Is there an obvious way to do this in python?

B

Bryan Olson

H J van Rooyen wrote:
[...]
> This is broadly what I had in mind, yes - but sort of down to a transaction
> level - this user does invoicing, this one enters cheques, this one does credit
> notes, and their supervisor can do all three, and in a different department its
> different because the jobs are different, but the invoicing GUI module is the
> same for wherever its used...

Pretty much any business has to deal with those things. You are
right about the need for transactions and authorization, and
that you don't want to have to manually update all the clients
whenever your modify the applications. Everyone has those
problems, and consequently there's a large body of experience
and conventional best practice. The highly redundant advice
you've been getting is recommending that you to do those things
that way most successful modern systems do them.

No question what you describe calls for a DBMS. Further, this
sounds like a job for a "three tier" architecture, what Dennis
L. Bieber explained as [db-server] <-> [app-server] <-> [client].
In the old days a three-tier system called for a large
data-processing staff; today one guy can set up a simple one in
an afternoon.

In a three-tier system, either the database, the server
application can enforce authorization policy. In order for the
database to enforce authorization, the application creates one
database connection for each client user, and logs in as the
user. That works well for most accounting-type systems, where
all the users are known in advance. In systems such as web
shopping carts, the application typically has its own user ID,
and creates all database connections as itself. The app, not the
database, is then responsible for keeping users from reading and
altering each other's data.

Trying to enforce authorization at the client is generally a
mistake. The user has too much control over his local machine.
He is not limited to running just the code you provide.


Don't get too hung up on choice of DBMS, but stick with portable
standard SQL. I bet you'll find your potential customers want it
to run against the database they already have. The particular
tables your system needs will become part of their larger
schema.
 
N

Nick Vatamaniuc

Hendrik,

---snip---
Now part of the reason I would like to go the transaction type route
instead of the "per user" route is robustness and maintainability, and
the ability it would give me to introduce new transaction types easily
- as I see it if say an invoice's GUI code is stable I would never have
to touch it again even if I combine it with anything else, as it would
have been designed from the start to combine with others of it's own
ilk, under a kind of communications controller that is standard...
---snip---

It could be possible to separate your GUI into various modules. So you
could have for example:
BillingGUI.py
InvoicingGUI.py
QueryGUI.py
and so on.
Then your central control application (Application.py) would get the
set of module names allowed for that client to run during login. So
after the user logs in, the next thing would be to "SELECT ..." all
the GUI modules from the database to be downloaded. The client won't
know which ones are there, only the server.

So the set of possible GUIs will be sent over to the client (preferable
in a zipped form). They are unzipped in some temporary folder (here you
can do some caching to only download if the set changed).

Then it would be imporant for you to create some nameing rule or some
interface so the Application.py will know what GUI modules look like.
For example you could have the pattern [Capitalizedname]GUI.py be a
GUI module. The Application.py will then inspect the folder, and create
a button and label for each possible GUI module and present that to the
user. When the user clicks on the Button, the Application.py window
gets hidden and the [Modulename]GUI.py module is executed. When done,
the Application.py will be shown again and the user can either continue
with another module they are allowed to use or quit.

How does that sound?

Also, you mentioned that you won't have more than a couple of simple
fill-in forms and with drop-down options and so on. HTML then might be
the way to go. If that's all there will ever be just try to do HTML
(see Cherrypy, Turbogears and others....). If your GUI will be more
complicated in the future, just stick with what you know (Tkinter for
example).

Good luck,
Nick Vatamaniuc
 
D

Dennis Lee Bieber

This is broadly what I had in mind, yes - but sort of down to a transaction
level - this user does invoicing, this one enters cheques, this one does credit
notes, and their supervisor can do all three, and in a different department its
different because the jobs are different, but the invoicing GUI module is the
same for wherever its used...
Confusing use of "transaction"... Many are probably looking at
"transaction" in terms of DBMS -- eg: a sequence of SQL operations
(inserts/updates/deletes) that ALL must be successful (and committed)
or, if any operation fails, ALL operations will be undone (rolled back)
as if none had been performed.

What you describe is something I'd refer to as different operator
"tasks".

For this control, and presuming you do NOT want to use a web
interface, I'd still build all capability (ie, all menu and form
definitions) into the client that is installed on all user stations.
THEN I'd use the application server (since I still feel you want to
control access to the database to one central point, not have to create
a user account in the DBMS for each employee using the clients) to
handle a login from the client -- the login would be used to access a
privilege table from the DBMS. This privilege table is essential a long
record of booleans -- one for each menu/form/task in the client. The
privilege record is sent to the client; the client uses the record to
enable and disable the relevant menu/form/task so that the user can only
activate the functions valid for them.

