Re[2]: secure tag and permissions

Wed, 03 Apr 2002 23:41:30 -0800 

hmmmkay,

I tried the bitOr function like so:

        permissions = structNew();
        permissions.admforumList = 1;
        permissions.admaddForum = 2;
        permissions.admeditForum = 4;
        permissions.admsaveForum = 8;
        permissions.admdeleteforum = 16;
        permissions.forumList = 32;
        permissions.threadlist = 64;
        permissions.viewthread = 128;
        permissions.addthread = 256;
        permissions.editThread = 512;
        permissions.saveThread = 1024;
        permissions.deleteThread = 2048;
        permissions.addMessage = 4096;
        permissions.editMessage = 8192;
        permissions.saveMessage = 16384;
        permissions.deleteMessage = 32768;
        
        permissions.anonGroup = permissions.forumList + permissions.threadList + 
permissions.viewThread;
        temp = permissions.addthread +  permissions.saveThread + 
permissions.addMessage + permissions.editMessage + permissions.saveMessage;
        permissions.userGroup =  bitOr(permissions.anonGroup,temp);
        temp2 = permissions.admforumList + permissions.admaddForum + 
permissions.admeditForum + permissions.admsaveForum + permissions.admdeleteForum + 
permissions.editThread + permissions.deleteThread + permissions.deleteMessage;
        permissions.adminGroup = bitOr(permissions.userGroup,temp2);

but the values end up identical to what they where when I was just
adding them together?  Do I need sleep?

Toby



Thursday, April 04, 2002, 5:02:00 PM, you wrote:

hh> John is in rare form today, first urging people to add code to their
hh> prototypes and now suggesting that we abandon Bit math because it's too
hh> much effort? I suspect someone has kidnapped my friend, John, and is
hh> making him type these crazy things. 

hh> First to answer your question, the only problem you're having is that
hh> you're effectively trying to add usergroups together. Nothing wrong with
hh> that, but you need to use BitOr(). Example:

hh> <cfset read = 1>
hh> <cfset delete = 2>
hh> <cfset edit = 4>
hh> <cfset create = 8>
hh> <cfset archive = 16>
hh> <cfset download = 32>
hh> <cfset clone = 64>

hh> <cfset groupA = read + edit + create>
hh> <cfset groupB = read + create + clone>

hh> <cfset hal = BitOr( groupA, groupB )>

hh> <cfoutput>

hh> #BitAnd( hal, delete )#

hh> </cfoutput>

hh> will return 0.

hh> Personally, I think the cf_secure tag is clearer and a heck of a lot
hh> nicer than dragging around an interminably long list of text, but that's
hh> just my opinion.

hh> -----Original Message-----
hh> From: John Quarto-vonTivadar [mailto:[EMAIL PROTECTED]] 
hh> Sent: Thursday, April 04, 2002 1:29 AM
hh> To: [EMAIL PROTECTED]
hh> Subject: Re: secure tag and permissions


hh> why not just get away from the bitwise permissions...? that is one of
hh> those things that sounds really great, and then in the end I'm not
hh> convinced delivers anything worth the effort (as opposed to a
hh> textual-based permission codes like "AdminForumList, AdminAddForum" etc.
hh> sure the math looks kewler, but i find it just as useful to be able to
hh> look at a list of English permission words and say "hey is this
hh> permission in the list?"

hh> "Brooklyn, NY" versus "11222-4401".   Yes, the second has more precise
hh> information. But ask someone from Esland which one is easier to find on
hh> a map, and I bet the first one generates a faster associative memory
hh> link.

hh> as for your actual question:  what happens if the User group has a
hh> permission that Anon group already has? aren't you then adding it twice?

hh> (see what I mean? I'd find it a hell of a lot easier to debug to just
hh> ask "hey are these permissions in the list?")


hh> ----- Original Message -----
hh> From: "Toby Tremayne" <[EMAIL PROTECTED]>
hh> To: <[EMAIL PROTECTED]>
hh> Sent: Thursday, April 04, 2002 1:02 AM
hh> Subject: secure tag and permissions


hh> This has got me stumped.  I thought I'd grokked the bit permissions
hh> system, but I must be wrong - this is my permissions file:

hh> permissions = structNew();
hh>         permissions.admforumList = 1;
hh>         permissions.admaddForum = 2;
hh>         permissions.admeditForum = 4;
hh>         permissions.admsaveForum = 8;
hh>         permissions.admdeleteforum = 16;
hh>         permissions.forumList = 32;
hh>         permissions.threadlist = 64;
hh>         permissions.viewthread = 128;
hh>         permissions.addthread = 256;
hh>         permissions.editThread = 512;
hh>         permissions.saveThread = 1024;
hh>         permissions.deleteThread = 2048;
hh>         permissions.addMessage = 4096;
hh>         permissions.editMessage = 8192;
hh>         permissions.saveMessage = 16384;
hh>         permissions.deleteMessage = 32768;

hh>         permissions.anonGroup = permissions.forumList +
hh> permissions.threadList + permissions.viewThread;
hh>         permissions.userGroup = permissions.addthread +
hh> permissions.saveThread + permissions.addMessage +
hh> permissions.editMessage + permissions.saveMessage +
hh> permissions.anonGroup;
hh>         permissions.adminGroup = permissions.admforumList +
hh> permissions.admaddForum + permissions.admeditForum +
hh> permissions.admsaveForum + permissions.admdeleteForum +
hh> permissions.editThread + permissions.deleteThread +
hh> permissions.deleteMessage + permissions.userGroup;

hh> all well and good.  But if I use the secure tag thus:

hh> requiredPermission="#permissions.userGroup#"
hh> userPermissions="#permissions.anonGroup#"

hh> it returns true!  how can that be?  Could someone please draw me a
hh> picture because I'm obviously not getting it...

hh> Toby

hh> ------------------------------------------------------------------------
hh> ----
hh> --------

hh> Life is Poetry, write it in your own words

hh> ------------------------------------------------------------------------
hh> ----
hh> --------

hh> Toby Tremayne
hh> Senior Technical Consultant
hh> Code Poet and Zen Master of the Heavy Sleep
hh> Lyricist Software
hh> www.lyricist.com.au
hh> m: +61 416 048 090
hh> icq: 13107913









------------------------------------------------------------------------------------

        Life is Poetry, write it in your own words

------------------------------------------------------------------------------------

Toby Tremayne
Senior Technical Consultant
Code Poet and Zen Master of the Heavy Sleep
Lyricist Software
www.lyricist.com.au
m: +61 416 048 090
icq: 13107913

==^================================================================
This email was sent to: [email protected]

EASY UNSUBSCRIBE click here: http://topica.com/u/?bUrFMa.bV0Kx9
Or send an email to: [EMAIL PROTECTED]

T O P I C A -- Register now to manage your mail!
http://www.topica.com/partner/tag02/register
==^================================================================

Reply via email to