Project Website | Online Demo | Forum |
It is currently Fri May 26, 2017 5:27 am

All times are UTC + 1 hour [ DST ]





Post new topic Reply to topic  [ 17 posts ]  Go to page 1, 2  Next
  Print view Previous topic | Next topic 

Should we implement a multi user system?
Poll ended at Wed Oct 31, 2007 1:19 am
No, single user as BADGER 1 0%  0%  [ 0 ]
Single user, but use database prefixes 14%  14%  [ 1 ]
Multi user, no interaction 43%  43%  [ 3 ]
Multi user, with interaction 43%  43%  [ 3 ]
Total votes : 7
Author Message
 Post subject: Multi user system?
PostPosted: Tue Oct 30, 2007 1:19 am 
Offline
Site Admin
User avatar

Joined: Tue Mar 07, 2006 7:34 pm
Posts: 331
BADGER 1 was strictly single user. Should we keep this or extend it?

Options:
  • Single user, as BADGER 1.
  • Single user, but use database table prefixes.
  • Multi user, no interaction: Multiple users should be possible, but they neither share information nor interact with each other.
  • Multi user, with interaction: Multiple users should be able to share data, e. g. categories, accounts etc. This implies a full-blown rights system.

_________________
BADGER finance lead backend developer and site admin


Last edited by enikao on Mon Nov 12, 2007 11:53 pm, edited 1 time in total.

Top
 Profile  
 
 Post subject:
PostPosted: Tue Oct 30, 2007 11:39 am 
Offline
User avatar

Joined: Thu Mar 09, 2006 12:20 am
Posts: 423
Location: Frankfurt a. M., Germany
i vote for multi user, no interaction.
multi-user has ben requested in the past and i can see the use.

i vote against interaction however. the reason is that on my day job i am currently working on a project where we are looking at a huge (!) accouting system. the bigest problem there is the interaction between the different users/mandators. if SAP fails on doing this right, i strongly discourage us trying to do that.

_________________
cheers,
Holger (project coordinator)


Top
 Profile  
 
 Post subject:
PostPosted: Tue Oct 30, 2007 2:52 pm 
Offline

Joined: Mon Oct 29, 2007 9:21 am
Posts: 3
I vote for "Multi user, with interaction". I use Badger for my home economy and me and my wife have both personal accounts and shared accounts (like mortage and service accounts). It would be nice if we could share those accounts.


Top
 Profile  
 
 Post subject:
PostPosted: Wed Oct 31, 2007 9:35 am 
Offline
User avatar

Joined: Thu Mar 09, 2006 12:20 am
Posts: 423
Location: Frankfurt a. M., Germany
xterm wrote:
I vote for "Multi user, with interaction". I use Badger for my home economy and me and my wife have both personal accounts and shared accounts (like mortage and service accounts). It would be nice if we could share those accounts.


i can see your point.
i am just not convinced it is worth the trade off of a full blown rights system.
enikao: what does a full-blown rights system mean? and why is that implied by interaction? another way to go (though a little unorthodox) would be that within each installation any user may do anything. that way we would allow for interaction as xterm described (Which i could use at home too) without having to code a milllions lines for rights management ?

_________________
cheers,
Holger (project coordinator)


Top
 Profile  
 
 Post subject:
PostPosted: Wed Oct 31, 2007 10:48 am 
Offline

Joined: Fri Mar 17, 2006 6:53 pm
Posts: 201
Location: Germany: Mannheim, Kassel
i think, if we implement a multi user system, we should keep it simple.

my suggestion is to have only different rights on an account basis.
"who can see/use this account?"

_________________
BADGER finance lead frontend developer


Top
 Profile  
 
 Post subject:
PostPosted: Wed Oct 31, 2007 2:21 pm 
Offline
Site Admin

Joined: Wed Aug 09, 2006 12:59 am
Posts: 131
Location: am Rande des Strombergs
I vote for a default single-user system, but with module multi-user with option [interaction yes/no]

Jürgen


Top
 Profile  
 
 Post subject:
PostPosted: Wed Oct 31, 2007 6:19 pm 
Offline
Site Admin
User avatar

Joined: Tue Mar 07, 2006 7:34 pm
Posts: 331
holger wrote:
enikao: what does a full-blown rights system mean? and why is that implied by interaction? another way to go (though a little unorthodox) would be that within each installation any user may do anything. that way we would allow for interaction as xterm described (Which i could use at home too) without having to code a milllions lines for rights management ?


With full-blown rights system I think of:
  • User Management (CRUD for users)
  • Rights Management (CRUD for rights)
  • At some point in the architecture, we need to make sure the user can access only the objects he/she is authorized to. This could either be done on database level (faster, but more complex) or in the business logic (may fetch loads of unnecessary data). This is the really tough part.


In general, we have to spend a lot of time in thinking of security measures at any level. On the other hand, this is a financial application and therefore attention should be paid to security in any case.

Another issue just came to my mind: Synchronization. If user A modifies some transaction, how is user B notified of this? This is not a trival task either.

If all users can do everything, we don't need a user system at all. Just use a password both you and your partner know, and you're done.