Otherwise you have a situation where, say a lowly data-entry clerk
has been using the application, maybe makes a mistake that requires
supervisor override, and the supervisor then has to wait for "their"
modules to be downloaded and started to correct the mistake. (Note: one
menu entry that should be on the "all-in-one" client is an ability to
change login without having to shut down the client -- basically the
client does a log-off of the application server, then a fresh log-in
with new parameters and gets a new privilege record with which to
reconfigure all the menu/form/task GUI).

If you go the web application route, each "login" would use a cookie
to control session, so the application server can determine what
functions to present to the user. You might even be able to use
something like Plone to build the application server; it already has
capability to present different views based upon login.
My thinking is simpler than this, because you are already thinking in "data base
speak" - now dont get me wrong - I realise that I will have to use a database -
but for me to start thinking in terms of views and stuff is kind of premature
when I dont even have a clear picture in my head of the kind of data the said
management system should keep, as I am not sure of what can, and cannot be done.
We're talking computer software -- enough money and time and you
could have the sun, moon, and stars (granted, a decade ago I /was/
involved with swapping out one satellite ephemeris package for another,
so it was literally sun, moon, and stars <G>)

You need to determine

1) architecture partitioning (DBMS <-> thick client; DBMS <->
application server <-> thick client, DBMS <-> application/web server <->
thin client) [Thick client: Python program that handles GUI and talks to
application server or DBMS; Thin client: web browser forms with some
Javascript/AJAX].

2) Database schema (done without care of the final DBMS); take into
account things you may not think of as the main data of the application
-- things like the above privilege control (in the case of the
DBMS<->thick client, it means using the grant tables and managing client
accounts per user, in the application server model you only have one
DBMS user that is the application server, but still have client user
accounts to manage as application data). If the DBMS has stored
procedures, you may need some of those... Heck, in the DBMS<->thick
client model, you could let any client access ANY form/operation/task...
What you'd do is run stored procedures for any DBMS transaction -- the
first thing that would happen is that the user privileges are checked
and the stored procedure either proceeds or rejects with "no privilege
for operation" (and this could be either programmed in as part of the
stored procedure, or be part of the DBMS internal privilege control).
--
Wulfraed Dennis Lee Bieber KD6MOG
(e-mail address removed) (e-mail address removed)
HTTP://wlfraed.home.netcom.com/
(Bestiaria Support Staff: (e-mail address removed))
HTTP://www.bestiaria.com/
 
D

Dennis Lee Bieber

Now part of the reason I would like to go the transaction type route instead of
the "per user" route is robustness and maintainability, and the ability it
would give me to introduce new transaction types easily - as I see it if say an
invoice's GUI code is stable I would never have to touch it again even if I
combine it with anything else, as it would have been designed from the start to
combine with others of it's own ilk, under a kind of communications controller
that is standard...
Uhm... You've just described the "raison d'etre" of Object Oriented
design/programming.

Each of your "transactions" (tasks/jobs/functions) would be a single
"class" (this does not mean they may not incorporate other classes as
part of them). Ideally, each class should be independent of the others
except for a defined API. The "invoice" would be one "class" (actually,
you may have a class for "invoice data" -- this being the information
passing between the client and the server; and a class for "invoice
presentation" -- the GUI. Plugging in another task should only involve
the main client (new menu entry) with maybe an "import new_task" so
picking the menu entry instantiates new_task.
--
Wulfraed Dennis Lee Bieber KD6MOG
(e-mail address removed) (e-mail address removed)
HTTP://wlfraed.home.netcom.com/
(Bestiaria Support Staff: (e-mail address removed))
HTTP://www.bestiaria.com/
 
H

H J van Rooyen

| H J van Rooyen wrote:
| (snip)
| > |> If my original post was unclear I am sorry - the point I want answered,
if
| > |> possible, is how to make the client code effectively updateable on the
fly -
| > |> because the answer to this will influence the whole design of the rest of
the
| > |> system...
| > |
| > |This is something I have been thinking about... IMHO what you want is
| > |not to "update client code on the fly", but to make the client mostly a
| > |kind of interpreter for what the server sends in. That is, the client
| > |code itself doesn't contain any application logic, it gets it from the
| > |server and execute it. This can certainly be done with Pyro.
| > |
| > |Now while this may be an interesting project, I'm not really sure it's
| > |worth the effort when we already have HTTP, HTML and AJAX...
| >
| > You may be right and it might not be worth the trouble - but what you
mention
| > above is closer to the sort of thing I have in mind - it is essentially
using
| > python to create a script language, and moving scripts around - but hey -
python
| > is already a script language...
|
| Yes, but it's not (alas) supported by browsers...
|
| > so if Pyro is for 'moving the scripts around' - Then that is what I must
look at
| > very hard...
|
| It's not for "moving the scripts around", it's for remote objects - kind
| of like Java's RMI, but, well, much more pythonic !-). Now the point is
| that Python being very powerful when it comes to dynamism and
| introspection, it should be possible to have a common client that
| basically just knows how to connect to the application server (using
| pyro). Once connected, the client asks the server for a set of objects
| (forms, menus etc) and the corresponding data. These objects then use
| the same mechanism to interact with the server. It's basically similar
| to the interaction between a browser and a web app - in that the client
| is potentially able to run any application sent by the server -, but
| with much more specialized client and app server and another protocol -
| and no other language than Python.
|

