[Kexi] A question in designing a Kexi application

[Adam Pigg]

On Thursday 18 June 2009 20:23:17 Jaroslaw S wrote:
> 2009/6/17 scott <svetter at ameritech.net>:
> >   Just had a thought about designing a Kexi system:  Is it possible to
> > implement a sign-on/sign-off system?  My thoughts about this are:
> > 1) Have a Kexi database with a user id, password, user's initials, and
> > an authority level.
> > 2) The user's initials and the authority level would be passed to other
> > Kexi screens.
> > 3) The user's initials could be presented on each screen.  (But how?)
> > 4) Each screen has an authority and the screen authority would be
> > compared against the user's authority.  If the screen authority is less
> > than or equal than the user's, the user can proceed.  Otherwise the user
> > is prevented to the screen and an error message given.
> > 5) Also, as a side thought, can certain fields be prevented from being
> > displayed?  Also, a field can be displayed, but not altered?
>
> Scott,
> This algorithm may work for databases that are separated from full
> user's access.
> This means databases consisted of a .kexi file can be easily
> compromised (just as on MS Access).
> As for the question if Kexi currently allows to implement the above
> method, I'd say: no.
> I think is needs intervention of developer, e.g. to create a plugin
> that lets you to set up your authorization methods (also probably with
> optional KDE Wallet support).

Also, another option to implement this generically would be to provide kexi 
with an instance of a kross object which stays active for the life of the 
running instance of kexi.  This would allows scripts in forms and reports to 
store 'global' variables for such information.  At the moment, reports have to 
construct kross objects at runtime, on a per object bases, and cannot store 
data across the session.  Its a damn handy feature of msa btw :)


Adam