⭐🐍 pyopencdms aims to build a common Python API on top of multiple Climate Data Management Systems (CDMS) that use different underlying database engines
Initial work with sqlalchemy-oso shows that it can control table and row-level access.
We also have the requirement to further restrict access to particular columns. As an example, a user may be limited so that they can only write to the comments column of the observations table. I imagine a custom software interface in top of sqlalchemy-oso would be easy to bypass, alternatively it may be possible to use a view or to extend sqlalchemy-oso somehow.
Initial work with
sqlalchemy-oso
shows that it can control table and row-level access.We also have the requirement to further restrict access to particular columns. As an example, a user may be limited so that they can only
write
to thecomments
column of theobservations
table. I imagine a custom software interface in top ofsqlalchemy-oso
would be easy to bypass, alternatively it may be possible to use a view or to extendsqlalchemy-oso
somehow.