This is getting more and more interesting - its not the simple minded mechanism
I had in mind, but it will achieve the same thing, and it exists already - and I
can imagine it to be a very powerful mechanism, if I understand you correctly -
I am going to have to cry "time out!" to go and do some reading...

Thank you. - Hendrik
 
H

H J van Rooyen

| On Thu, 3 Aug 2006 09:17:41 +0200, "H J van Rooyen"
| <[email protected]> declaimed the following in comp.lang.python:
|
| > Can I not use the ssl module for encrypting the connections? - Please also
| > understand that the system is aimed at small to medium companies, in
ouse -
| > >From my perspective the only valid reason to use a database would be for
the
| > ease of reporting - the files are not large - and the speed of a dict lookup
in
| > python is hard to beat for normal transaction processing...
| >
| You might want to read the "Kode Vicious" column in a recent issue
| of Queue (probably last months issue -- it's been in my carry-bag for a
| few weeks).
|
| For an "in house" effort, encrypting the LAN traffic is probably not
| the most meaningful focus. Securing the data /storage/ is more important
| -- why secure the LAN traffic if someone can walk off with a backup of
| unsecured database. And who'd want to even spend time with a LAN sniffer
| on unencrypted traffic if that same backup is available for filching.
| >

This makes sense - message is - lock your server room...

| > NO! the last thing on my mind - want a dynamic process similar to banking
| > terminals - see my response to Simon please
| >
| ? ATMs? Or internal clerk consoles?

Semantics - sorry - neither - thinking of credit card terminals - in which area
I have dabbled in a bit...

These things have horrendously complex terminal management systems and elaborate
mechanisms to download all manner of parameters to change their behaviour... -
most have their internal state controlled by the server, sometimes formally,
sometimes just via param download...


| Pretty much everything is already in the terminal software -- what
| the operator has access to, and sees, is dependent upon the privileges
| defined for their "account". No "dynamic" loading of code (for security,
| I'd not even permit remote updates -- I'd require a floppy or CD from
| inside the secure box to change operating software; as soon as you
| permit updates to be pushed from outside you expose the risk of a
| cracker pushing a customized code set).
|

I was not aiming for this paranoid level of security - when I said "secure" or
"reliable" I was just looking for something that would work and that I could
trust not to fall over all the time...

On the small boxes, the loading of software mechanism varies from manufacturer
to manufacturer - some allow, others disallow the download and activation of new
apps - likewise for the update of existing ones - but most banks don't use these
mechanisms, even if they are available - they all tend to bring the device in to
a trusted facility. I don't know one of them that actually use the mechanism on
a per transaction basis, because it would be, amongst other things, too slow -
but most of the systems can force the terminal into a reload of at least its set
of parameters the next time it logs in - and this mechanism is used by for
instance AMEX to vary the messages displayed on their terminals - not quite
"code" update - but the user can't tell the difference.

I used the example because this sort of facility is the kind of thing I want to
find out if Python could do, in a more dynamic way than what the terminals that
can use it, actually use it - little thinking that I was sowing confusion -
sorry...

If you are familiar with the sort of Terminal Management Systems I am talking
about, that control the behaviour of the remote box via parameter download -
then what I want find out is how to do that in Python, but with the added
proviso that I must also be able to download "pieces" of the application - where
"download" in this sense is just to a PC in the next office on the local LAN -
So far the Pyro package that Bruno has steered me towards sounds the most
promising way of doing this - but I still haven't been able to "research" it ...

Thanks for the input and sorry about the confusion.

- Hendrik
 
H

H J van Rooyen

| On Thu, 3 Aug 2006 14:05:19 +0200, "H J van Rooyen"
| <[email protected]> declaimed the following in comp.lang.python:
|
| > What I mean by this is that the server does stuff that I think belongs on
the
| > client -
| > like getting involved in the nitty gritty of what the client should
display -
| > I want the client to be smart enough to do the assembly of the elements of a
| > transaction
| > by itself, going back to the server for data only when its needed - remember
|
| One thing to consider: Where is the separation between the database
| and the client. I believe most textbooks these days tend recommend:
|
| [db-server] <-> [app-server] <-> [client]
|
| (db-server and app-server can be the same hardware; the idea is that
| clients do not have direct access to the database system, and hence the
| back-end can be changed out without affecting any client... also,
| clients don't need to handle database errors, etc.)

