One of my users suggested that it would be wise to ask for a password before going ahead with actions like deleting folders. I’m used to these in other Mac and Windows desktop apps - usually where admin privileges are needed, although that’s not the case here. Is there any facility in wxPython, or elsewhere in Python, to authenticate a user using the built-in OS functions? It doesn’t necessarily need to be a cross-platform solution, although ideally I’d like to get this working on all OSes.
One of my users suggested that it would be wise to ask for a password
before going ahead with actions like deleting folders.
That's a bad idea. If it is a folder that I am allowed to delete, then
just delete it. If it gets a permission error, then the user needs to
run your app with the appropriate permissions. Are you worried about
someone hijacking another person's computer? If so, there's no point in
your protection, because they could just bring up a command shell and
delete to their heart's content.
Now, if this is an action with no "undo", then you might consider
putting up an "Are you sure?" dialog, but those are almost always evil.
I'm used to these in other Mac and Windows desktop apps - usually
where admin privileges are needed, although that's not the case here.
Is there any facility in wxPython, or elsewhere in Python, to
authenticate a user using the built-in OS functions? It doesn't
necessarily need to be a cross-platform solution, although ideally I'd
like to get this working on all OSes.
If the user has logged in, then they have already authenticated. What's
the point of re-authentication, besides annoying your users?
···
--
Tim Roberts, timr@probo.com
Providenza & Boekelheide, Inc.
That's a bad idea. If it is a folder that I am allowed to delete, then
just delete it. If it gets a permission error, then the user needs to
run your app with the appropriate permissions. Are you worried about
someone hijacking another person's computer? If so, there's no point in
your protection, because they could just bring up a command shell and
delete to their heart's content.
Now, if this is an action with no "undo", then you might consider
putting up an "Are you sure?" dialog, but those are almost always evil.
Ironically, I actually *am* popping up a confirmation dialog already, and
the delete action isn't even default behavior, but this is still not enough
to guarantee that a user won't unintentionally wipe out the entire
directory. But there's only so much I can do to save people from
themselves, so I'm not too worried about this - I was mostly curious
whether there was some authentication mechanism built in. The other
context for this is that I'd eventually like to be able to deploy packages,
and on Mac and Windows that is likely to require sudo access. So if
there's any way to do that, I'd still like to know.
thanks,
Nat
···
On Fri, Oct 25, 2013 at 10:19 AM, Tim Roberts <timr@probo.com> wrote:
The other context for this is that I'd eventually like to be able to
deploy packages, and on Mac and Windows that is likely to require sudo
access. So if there's any way to do that, I'd still like to know.
Deployment can be a significant process, especially if you're
distributing to the general public. But there are tools that will
handle issues like user authentication during installation for you.
On Windows, you'll probably want to use something like py2exe to convert
your source code to a set of executable files, followed by something
like InnoSetup to package those distributable files into a single file
installer program for deployment. (There are several alternatives for
both of these tools, but this is what I've been using for many years. I
suspect GUI2exe might be better than py2exe, for example, but it didn't
exist when I wrote my setup.py script and I've never taken the time to
change it 'cause it ain't broke. I also use UPX and 7-zip in the
process to make my distributable file smaller.)
On OS X, py2app is a reasonable alternative for generating executable
files, and I follow up with calls to ditto to strip out files related to
architectures I don't support (like PPC, as a couple of dynamic
libraries I require are not Universal builds), Package (hard to find on
the internet because of the generic name, but better than Apple's
PackageMaker in my experience) to create an installer, and hdiutil to
make a DiskImage (*.dmg) file for distribution.
Sorry, my wording above was totally incoherent. I'm already distributing
more-or-less conventional packages (via InnoSetup and PackageMaker), what I
meant to say was distributing *updates* to the installed software, and
modifying the existing installations in-place. (This will require
administrator authentication because of some limitations in the underlying
software, which requires static locations in /Applications or C:\.)
Although now that I think about it a little more, it seems worth trying to
use the same packaging mechanisms for this, assuming there's an easy way to
ensure they won't completely overwrite the existing installation.
-Nat
···
On Sat, Oct 26, 2013 at 6:14 AM, David Woods < david@badgerchildhoodcancer.org> wrote:
> The other context for this is that I'd eventually like to be able to
> deploy packages, and on Mac and Windows that is likely to require sudo
> access. So if there's any way to do that, I'd still like to know.
Deployment can be a significant process, especially if you're
distributing to the general public. But there are tools that will
handle issues like user authentication during installation for you.
Sorry, my wording above was totally incoherent. I'm already distributing
more-or-less conventional packages (via InnoSetup and PackageMaker), what I
meant to say was distributing *updates* to the installed software, and
modifying the existing installations in-place. (This will require
administrator authentication because of some limitations in the underlying
software, which requires static locations in /Applications or C:\.)
Although now that I think about it a little more, it seems worth trying to
use the same packaging mechanisms for this, assuming there's an easy way to
ensure they won't completely overwrite the existing installation.
I use InnoSetup too and have it setup that e.g. the database is never deleted and never overwritten on an upgrade - just check out the options/flags available.
The other context for this is that I’d eventually like to be able to
deploy packages, and on Mac and Windows that is likely to require sudo
access. So if there’s any way to do that, I’d still like to know.
Deployment can be a significant process, especially if you’re
distributing to the general public. But there are tools that will
handle issues like user authentication during installation for you.
Sorry, my wording above was totally incoherent. I’m already distributing more-or-less conventional packages (via InnoSetup and PackageMaker), what I meant to say was distributing updates to the installed software, and modifying the existing installations in-place. (This will require administrator authentication because of some limitations in the underlying software, which requires static locations in /Applications or C:.) Although now that I think about it a little more, it seems worth trying to use the same packaging mechanisms for this, assuming there’s an easy way to ensure they won’t completely overwrite the existing installation.
-Nat
I think the latest wxPython 2.8 and all of 2.9 has an update module inside it that integrates with Esky. I wrote up a tutorial on the topic:
However, I’m not sure how the admin auth part works…looking at the docs for Esky, you can tell it to ask for root access: esky · PyPI
I haven’t actually tried that bit, but it’s worth a try.