_________________
BADGER finance lead backend developer and site admin


Top
 Profile  
 
 Post subject:
PostPosted: Wed Oct 31, 2007 6:24 pm 
Offline
Site Admin
User avatar

Joined: Tue Mar 07, 2006 7:34 pm
Posts: 331
sepp wrote:
i think, if we implement a multi user system, we should keep it simple.

my suggestion is to have only different rights on an account basis.
"who can see/use this account?"


In my opinion, there are two principal choices (as listed above):
A: Secure at application-level (no interaction model)
B: Secure at object-level. (interaction model)

Which granularity we choose at object-level is not of that importance and can be decided later. In my personal opinion, I fully agree with Sepp that we don't need transaction-level security but account-level security would be sufficient.

_________________
BADGER finance lead backend developer and site admin


Top
 Profile  
 
 Post subject:
PostPosted: Wed Oct 31, 2007 6:27 pm 
Offline
Site Admin
User avatar

Joined: Tue Mar 07, 2006 7:34 pm
Posts: 331
juergen wrote:
I vote for a default single-user system, but with module multi-user with option [interaction yes/no]

Jürgen


I don't think we can modularize such a foundational decision. If we have a multi-user system, all the additional efforts a single user has is entering a user name in addition to a password on login, and even this may be a configuration option.

_________________
BADGER finance lead backend developer and site admin


Top
 Profile  
 
 Post subject:
PostPosted: Wed Oct 31, 2007 6:29 pm 
Offline
Site Admin
User avatar

Joined: Tue Mar 07, 2006 7:34 pm
Posts: 331
Personally, I think a real multi-user system with interaction would be the best way. At the moment, I'm just not convinced the (possibly large) additional effort is worth the gain. Although designing such a system would be an interesting challenge ...

_________________
BADGER finance lead backend developer and site admin


Top
 Profile  
 
 Post subject:
PostPosted: Wed Oct 31, 2007 6:46 pm 
Offline
User avatar

Joined: Thu Mar 09, 2006 12:20 am
Posts: 423
Location: Frankfurt a. M., Germany
enikao wrote:
(CRUD for users)


short suggestion: not everyone discussing here with us has a computer science degree and knows what "crud" means or what tagging entails.

_________________
cheers,
Holger (project coordinator)


Top
 Profile  
 
 Post subject:
PostPosted: Wed Oct 31, 2007 6:50 pm 
Offline
Site Admin
User avatar

Joined: Tue Mar 07, 2006 7:34 pm
Posts: 331
holger wrote:
enikao wrote:
(CRUD for users)


short suggestion: not everyone discussing here with us has a computer science degree and knows what "crud" means or what tagging entails.


You're right.

CRUD means "Create, Read, Update, Delete" and is in very general terms everything you can do with (database) data. In practice, this means you need a form and accompanying logic for creating new users, read and display user data from the database, changing user details and deleting users (or rights, or whatever else).

_________________
BADGER finance lead backend developer and site admin


Top
 Profile  
 
 Post subject: multi user, with limited interaction
PostPosted: Thu Nov 08, 2007 10:04 am 
Offline

Joined: Thu Nov 08, 2007 9:59 am
Posts: 2
Hi,

I plan to install badger, to keep track of some expenses, and badger being as a single user enviroment is quite a drawback...

What do I mean with limited interaction? I mean, to be predefined categories, and at a global statistic menu,
user can see how much other people expense o a specific timeslice for food, car maintenance, kid's expenses, etc...

Like, if I spend 100 EUR / month for food, i'm curios to see how much other people spend for food, car, etc...

Just my to cents :)


Top
 Profile  
 
 Post subject: multi user no interaction
PostPosted: Fri Nov 09, 2007 7:51 pm 
Offline

Joined: Fri Nov 09, 2007 7:08 pm
Posts: 9
I personally do not want anyone to have access to my personal financial information. If I were to agree to share an account with someone, I would want their transactions to be seperate from mine or have some sort of CVS type system that would allow joint users to rollback to a previously reconciled state.

I like the idea of multi user because it keeps the amount of file space required to store the scripts to a minimum and simplifies the script modification/updating process.

The one thing that I might want to share are categories or tags, with each user having the option to include categories/tags created by other users.

Vielen Dank für alle Sie Bemühungen auf diesem Projekt
Thank you for all your efforts on this project.

_________________
kiss my tulips, not my cheeks


Top
 Profile  
 
 Post subject: Re: multi user no interaction
PostPosted: Wed Nov 14, 2007 3:49 pm 
Offline

Joined: Thu Nov 08, 2007 9:59 am
Posts: 2
tradeher wrote:
I personally do not want anyone to have access to my personal financial information. If I were to agree to share an account with someone...


The ideea is to share the data without sharing the user info...

Example:

Total expenses for [category] in [time_period]
[Sub_Category1] = 1334 EUR [13.65% more than last month]
[Sub_Category2] = 860 EUR [5.23% less than last month]
[Sub_Category3] = 120 EUR [same as last month]


All this in a chart_pie or chart_doublebar, will look nice:)

I know that people are very "hush-hush" about their finance, but sharing in a private enviroment, and with no personal data, will not hurt anyone, and the main problem i think is, if the user enters valid information, like, If i spend 100 EUR on food / month, i will write on the badger-finance site, that i spent 150 EUR...

I'm sooooo looking forward for version 2 ...


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 17 posts ]  Go to page 1, 2  Next

All times are UTC + 1 hour [ DST ]


Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
cron




Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group
Style supported by CodeMiles Team.