ptalbot wrote:About security though, I'm actually thinking of (starting to craft) some kind of hybrid model (where I roll my own model of users/roles based on independant tables and attach it to Servoy's groups to benefit from some of Servoy's security features).
I remember seing
Sean Devlin's webinar about it and thought it was actually nice to be able to leverage some part of the built-in security while fine tuning your own.
That was a really good webinar (as usual Sean).
The two main issues with touching Servoy security is:
1- Data entry in design mode -- severely limits runtime flexibility.
2- Permissions logic can get really buried -- what layouts and layout objects are visible, editable; what tables can be deleted from, etc. Spaghetti code in your future.
Keep in mind that there is nothing in Servoy security that you can't do on your own. I agree with you that the advantage of the hybrid model is that you can save time coding specific logic at the group level (i.e. table logging or whatever). But you have to do a lot of interface work for the data structures and code in all the hooks which is a fair jump from just using Servoy security.
If you're in the business of developing many Servoy solutions, or you need ultimate flexibility and power -- eventually you have to go all the way. It's much easier to build business logic around group permissions and everything is configurable at runtime. For large solutions, deployments, or SaaS it's almost a requirement. And once you've got it all done (reusable of course), small deployments and solutions are a snap.
An example: our clients can easily setup a temporary employee with what screens are visible, what records are available, what actions can be done, and tons of other things. No calling us.
A benefit: with this in place, new projects are literally confined only to developing business logic. Clients like paying for their business logic to be developed more than for solution infrastructure to be developed.
Another benefit: no issues syncing developer machines with deployment servers.
So depending on what your goals are -- default, hybrid, or completely custom security -- have their place. However, I'll put a bet down that you will eventually end up with a completely custom security scheme Patrick
It's almost inevitable once you start down that road.