It would be helpful to have an outline of what you are trying to achieve. In a traditional environment, you can limit access to the database absolutely, at table level or by row. But with appengine the datastore is part of the environment, and giving a developer access to the code lets them bypass datastore function decorators, system path changes, or whatever other limits you impose.
This may not be too bad - if your intention is simply to prevent a developer doing something stupid with production data, and you can count on them obeying the rules, you can do it with one app. You might want to look up the new namespace support - if developers don't know the names, this offers the equivalent of weak password-protected access to data). But if you need greater protection for the data, you're up for a LOT more work (and cost). You'll need one app providing a data service exposing limited access to the datastore via urlfetch, and one (or more) apps with a data service API for developers. Designing and implementing the service and API will need a very experienced developer to do it safely, and there will be significant system overhead to the API calls. Finally, I'm not a Java developer, but I believe there are no stronger datastore safeguards in Java API than there are for Python. Let me know off-list if you'd like more advice on this matter. Cheers! Greg. -- You received this message because you are subscribed to the Google Groups "Google App Engine" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en.