Agreed - I would also need this application server to do the server end of my
"terminal management system"

|
| > so I see the client interacting with the server quite a lot, eventually to
be
| > able do things like auto completion of things like stock codes and
descriptions,
| > customer details, etc. - but I don't want every keystroke flying over the
LAN
| > and
| > being handled by the server...
| >
| And where did you see the client obtaining the "completion data" --
| direct access to some other database tables or did you intend to
| download /all/ possible data.

no just a framework of more or less static stuff like document types, name and
address data, and account names and codes that is not subject to continous
change... *grin* I would have to apply *some* skull sweat to the problem...

|
| Typical web-based applications may have a minimal bit of data
| validation running on the client (JavaScript ... things like making sure
| /something/ has been entered into required fields, but not verifying
| that it makes sense), and only when the user clicks on a submit is
| everything sent to the application server, which then generates the
| needed SQL from the data fields for submittal to the database server.
|
| > transaction is completed - like in a banking system, I envisage ways for the
| > client to 'poll' the server to get the state of the last transaction, to
make
| > this possible.
| >
| Bad choice... Upon submittal to the server, there should be a
| mandatory "good/bad" return code...


Here I take umbrage - not bad, good choice - let me elucidate - the return code
you are talking about is the normal thing, and it is the dead wrong way to
operate if that is all you do - what I am talking about is the failure
scenario - the way to make any transactionally based system robust is to have a
"GetTranResult" transaction that is routinely used before starting a new
transaction, to see if the previous one has completed properly - that way, the
client can either - continue with the new transaction, or - resubmit the old one
to try to get it to work or fail, or thirdly - advise the user that the previous
transaction has failed - it is, when you have thought about the flows and all
the possible ways in which they can fail - truly the only way to operate
reliably.

The above is the simple minded way to use such a facility -

You could also argue that the time to use this "polling" transaction is after
submitting the transaction, but if your return code is to be trusted, its not
needed - if the flows complete normally, its not needed - it is just needed for
built in recovery, and it works like a charm if both the server and the client
try to keep state over power failures and other disastrous events like losing
comms halfway through - especially for multi flow transactions that must update
different things on the server...

And it does no harm to ask the server the result of your last transaction when
you come up after power failure - you can then set the screens and stuff up to
the point where the server knows about them and have the user just curse a bit,
instead of a lot...

And most importantly, the data is safe (unless the database is corrupted, in
which case the likelyhood is high that yer screwed in any case) - and on this
note - if you have the reversed transaction too - i.e. a kind of
"GetPreviousLoggedTransactionResult" from the server to the client, you can make
recovery less painful, even in the case of database corruption...

Bad choice indeed! *snorts*

;-)

- Hendrik
 
H

H J van Rooyen

From: "Bryan Olson" <[email protected]>


| H J van Rooyen wrote:
| [...]
| > This is broadly what I had in mind, yes - but sort of down to
| a transaction
| > level - this user does invoicing, this one enters cheques,
| this one does credit
| > notes, and their supervisor can do all three, and in a
| different department its
| > different because the jobs are different, but the invoicing
| GUI module is the
| > same for wherever its used...
|
| Pretty much any business has to deal with those things. You are
| right about the need for transactions and authorization, and
| that you don't want to have to manually update all the clients
| whenever your modify the applications. Everyone has those
| problems, and consequently there's a large body of experience
| and conventional best practice. The highly redundant advice
| you've been getting is recommending that you to do those things
| that way most successful modern systems do them.
|
| No question what you describe calls for a DBMS. Further, this
| sounds like a job for a "three tier" architecture, what Dennis
| L. Bieber explained as [db-server] <-> [app-server] <-> [client].
| In the old days a three-tier system called for a large
| data-processing staff; today one guy can set up a simple one in
| an afternoon.
|
| In a three-tier system, either the database, the server
| application can enforce authorization policy. In order for the
| database to enforce authorization, the application creates one
| database connection for each client user, and logs in as the
| user. That works well for most accounting-type systems, where
| all the users are known in advance. In systems such as web
| shopping carts, the application typically has its own user ID,
| and creates all database connections as itself. The app, not the
| database, is then responsible for keeping users from reading and
| altering each other's data.
|
| Trying to enforce authorization at the client is generally a
| mistake. The user has too much control over his local machine.
| He is not limited to running just the code you provide.
|
|
| Don't get too hung up on choice of DBMS, but stick with portable
| standard SQL. I bet you'll find your potential customers want it
| to run against the database they already have. The particular
| tables your system needs will become part of their larger
| schema.
|
|
| --
| --Bryan

Thank you - this is a sane summary of the general business case, and I
particularly like the bit about keeping the SQL portable - its something I did
not even consider...

