database similar to... .... ... but most Database Adapters use a single, static user login for database connections.
To solve this you can develop a DA that creates a new db connection. But this is not a working solution. Firlst of all: A Zope DA creates a backend process when connecting to PostGreSQL. The number of backends at the same time is limited (default value is 32) Second: Connecting to the db is a very expensive operation.
I don't really want to program this logic in python when Postgresql already has said features.
Does anyone have experience implementing user-level database security in a Zope app? If so, could you reply with some suggestions or examples please.
Have a look at ZDatabaseTool Demo at: http://www.easyleading.org/demo/ It gives you a RowLevelSecurity tab in the management screen. At this time a new ZopeDA for Postgres called ZEasyPGDA is also in work. Using this DA with ZDatabaseTool you can upload any file an store it on PostgreSQL as BLOB ! Unfortunately the tool and the DA are not officially released. But I'll send a beta package to all of you who ask for it. Please let me know what you think about it. -- _______________________________________________________________________ Andreas Heckel andreas@easyleading.org LINUX is like a wigwam...no gates...no windows and an apache inside ;-)