- Python 3 Web Development
- Python 3 Web Development
- Credits
- About the Author
- About the Reviewers
- www.PacktPub.com
- Preface
- 1. Choosing Your Tools
- Identifying the components of a web application
- Time for action getting an overview of a web application
- Choosing suitable tools
- Time for action choosing a delivery framework, also known as web server
- Time for action choosing a server-side scripting language
- Time for action choosing a database engine
- Time for action deciding on object relational mappers
- Time for action choosing a presentation framework
- Designing for maintainability and usability
- Time for action choosing a test framework
- Time for action maintaining overview
- Summary
- 2. Creating a Simple Spreadsheet
- Python 3
- Time for action installing Python 3
- CherryPy
- Time for action installing CherryPy
- Installing jQuery and jQuery UI
- Serving an application
- Time for action serving a dummy application
- Time for action serving HTML as dynamic content
- Time for action a unit convertor
- Time for action conversion using unitconverter.js
- Time for action converting a unit convertor into a plugin
- Designing a spreadsheet application
- Time for action serving a spreadsheet application
- The missing parts
- Summary
- 3. Tasklist I: Persistence
- Designing a tasklist application
- Time for action creating a logon screen
- Time for action running tasklist.py
- Python: the task module
- Time for action implementing the task module
- JavaScript: tasklist.js
- Time for action styling the buttons
- JavaScript: tooltip.js
- Time for action implementing inline labels
- Summary
- 4. Tasklist II: Databases and AJAX
- The advantages of a database compared to a filesystem
- Choosing a database engine
- Database-driven authentication
- Time for action authentication using a database
- Time for action getting the time with AJAX
- Time for action creating the task database
- Time for action retrieving information with select statements
- Time for action connecting to the database
- Time for action storing and retrieving information
- Time for action updating and deleting information
- Time for action testing factorial.py
- Time for action writing unit tests for tasklistdb.py
- Time for action putting it all together
- Have a go hero refreshing the itemlist on a regular basis
- Summary
- 5. Entities and Relations
- Designing a book database
- Time for action using the Entity class
- Time for action creating instances
- Time for action using the Relation class
- Time for action defining the Books database
- Time for action designing the delivery layer
- Time for action adding a new book
- Time for action using input fields with auto completion
- Time for action using an enhanced presentation layer
- Summary
- 6. Building a Wiki
- The data layer
- Time for action designing the wiki data model
- The delivery layer
- Time for action implementing the opening screen
- Time for action implementing a wiki topic screen
- Time for action editing wiki topics
- Additional functionality
- Time for action selecting an image
- Time for action implementing a tag cloud
- Time for action searching for words
- The importance of input validation
- Time for action scrubbing your content
- Time for action rendering content
- Summary
- 7. Refactoring Code for Reuse
- Time for action taking a critical look
- Refactoring
- Time for action defining new entities: how it should look
- Time for action using metaclasses
- Time for action implementing the MetaEntity and AbstractEntity classes
- Time for action defining new relations: how it should look
- Time for action using a table-based Entity browser
- Time for action examining the HTML markup
- The books application revisited
- Time for action creating a books application, take two
- Summary
- 8. Managing Customer Relations
- 9. Creating Full-Fledged Webapps: Implementing Instances
- Even more relations
- Time for action showing one-to-many relationships
- Time for action adapting MetaRelation
- Time for action enhancing Display
- Time for action enhancing Browse
- Access control
- Time for action implementing access control
- Role-based access control
- Time for action implementing role-based access control
- Summary
- 10. Customizing the CRM Application
- A. References to Resources
- B. Pop Quiz Answers
The idea in role-based access control is to assign one or more roles to people instead of specific permissions.
Permissions are then associated with a role, and if a person has more than one role, the permissions are merged. If a new person needs a set of permissions to use an application, or if a person's role in the organization changes, only the list of roles associated with that person needs to be changed instead of having to change the permissions for this person for each type of entity in the application.
Likewise, if we would extend the available types of entities, we would only have to define what permissions associated with a role (or roles) would apply to this new entity instead of defining this for every person.
Note
A good starter for reading more about this is this Wikipedia article: http://en.wikipedia.org/wiki/Role-based_access_control.
The aforementioned concepts described can be captured in this data model:
In our simplified model, a user can have one role, but a role can have one or more permissions. A permission consists of several attributes, an entity, action, and level, that together describe under which conditions something is allowed.
-
No Comment