The conventional best practice advice is swamping my original query of how to do
something in Python...

Just a note:

If conventional best practice is followed all the time, without question - how
is it ever made better?
but that is probably a question for a separate thread - please ignore it
here... - it has nothing to do with the Python language.

- Hendrik
 
H

H J van Rooyen

| Hendrik,
|
| ---snip---
| Now part of the reason I would like to go the transaction type route
| instead of the "per user" route is robustness and maintainability, and
| the ability it would give me to introduce new transaction types easily
| - as I see it if say an invoice's GUI code is stable I would never have
| to touch it again even if I combine it with anything else, as it would
| have been designed from the start to combine with others of it's own
| ilk, under a kind of communications controller that is standard...
| ---snip---
|
| It could be possible to separate your GUI into various modules. So you
| could have for example:
| BillingGUI.py
| InvoicingGUI.py
| QueryGUI.py
| and so on.
| Then your central control application (Application.py) would get the
| set of module names allowed for that client to run during login. So
| after the user logs in, the next thing would be to "SELECT ..." all
| the GUI modules from the database to be downloaded. The client won't
| know which ones are there, only the server.
|
| So the set of possible GUIs will be sent over to the client (preferable
| in a zipped form). They are unzipped in some temporary folder (here you
| can do some caching to only download if the set changed).
|
| Then it would be imporant for you to create some nameing rule or some
| interface so the Application.py will know what GUI modules look like.
| For example you could have the pattern [Capitalizedname]GUI.py be a
| GUI module. The Application.py will then inspect the folder, and create
| a button and label for each possible GUI module and present that to the
| user. When the user clicks on the Button, the Application.py window
| gets hidden and the [Modulename]GUI.py module is executed. When done,
| the Application.py will be shown again and the user can either continue
| with another module they are allowed to use or quit.
|
| How does that sound?

This is the sort of thing I am looking for, thanks - its a bit rough as it
depends on magic gui names, but hey - I think it would be easy to implement,
even not using magic names - the server could tell the core app the names of the
files explicitly during the logon type dialog... *grin* that will move the magic
out of the client and on to the server...


| Also, you mentioned that you won't have more than a couple of simple
| fill-in forms and with drop-down options and so on. HTML then might be
| the way to go. If that's all there will ever be just try to do HTML
| (see Cherrypy, Turbogears and others....). If your GUI will be more
| complicated in the future, just stick with what you know (Tkinter for
| example).
|
| Good luck,
| Nick Vatamaniuc
|

Thank you for the support - now I would like to call "Time out" - I have a lot
of reading to do...

- Hendrik
 
H

H J van Rooyen

| On Thu, 3 Aug 2006 16:50:15 +0200, "H J van Rooyen"
| <[email protected]> declaimed the following in comp.lang.python:
| > Now part of the reason I would like to go the transaction type route instead
of
| > the "per user" route is robustness and maintainability, and the ability it
| > would give me to introduce new transaction types easily - as I see it if say
an
| > invoice's GUI code is stable I would never have to touch it again even if I
| > combine it with anything else, as it would have been designed from the start
to
| > combine with others of it's own ilk, under a kind of communications
controller
| > that is standard...
| >
| Uhm... You've just described the "raison d'etre" of Object Oriented
| design/programming.


Oh No! - curses! It has slipped in under the radar! - I have always thought that
the reason for going the OO route is to obfuscate the code so that mere mortals
could never understand it...


|
| Each of your "transactions" (tasks/jobs/functions) would be a single
| "class" (this does not mean they may not incorporate other classes as
| part of them). Ideally, each class should be independent of the others
| except for a defined API. The "invoice" would be one "class" (actually,
| you may have a class for "invoice data" -- this being the information
| passing between the client and the server; and a class for "invoice
| presentation" -- the GUI. Plugging in another task should only involve
| the main client (new menu entry) with maybe an "import new_task" so
| picking the menu entry instantiates new_task.
| --

Yes got it, thanks- Hendrik
 
B

Bruno Desthuilliers

H said:
| H J van Rooyen wrote: (snip)
| > so if Pyro is for 'moving the scripts around' - Then that is what I must
look at
| > very hard...
|
| It's not for "moving the scripts around", it's for remote objects - kind
| of like Java's RMI, but, well, much more pythonic !-). Now the point is
| that Python being very powerful when it comes to dynamism and
| introspection, it should be possible to have a common client that
| basically just knows how to connect to the application server (using
| pyro). Once connected, the client asks the server for a set of objects
| (forms, menus etc) and the corresponding data. These objects then use
| the same mechanism to interact with the server. It's basically similar
| to the interaction between a browser and a web app - in that the client
| is potentially able to run any application sent by the server -, but
| with much more specialized client and app server and another protocol -
| and no other language than Python.
|

This is getting more and more interesting - its not the simple minded mechanism
I had in mind, but it will achieve the same thing, and it exists already

WARNING : Actually, the only thing that "exists already" is Pyro (and of
course Python...) - all the rest is just me thinking out loud, and I by
no mean garantee that what I describe above is viable or sensible or
even reasonably implementable.
and I
can imagine it to be a very powerful mechanism, if I understand you correctly -
I am going to have to cry "time out!" to go and do some reading...

