python appengine授权或授权
在选择 OpenID 进行身份验证后,我一直在研究具有以下要求的应用程序引擎的授权框架:
- 能够创建和编辑用户组
- 具有内置权限,例如添加、编辑、删除
- 具有合理的默认值,例如创建者一个对象的可以编辑/删除,但其他人无法
足够了解安全权限是一个坏主意,在没有大量大脑的情况下自行实现,我一直在阅读 django http://docs.djangoproject.com/en/dev/topics/auth/ 和tipfy http://www.tipfy.org/wiki/extensions/acl/ 选择一个已经在烹饪中的烤箱烤一会儿。
哪个更容易/更具可扩展性并不明显,所以我希望能够利用经验、建议或其他建议来做出明智的决定?
Having settled on OpenID for authentication, I've been looking at authorisation frameworks for app-engine with the following requirements:
- be able to create and edit groups of users
- has built in permissions such as add, edit, delete
- has sensible defaults, e.g creator of an object can edit / delete but others can't
knowing enough to know that security permissions are a bad idea to self implement without a massive brain, i've been reading through django http://docs.djangoproject.com/en/dev/topics/auth/ and tipfy http://www.tipfy.org/wiki/extensions/acl/ to choose one that has already been cooking in the oven for a while.
It's not obvious which will be easier / more extensible so I was hoping to be able to call on experience, recommendations or other suggestions to make a sensible decision?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
基于此,django ORM 和 Google 应用引擎数据存储存在很多问题,并且 http://www.tipfy.org / 说它是专为 Google App Engine 制作的我必须推荐typfy。
Based on that there are a lot of problems with django ORM and Google app engine datastore, and http://www.tipfy.org/ says that it is made specifically for Google App Engine I must suggest typfy.
我尝试过的两个非常好的授权框架是 GAEFramework 和 web2py.它们都比 Tipfy 更容易上手。我希望你喜欢这些。
2 pretty good frameworks I tried that have authorisation are GAEFramework and web2py. They are both easier to get started with than tipfy. I hope you like these.