Path: csiph.com!v102.xanadu-bbs.net!xanadu-bbs.net!feeder.erje.net!eu.feeder.erje.net!newsfeed.xs4all.nl!newsfeed4a.news.xs4all.nl!xs4all!newsgate.cistron.nl!newsgate.news.xs4all.nl!post.news.xs4all.nl!not-for-mail Return-Path: X-Original-To: python-list@python.org Delivered-To: python-list@mail.python.org X-Spam-Status: OK 0.033 X-Spam-Evidence: '*H*': 0.93; '*S*': 0.00; 'level,': 0.07; 'admins': 0.09; 'permissions': 0.09; 'cc:addr:python-list': 0.11; 'question.': 0.14; '"is': 0.16; '"we': 0.16; '24,': 0.16; 'buttons,': 0.16; 'fiddle': 0.16; 'fine.': 0.16; 'from:addr:rosuav': 0.16; 'from:name:chris angelico': 0.16; 'involved;': 0.16; 'mode,': 0.16; 's/he': 0.16; 'script,': 0.16; 'simplified': 0.16; 'simplifies': 0.16; 'subject:program': 0.16; 'subject:user': 0.16; 'flexibility': 0.16; 'wrote:': 0.18; 'options.': 0.19; 'thu,': 0.19; 'admin': 0.22; 'network,': 0.22; 'separate': 0.22; 'cc:addr:python.org': 0.22; 'password.': 0.24; 'simpler': 0.24; 'regardless': 0.24; 'question': 0.24; 'cc:2**0': 0.24; 'permission': 0.26; 'purposes': 0.26; 'specially': 0.26; 'subject:/': 0.26; 'header:In-Reply-To:1': 0.27; 'feature': 0.29; 'am,': 0.29; "doesn't": 0.30; 'database,': 0.30; 'mode': 0.30; 'message-id:@mail.gmail.com': 0.30; "i'm": 0.30; 'that.': 0.31; 'disabled': 0.31; 'explained': 0.31; 'sales,': 0.31; 'probably': 0.32; 'figure': 0.32; 'another': 0.32; 'level.': 0.33; 'role': 0.34; 'screen': 0.34; 'maybe': 0.34; 'could': 0.34; 'problem': 0.35; 'case,': 0.35; 'etc': 0.35; 'but': 0.35; 'received:google.com': 0.35; 'there': 0.35; 'really': 0.36; 'idle': 0.36; 'useful': 0.36; 'possible': 0.36; 'two': 0.37; 'clear': 0.37; 'issue': 0.38; 'anything': 0.39; 'how': 0.40; 'even': 0.60; 'access,': 0.60; 'worry': 0.60; 'most': 0.60; 'black': 0.61; 'increased': 0.61; 'entire': 0.61; "you're": 0.61; 'box,': 0.64; 'more': 0.64; 'talking': 0.65; 'roles': 0.68; 'fact,': 0.69; 'cut': 0.74; 'further,': 0.74; 'jul': 0.74; 'programs,': 0.74; 'special': 0.74; 'gain': 0.79; 'complexity': 0.84; 'elevated': 0.84; 'inherent': 0.84; "it'd": 0.84; 'nod': 0.84; 'subject:Network': 0.84; 'to:none': 0.92 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:cc :content-type; bh=GGHaKJUDKaH62wQ63W7gzsI7EN5az50Qy+S1f82idtk=; b=GHXn84c0jGh8PIChLBLsmjKIhzBn2pkAoAzB/+T+/BbPIuROwO7/40NLacxGMXxHZx lmpYSIo8frRMpoizt1+qhgGV8Iyj/pRqypuKP0pPu7S5n+/21dCFGEPxuzRXlKxLgTMG G9YcVcjR46XgJyP3IkoPPYpyXdXo5xT4pxW1umihutYI+qjGK65qTQ9xDY98bCy2wdWy BgvMBYB3YnmMngLC1BUTZDQHGKX2zb8Arn/sHCJjl2LDtce3TPPj7sbell+UOTxlrpS/ DDfd/mHogtMO0vN+H/EHSMGetD2JHVnxd0N5Wo5Bh1liI050ZAIaLHHBVvUGN3hH871o Ivyw== MIME-Version: 1.0 X-Received: by 10.52.244.111 with SMTP id xf15mr2545482vdc.93.1406129906509; Wed, 23 Jul 2014 08:38:26 -0700 (PDT) In-Reply-To: References: Date: Thu, 24 Jul 2014 01:38:26 +1000 Subject: Re: Network/multi-user program From: Chris Angelico Cc: "python-list@python.org" Content-Type: text/plain; charset=UTF-8 X-BeenThere: python-list@python.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: General discussion list for the Python programming language List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Newsgroups: comp.lang.python Message-ID: Lines: 48 NNTP-Posting-Host: 2001:888:2000:d::a6 X-Trace: 1406130377 news.xs4all.nl 2862 [2001:888:2000:d::a6]:36327 X-Complaints-To: abuse@xs4all.nl Xref: csiph.com comp.lang.python:75090 On Thu, Jul 24, 2014 at 12:14 AM, memilanuk wrote: >> But more likely, what >> you really want is a cut-down UI that simplifies things: if the user >> is data-entry level, you take away all the admin-type options. It >> might be possible to fiddle around in internals and gain elevated >> access, but that's not an issue in many environments. > > That sounds very much like what I'm thinking of... maybe a token nod @ > security with a passwd for 'admin' and 'data-entry' roles to keep idle > passers-by from snooping or diddling with things they shouldn't. Even if it > just greyed-out / disabled buttons, tabs, etc. based on role that would > probably meet needs. Yep, for most purposes that would be fine. In fact, you could cut it down further, if the data-entry mode is pretty safe: have the program start up in data-entry mode, and it has one menu item "Switch to admin mode", which prompts for a password. >> In any case, these are issues you'd need to figure out regardless of >> the development model. Ultimately, you could treat the entire >> computer, network, database, etc as a black box, and just look at two >> entities: the human, and the UI s/he is using. All permissions issues >> can be explained at that level. > > > Not really clear on what you're talking about on this part... If you were to create a web application, you'd have to worry about the same question of "is this person an admin or just data-entry". If you were to do this as a single program that other programs script, you'd have to worry about the same question. It's not complexity inherent in the model of "database is king, and there are several applications"; it's complexity inherent in the original problem "we will have separate admins and data-entry people". Incidentally, there is another way you could lay it out: have two separate programs, one of which is the d-e and the other is admins. That could work out very nicely, if you have a specially cut-down and simplified UI for d-e. It'd be like how some accounting packages have a special Point-Of-Sale mode, which doesn't have permission to process anything other than straight-forward sales, and which will use the entire screen just for that. It's a useful feature even when you completely trust the people involved; the simpler UI can allow increased throughput. There's a lot of flexibility here, and ultimately, you get exactly as much complexity as you write into your system :) ChrisA