Indeed. And please don't hold it against me if it ends up being some
kind of Frankenstein's monster !-)
 
H

H J van Rooyen

| On Thu, 3 Aug 2006 16:50:15 +0200, "H J van Rooyen"
| <[email protected]> declaimed the following in comp.lang.python:
|
| >
| > This is broadly what I had in mind, yes - but sort of down to a transaction
| > level - this user does invoicing, this one enters cheques, this one does
credit
| > notes, and their supervisor can do all three, and in a different department
its
| > different because the jobs are different, but the invoicing GUI module is
the
| > same for wherever its used...
| >
| Confusing use of "transaction"... Many are probably looking at
| "transaction" in terms of DBMS -- eg: a sequence of SQL operations
| (inserts/updates/deletes) that ALL must be successful (and committed)
| or, if any operation fails, ALL operations will be undone (rolled back)
| as if none had been performed.
|
| What you describe is something I'd refer to as different operator
| "tasks".

Sorry - I have spent too long in an environment where a transaction is something
you built, shipped, and got an answer for...

|
| For this control, and presuming you do NOT want to use a web
| interface, I'd still build all capability (ie, all menu and form
| definitions) into the client that is installed on all user stations.
| THEN I'd use the application server (since I still feel you want to
| control access to the database to one central point, not have to create
| a user account in the DBMS for each employee using the clients) to
| handle a login from the client -- the login would be used to access a
| privilege table from the DBMS. This privilege table is essential a long
| record of booleans -- one for each menu/form/task in the client. The
| privilege record is sent to the client; the client uses the record to
| enable and disable the relevant menu/form/task so that the user can only
| activate the functions valid for them.
|
*grin* this is the easy - cop out route - there is of course nothing
intrinsically wrong with it - I was just trying to find out how to do the harder
bits in Python - namely to dynamically present different things...


| Otherwise you have a situation where, say a lowly data-entry clerk
| has been using the application, maybe makes a mistake that requires
| supervisor override, and the supervisor then has to wait for "their"
| modules to be downloaded and started to correct the mistake. (Note: one
| menu entry that should be on the "all-in-one" client is an ability to
| change login without having to shut down the client -- basically the
| client does a log-off of the application server, then a fresh log-in
| with new parameters and gets a new privilege record with which to
| reconfigure all the menu/form/task GUI).
|

This is a disadvantage that I had not thought about - I was not yet this far
down the track

| If you go the web application route, each "login" would use a cookie
| to control session, so the application server can determine what
| functions to present to the user. You might even be able to use
| something like Plone to build the application server; it already has
| capability to present different views based upon login.

Know squat about Plone - another thing to add to my list of reading *sigh*
|
| > My thinking is simpler than this, because you are already thinking in "data
base
| > speak" - now dont get me wrong - I realise that I will have to use a
database -
| > but for me to start thinking in terms of views and stuff is kind of
premature
| > when I dont even have a clear picture in my head of the kind of data the
said
| > management system should keep, as I am not sure of what can, and cannot be
done.
| >
| We're talking computer software -- enough money and time and you
| could have the sun, moon, and stars (granted, a decade ago I /was/
| involved with swapping out one satellite ephemeris package for another,
| so it was literally sun, moon, and stars <G>)
|

sounds like it was fun...

| You need to determine
|
| 1) architecture partitioning (DBMS <-> thick client; DBMS <->
| application server <-> thick client, DBMS <-> application/web server <->
| thin client) [Thick client: Python program that handles GUI and talks to
| application server or DBMS; Thin client: web browser forms with some
| Javascript/AJAX].

