I'm researching this a bit and haven't found much yet: was hoping maybe someone here had any ideas:
Assume my app is multi-user. Users sign in and have accounts - they use my application like a Wiki to build web sites, and are allowed to imbed Python / scripting into their pages. Is there a way for me to restrict them to using a certain Python API/APIs / or somehow prevent them from touching any data in the Datastore? For example other user's profile data will be in the Datastore, users having Python access could 'hack into' or 'corrupt' this data if they were given access to put Python code on the server. Secondly - I'm looking for a way to create quotas 'per user', so each user is only allowed so much traffic to his own Wiki, and allowed only so much Database activity, so as not to eat up other users' quotas, or use the quota for the whole app. Any ideas how to deal with this? I am thinking I will have to track all requests manually and block them if they exceed a certain amount... was wondering if there was a simpler way. Thanks much in advance for any help, --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google App Engine" group. To post to this group, send email to google-appengine@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en -~----------~----~----~----~------~----~------~--~---
