473,382 Members | 1,635 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > python > questions > web application - user management - rbac

Join Bytes to post your question to a community of 473,382 software developers and data experts.

Web Application - User Management - RBAC

I am putting together a simple web-app for construction of standard documents.
Basically the app will present a form for inputting the variable content /
overriding standard text and send back a complete .doc / .swx. The motivation
for using a web app instead of templates is that I have found templates too
brittle, and I would like to store the variable/overriding data in an SQL
backend.

I would like to implement RBAC(Role Based Access Control) in the app. How would
one best go about that ? is there any code available(classes/frameworks) ? would
one render pages and thereby options based on role or guard methods(i.e. call
some kind of access control object and raise exceptions if an action is not
allowed for the role, or perhaps derive all objects from an object that
automatically handles such checks when a method is called ?) or some other
approach ? I have looked at Webwares UserKit but it is apparently incomplete and
frankly I can't figure out how it works.

I am planning to use CherryPy as a framework, but would be open to another
approach.

Regards,

Martin

Jul 18 '05 #1
4 3662
Hi Martin

IYou probably know this already but the obvious response is to use Zope :-)

Tim

Martin wrote:
I am putting together a simple web-app for construction of standard documents.
Basically the app will present a form for inputting the variable content /
overriding standard text and send back a complete .doc / .swx. The motivation
for using a web app instead of templates is that I have found templates too
brittle, and I would like to store the variable/overriding data in an SQL
backend.

I would like to implement RBAC(Role Based Access Control) in the app. How would
one best go about that ? is there any code available(classes/frameworks) ? would
one render pages and thereby options based on role or guard methods(i.e. call
some kind of access control object and raise exceptions if an action is not
allowed for the role, or perhaps derive all objects from an object that
automatically handles such checks when a method is called ?) or some other
approach ? I have looked at Webwares UserKit but it is apparently incomplete and
frankly I can't figure out how it works.

I am planning to use CherryPy as a framework, but would be open to another
approach.

Regards,

Martin

Jul 18 '05 #2
>
Hi Martin

IYou probably know this already but the obvious response is to use Zope

Tim


Yeah, but I am doing this also as an exercise. I want to understand how to put
RBAC together. Do I really have to start from scratch ? I am not pretending to
know much about web applications, but I would think there would be a lot of
generic stuff involved ?

Martin

Jul 18 '05 #3
> I would like to implement RBAC(Role Based Access Control) in the app. How would
one best go about that ?


Well, CherryPy comes with a module called "CookieSessionAuthenticate"
but it provides only 2 states: either a user is logged or he's not.
If a user is logged in then you'll get automatically his username.
You'll have to write your own code that checks the privileges that
this user has and if he's allowed to do such and such action or not.

It also depends on what level of precision you want the privileges to
have (it could be at the URL level or at the individual function call
level) ...

But overall, it shouldn't be too hard to implement thanks to Python
:-)

Regards,

Remi.
Jul 18 '05 #4
Webware for Python has a component calld 'UserKit.' It may not be
fully production ready as it stands, but could serve as a model.
Jul 18 '05 #5
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

18
internalization of (generic) application layer software to the database TSQL
by: mountain man | last post by:
Greetings to all database professionals and laymen, Let us make a bold assumption that we have developed a software tool for the SQL Server environment which simply acts as an interface between...
Microsoft SQL Server
1
PLease help Application Configuration file access error ???
by: serge calderara | last post by:
dear all, I have problem accessing section group in my configuration application file. I got an error saying thta I can have only one section ???? here is my application configuration looks...
.NET Framework
1
Application sser rights management
by: Versteijn | last post by:
Hello all, I'm in search for a nice user rights management framework. I want to be able to check if the current user has the right to perform a specific action, like: create a new user. ...
.NET Framework
5
Exception Management Application Block Question
by: PCC | last post by:
I am using the Exception Managment Application Block on Windows Server 2003 Enterprise and .NET v1.1. If I use the block with an ASP.NET web wervice or in a web application I get the following...
C# / C Sharp
1
Structuring of large application
by: Damien | last post by:
Hey guys, I'm currently developing a reasonably sized application, which is expected to grow in the future. At the centre is the User login facility - everyone using the site must log in....
ASP.NET
6
SqlCommand Open VERY slow on application load
by: B B | last post by:
Okay, here is what's happening: I have a reasonably fast laptop (1.4 GHz Mobile M, so comparable to 2.5GHz P4) doing .net development. Running Windows XP pro, SP2 IIS is installed and running...
ASP.NET
3
Application user login/management
by: Michael Glaesemann | last post by:
Hello all, Recently I've been thinking about different methods of managing users that log into a PostgreSQL-backed application. The users I'm thinking of are not necessarily DBAs: they're...
PostgreSQL Database
3
How to create a Service to Log Application Names
by: gerard.mears | last post by:
Hi, I'm a total newbie at VB.NET so please bare with me. I would like to create a simple service that will log all exe and com files that are executed but I don't know where to start. I'm...
Visual Basic .NET
4
DB2 Access Slow With MISys Application
by: Ray | last post by:
Does anyone out there have experience with using Db2 8.2 with a program called MISys (also known as ACCPAC). I am having some problems with the application running exteremly slow on workstations...
DB2 Database
1
Cloud Servers without Credit Card and Email Registration: A Simpler Way to Get on the Cloud
by: CloudSolutions | last post by:
Introduction: For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
General
0
isladogs
Access Europe: Command bars, the Access Shortcut Tool and a simple Audit Log - Wed 3 April
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 3 Apr 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome former...
General
0
How to turn on java script in a villaon keypad mobile phone
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
Java
0
Basic Javascript concepts
by: aa123db | last post by:
Variable and constants Use var or let for variables and const fror constants. Var foo ='bar'; Let foo ='bar';const baz ='bar'; Functions function $name$ ($parameters$) { } ...
Javascript
0
Batch import of multiple excel files into the database
by: ryjfgjl | last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
Data Management
0
Merging data from multiple Excel files
by: ryjfgjl | last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
Data Management
0
BarryA
Navigating the Data Structures and Algorithms (DSA)
by: BarryA | last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
Algorithms / Advanced Math
1
Looking to do Android software development, any suggestions? Is flutter better?
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
General
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!