Prevent multiple sessions on a form

I have an app where users modify documents. The app uses uplink, so the documents are stored on the machine running the uplink.

Users can currently only modify documents that they upload/create themselves. I would like to allow users to give permission to other users to modify their documents.

This brings up a version control issue though. If 2 users are modifying the document at the same time there could be some issues.

I would like to make it such that if a user is actively modifying a document then that document is off limits to all other permissioned users.

One idea I had was to add a UUID to each session and then create an app_table that lists all the documents, and have a column for the session ID that’s currently working on the document, so that if your session id is different than the active session ID then you can’t work on the document.

This would work great if users actually clicked a ‘close’ button when they’re done working on the document that would reset the ID working on the doc to be None or something like that, but I don’t believe I can rely on such good user behavior. If they simply navigate away from the page, how can I force the session ID for that document to be reset?

This could be an issue with the same user having multiple tabs open too.

This post has what you’re looking for

I have a similar problem: I allow all the users to edit all the documents (different from you), but only one user at a time (like you).

My documents have a saved_by and a saved_time columns that are updated when a user saves a document.

When a form opens a document, it knows the info about the last save.

If a user edits the document and tries to save it after some time, it sends both the new document and the timestamp to the server function, and the server function will not save if the last save is more recent (which never happens because of the timer, see below).

The form has also a timer that checks every few seconds if the timestamp has changes and, if it has changed, it shows a message asking whether to reload the document.

Stefano, this is perfect. I can simply have a time column in the table, and when any user attempts to access the doc it compares now to the time associated with the doc. If now is within a certain time of the time affiliated with the doc then the doc can’t be opened. If it’s long enough away, then the user is free to open. Then, once open the time affiliated with the doc is updated every few seconds using a timer. This is much simpler than what I had in mind. No need to keep track of session id. Thanks. This has been bugging me for a while.

The time is always calculated by the server when the save function is called, so there is no need to apply a tolerance.

In the unlikely case that user A saves, then user B saves before its time ticks and shows the reload message, user B will fail to save and immediately see the reload warning.

One thing to keep in mind is that the timer should be stopped with self.timer_modified.interval = 0 before opening an alert and restarted with self.timer_modified.interval = 3 after the alert closes.

I use InputBox to manage all kind of interactions, and the alert from the timer was often interfering with the InputBox.

EDIT
Well… I realize now that I don’t need to apply a tolerance on the time because I have a dedicated server and the clock is always going to be the same for all my users, but I’m not sure this applies to apps running on shared servers.

I imagine that if the app has few users and generates very low traffic, it’s likely to always use the same instance for requests coming from a timer with a 3 second interval, but it is not guaranteed, plus I could imagine wrong.

And I don’t know how big the difference between the clock of two servers could be.

1 Like