[DB-SIG] DB / Python rights determination question.
Andy Dustman
farcepest at gmail.com
Wed Mar 8 19:13:25 CET 2006
On 3/8/06, S. D. Rose <s_david_rose at hotmail.com> wrote:
> Hello All. I'm building an application in wxPython. I'd like to load some
> global variables for the workers' PCs from a MySQL db already being used to
> hold the data. I want to persist a list of web addressees, a percentage
> rate, and a few other options needed. Since I'm using MySQL as a db
> already, I don't see the point of saving these on one station as a config
> file, and pushing out to all PCs, rather, they can query the GlobalConfigs
> table upon startup, and have a truly central configuration.
>
> I'd like to have some rights associated with the setting and modifying of
> these fields. My questions are:
>
> 1) How can I determine if a field requires a certain 'rights' level prior
> to actually trying to do the db update / insert / delete, so I can either
> enable / disable the SET button?
> 2) Provided that the logged-in user does NOT have these rights, can I have
> a temporary login as a manager to set/reset the field, then revert back to
> the logged-in user to continue with the transaction (think a manager in a
> grocery store going up to the register to use their 'Manager's Key' to
> over-ride a function that the store doesn't want just any clerk to do at any
> time ...)
>
> I'm so new to MySQL that this could be really easy and obvious, but I'm
> task-based right now, as opposed to being able to learn in the path that
> presents itself to me now.
>
> I really appreciate any help this NG can offer!!!!
> Thanks!
I suppose you could use SHOW GRANTS.
http://dev.mysql.com/doc/refman/5.0/en/show-grants.html
It would require doing some parsing of the output, though, and it
sounds like you may be doing grants on individual columns. Stored
procedures might not be a bad idea either for fine-grained access
control.
http://dev.mysql.com/doc/refman/5.0/en/stored-procedures.html
O'Reilly has a book coming out soon on MySQL Stored Procedures which I
think is pretty good (I was asked to review the Python stuff but have
no financial interest in it).
http://www.oreilly.com/catalog/mysqlspp/
--
The Pythonic Principle: Python works the way it does
because if it didn't, it wouldn't be Python.
More information about the DB-SIG
mailing list