Installable Google App Engine Apps
https://stackoverflow.com/questions/3430589
-
26-09-2019 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
When an app is designed with the intention of being made as an Installable App in the App Marketplace for GAE, are there any extra steps the developer should take concerning security? For instance, if Company A installs the app, and Company B installs the app, do they each have their own datastore? If not, how do I, as the developer, separate the two? I have lots of concerns about this, I don't want to get to far along in the development of my project just to have to rip out half the code and start over.
I have a lot of questions about this entire process, and I haven't been able to gain a lot of practical information from the GAE docs. I know that I have to create the application manifest, and deploy the app, and so forth, I'm just curious how you create an app that is ready for and respectful of the multiple organizations that will use it and their privacy.
Any information or links to information would be great.
Thanks.
Solution
No, individual users do not get separate datastores - the Apps marketplace and App Engine are separate, so there's no magic integration here. We just announced the prerelease of 1.3.6, however, which includes namespace support. This means that you can use a separate namespace for each customer, effectively isolating their data from one another, so you can't accidentally leak data between domains.
