[Zope] Relational database & user permissions (select, add, update,
delete)
Andreas Heckel
andreas@easyleading.org
Fri, 12 Apr 2002 14:28:21 +0200
Jon Erickson wrote:
>
> I've run into a problem while developing a multi-user database
> application using Postgresql and Zope with ZSQL methods. I need
> user\group based security for the database similar to...
> ....
> ... but most Database Adapters use a single, static user login for
> database connections.
To solve this you can develop a DA that creates a new db
connection. But this is not a working solution.
Firlst of all:
A Zope DA creates a backend process when connecting to PostGreSQL.
The number of backends at the same time is limited (default value is
32)
Second:
Connecting to the db is a very expensive operation.
> I don't really want to program this logic
> in python when Postgresql already has said features.
>
> Does anyone have experience implementing user-level database security in
> a Zope app? If so, could you reply with some suggestions or examples
> please.
Have a look at ZDatabaseTool Demo at:
http://www.easyleading.org/demo/
It gives you a RowLevelSecurity tab in the management screen.
At this time a new ZopeDA for Postgres called ZEasyPGDA is also in work.
Using this DA with ZDatabaseTool you can upload any file an store it
on PostgreSQL as BLOB !
Unfortunately the tool and the DA are not officially released. But I'll
send
a beta package to all of you who ask for it.
Please let me know what you think about it.
--
_______________________________________________________________________
Andreas Heckel andreas@easyleading.org
LINUX is like a wigwam...no gates...no windows and an apache inside ;-)