I am kind of egregious - despite all the sound advice I am getting - I am still
thinking (from the back end) of:

dbms <> app server <> thick client (python)

|
| 2) Database schema (done without care of the final DBMS); take into
| account things you may not think of as the main data of the application
| -- things like the above privilege control (in the case of the
| DBMS<->thick client, it means using the grant tables and managing client
| accounts per user, in the application server model you only have one
| DBMS user that is the application server, but still have client user
| accounts to manage as application data). If the DBMS has stored
| procedures, you may need some of those... Heck, in the DBMS<->thick
| client model, you could let any client access ANY form/operation/task...
| What you'd do is run stored procedures for any DBMS transaction -- the
| first thing that would happen is that the user privileges are checked
| and the stored procedure either proceeds or rejects with "no privilege
| for operation" (and this could be either programmed in as part of the
| stored procedure, or be part of the DBMS internal privilege control).
| --

Yes this is the tricky part - it is so easy to overlook something, or to use an
awkward definition that comes back later to byte you in the butt (yes I know
bite is not spellt like that)
And it is not easy to do all this so that you can maintain it - when you get
back to it six months (or years) later, you are no longer the same person... the
"Who wrote this crap? " syndrome - and the answer - "Oh it was I"

;-)

So one has to follow some kind of discipline that you feel comfortable with...

Thanks for the input - I want to call "time out" now so that I can go and do the
reading I have been pointed to...
 
D

Dennis Lee Bieber

"Dennis Lee Bieber" <[email protected]> wrote:
| Otherwise you have a situation where, say a lowly data-entry clerk
| has been using the application, maybe makes a mistake that requires
| supervisor override, and the supervisor then has to wait for "their"
| modules to be downloaded and started to correct the mistake. (Note: one
| menu entry that should be on the "all-in-one" client is an ability to
| change login without having to shut down the client -- basically the
| client does a log-off of the application server, then a fresh log-in
| with new parameters and gets a new privilege record with which to
| reconfigure all the menu/form/task GUI).
|

This is a disadvantage that I had not thought about - I was not yet this far
down the track

There may be something in-between. IFF this is to be used strictly
on an internal LAN with uniform architecture (all Linux or all WinXP)
for the client machines. You'd have to set up something so a reboot
remounts correctly but... (In WinXP terms) Create a read-only "share" on
a file server. The file server will contain the Python modules that make
up the client. The client start-up still uses a login to obtain a
privilege map, which controls the menu/form access. However, rather than
having to push the modules to each client, you delay the module import
until the form it controls is invoked. The start-up module would have to
add the "share" to the pythonpath (hence you want a uniform system
configuration so each machine mounts the share on the same name).

It's still an all-in-one client, but you don't have to install
anything on the user machines (except the "share" and a shortcut to the
start-up module).

For Linux, this would be an NFS mount.
--
Wulfraed Dennis Lee Bieber KD6MOG
(e-mail address removed) (e-mail address removed)
HTTP://wlfraed.home.netcom.com/
(Bestiaria Support Staff: (e-mail address removed))
HTTP://www.bestiaria.com/
 
H

H J van Rooyen

8<------------------------------

| There may be something in-between. IFF this is to be used strictly
| on an internal LAN with uniform architecture (all Linux or all WinXP)
| for the client machines. You'd have to set up something so a reboot

no such luck - reality will probably be Linux for server, and a horrible mix of
windoze machines on the client side - from 95 through 98 and 2000 to XP... will
have to get SAMBA running at least - and it could be tricky with some of the
older hardware/software around - but that is another fight, that I would have to
solve anyway.

| remounts correctly but... (In WinXP terms) Create a read-only "share" on
| a file server. The file server will contain the Python modules that make
| up the client. The client start-up still uses a login to obtain a
| privilege map, which controls the menu/form access. However, rather than
| having to push the modules to each client, you delay the module import
| until the form it controls is invoked. The start-up module would have to

This is more the kind of thing I had in mind - but I was not thinking in terms
of having the redirecting done by the OS and network file sharing - stupid I
suppose...

| add the "share" to the pythonpath (hence you want a uniform system
| configuration so each machine mounts the share on the same name).
|

I will have to think of a solution to this *shudders* - config files, maybe...


| It's still an all-in-one client, but you don't have to install
| anything on the user machines (except the "share" and a shortcut to the
| start-up module).
|
| For Linux, this would be an NFS mount.

*nods* Thanks Dennis - I am busy drinking out of the Pyro fire hose at the
moment - and the stuff I have seen so far looks bloody awesome - you do some
little bit of magic setup - and hey - you have a name server that you can query
and then you can remotely execute a method on a remote object just as if its
here in your machine, and you get the returns just like you would if the object
were local to the machine your Python script is running in...

And they have made a sort of mirror of the name server thingy so that you can
fall back to a non broken one and resync when things go wrong go wrong go
wrong...

As a low level johnny this sort of functionality impresses the hell out of me -
when I think of the time I have spent struggling to get a few small tightly
coupled machines to work together in a primitive way - my mind boggles at this -
you could create awesome capability by having multiple copies of objects hanging
around in different machines - and simply keep track of how much they are loaded
by monitoring their input queues - and make more instances as you need them as
loading gets higher... The only bottleneck is the LAN's capacity to move the
data around - but in most WAN type applications, that is not where the
bottleneck is...
and its not inconceivable to add an additional "Python Execution Gigabit
Backbone" to a cluster of machines, dedicated to this remote calling task...

