[Zope] Zope and Database user authentication

Stuart 'Zen' Bishop zen@cs.rmit.edu.au
Wed, 13 Oct 1999 10:28:05 +1000 (EST)


On Tue, 12 Oct 1999, Frank-Dieter Berg wrote:

> Is there any way to provide individual user logins for relational
> databases through ZOPE. So a user can access his own database account
> with his rights controlled by the databaserather by a fixed database
> connection?
> 
> Tanks for some help.

I came up with a fairly non-scalable way of doing this:

    Create a database connection in a folder called something generic like
    'CurrentUserConnection', with only manager with rights to it.

    Create your SQL methods using CurrentUserConnection as their connection
    ID

    Create a sub folder for each user, each one containing a database
    connection called 'CurrentUserConnection', which logs on as that particular
    user.

    If you are paranoid, delete, rename or move the original 
    CurrentUserConnection
	
In theory this would do what you are after, but I havn't tested it. The
trick is to see if a ZSQL method aquires its database connection, or if
is is somehow a stronger link.

I think It would be very nice to make basic user objects folderish,
and extend the aquisition rules to check the contents of the currently
authenticated user's folder. I'd submit this to the collector if
I didn't have to leave for a meeting right now... <exit stage left>

 ___
   //     Zen (alias Stuart Bishop)     Work: zen@cs.rmit.edu.au
  // E N  Senior Systems Alchemist      Play: zen@shangri-la.dropbear.id.au
 //__     Computer Science, RMIT 	 WWW: http://www.cs.rmit.edu.au/~zen