Its almost too good for my simple little local job, but I am still reading...

I have to remember to thank Bruno for the pointer...

- Hendrik
 
D

Dennis Lee Bieber

no such luck - reality will probably be Linux for server, and a horrible mix of
windoze machines on the client side - from 95 through 98 and 2000 to XP... will
have to get SAMBA running at least - and it could be tricky with some of the
older hardware/software around - but that is another fight, that I would have to
solve anyway.
Well, other than the security differences -- which may not apply
when the clients are mounting a share, only when the define a shareable
partition -- I think the Windows side may be similar all the way
through.
This is more the kind of thing I had in mind - but I was not thinking in terms
of having the redirecting done by the OS and network file sharing - stupid I
suppose...

Not really -- if one first is thinking in terms of "internet", which
means unsecured global operations, instead of an internal-only, behind
firewall, system.
| add the "share" to the pythonpath (hence you want a uniform system
| configuration so each machine mounts the share on the same name).
|

I will have to think of a solution to this *shudders* - config files, maybe...
I think Windows can be set to "reconnect on start-up", but it may be
better just to add a BAT file to the client machines' system start-up
directory containing the command line that mounts such a share.

I have to remember to thank Bruno for the pointer...
Luck...
--
Wulfraed Dennis Lee Bieber KD6MOG
(e-mail address removed) (e-mail address removed)
HTTP://wlfraed.home.netcom.com/
(Bestiaria Support Staff: (e-mail address removed))
HTTP://www.bestiaria.com/
 
B

Bruno Desthuilliers

H J van Rooyen a écrit :
(snip)
| If you go the web application route, each "login" would use a cookie
| to control session, so the application server can determine what
| functions to present to the user. You might even be able to use
| something like Plone to build the application server; it already has
| capability to present different views based upon login.

Know squat about Plone - another thing to add to my list of reading *sigh*

Well, actually, I would not bother too much reading about Plone here -
Plone is (fairly complex and somewhat slow) CMS built on top of Zope,
which is itself a web application server that's not easy to get started
with and is (IMHO) definitively much more suited to CMS than to
accounting apps.
 
H

H J van Rooyen

| On Sat, 5 Aug 2006 11:20:59 +0200, "H J van Rooyen"
| <[email protected]> declaimed the following in comp.lang.python:
|
| >
| > no such luck - reality will probably be Linux for server, and a horrible mix
of
| > windoze machines on the client side - from 95 through 98 and 2000 to XP...
will
| > have to get SAMBA running at least - and it could be tricky with some of the
| > older hardware/software around - but that is another fight, that I would
have to
| > solve anyway.
| >
| Well, other than the security differences -- which may not apply
| when the clients are mounting a share, only when the define a shareable
| partition -- I think the Windows side may be similar all the way
| through.
|
| > This is more the kind of thing I had in mind - but I was not thinking in
terms
| > of having the redirecting done by the OS and network file sharing - stupid I
| > suppose...
| >
|
| Not really -- if one first is thinking in terms of "internet", which
| means unsecured global operations, instead of an internal-only, behind
| firewall, system.

*grin* you are being too kind - I was at no stage thinking internet...

|
| > | add the "share" to the pythonpath (hence you want a uniform system
| > | configuration so each machine mounts the share on the same name).
| > |
| >
| > I will have to think of a solution to this *shudders* - config files,
maybe...
| >
| I think Windows can be set to "reconnect on start-up", but it may be
| better just to add a BAT file to the client machines' system start-up
| directory containing the command line that mounts such a share.
|
|

This is a good idea - thanks

- Hendrik
 
H

H J van Rooyen

"Bruno Desthuilliers" <[email protected]>


H J van Rooyen a écrit :
(snip)
| If you go the web application route, each "login" would use a cookie
| to control session, so the application server can determine what
| functions to present to the user. You might even be able to use
| something like Plone to build the application server; it already has
| capability to present different views based upon login.

Know squat about Plone - another thing to add to my list of reading *sigh*

Well, actually, I would not bother too much reading about Plone here -
Plone is (fairly complex and somewhat slow) CMS built on top of Zope,
which is itself a web application server that's not easy to get started
with and is (IMHO) definitively much more suited to CMS than to
accounting apps.

*deletes the reference to Plone from the little text file*

- Thanks
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

No members online now.

Forum statistics

Threads
473,744
Messages
2,569,484
Members
44,903
Latest member
orderPeak8CBDGummies

Latest Threads

Top