I have built a module for security. I am using the bit method and it works great. I have found that it is best to make "groups" for your actions. add, insert are in the same group. users and security values are stored in the database these values are made into structures for doing the checks. it has built in "return action", bad action, no access, etc. I am working a system that will check for circuits and actions not yet in the system so I can prompt the admin of this.
I have posted this before but there was never a big interest in seeing it... At 04:39 PM 4/4/2002 +1000, you wrote: >John, you're probably right. To be hoenst I was using the bit >permissions because I think they're funky <grin> and it's a concept >I'm reasonably familiar with from unix. I'm probably best off >switching to a list based permissions system - that way it's a bit >easier to read as well. > >However it's going to drive me nuts if I can't find out why this >didn't work in the first place, so does anyone know what I did wrong? > > > >Thursday, April 04, 2002, 4:28:50 PM, you wrote: > >JQv> why not just get away from the bitwise permissions...? that is one of >those >JQv> things that sounds really great, and then in the end >JQv> I'm not convinced delivers anything worth the effort (as opposed to a >JQv> textual-based permission codes like "AdminForumList, AdminAddForum" etc. >JQv> sure the math looks kewler, but i find it just as useful to be able >to look >JQv> at a list of English permission words and say "hey is this permission >in the >JQv> list?" > >JQv> "Brooklyn, NY" versus "11222-4401". Yes, the second has more precise >JQv> information. But ask someone from Esland which one is easier to find on a >JQv> map, and I bet the first one generates a faster associative memory link. > >JQv> as for your actual question: what happens if the User group has a >JQv> permission that Anon group already has? aren't you then adding it twice? > >JQv> (see what I mean? I'd find it a hell of a lot easier to debug to just ask >JQv> "hey are these permissions in the list?") > > >JQv> ----- Original Message ----- >JQv> From: "Toby Tremayne" <[EMAIL PROTECTED]> >JQv> To: <[EMAIL PROTECTED]> >JQv> Sent: Thursday, April 04, 2002 1:02 AM >JQv> Subject: secure tag and permissions > > >JQv> This has got me stumped. I thought I'd grokked the bit permissions >JQv> system, but I must be wrong - this is my permissions file: > >JQv> permissions = structNew(); >JQv> permissions.admforumList = 1; >JQv> permissions.admaddForum = 2; >JQv> permissions.admeditForum = 4; >JQv> permissions.admsaveForum = 8; >JQv> permissions.admdeleteforum = 16; >JQv> permissions.forumList = 32; >JQv> permissions.threadlist = 64; >JQv> permissions.viewthread = 128; >JQv> permissions.addthread = 256; >JQv> permissions.editThread = 512; >JQv> permissions.saveThread = 1024; >JQv> permissions.deleteThread = 2048; >JQv> permissions.addMessage = 4096; >JQv> permissions.editMessage = 8192; >JQv> permissions.saveMessage = 16384; >JQv> permissions.deleteMessage = 32768; > >JQv> permissions.anonGroup = permissions.forumList + >JQv> permissions.threadList + permissions.viewThread; >JQv> permissions.userGroup = permissions.addthread + >JQv> permissions.saveThread + permissions.addMessage + >permissions.editMessage + >JQv> permissions.saveMessage + permissions.anonGroup; >JQv> permissions.adminGroup = permissions.admforumList + >JQv> permissions.admaddForum + permissions.admeditForum + >JQv> permissions.admsaveForum + permissions.admdeleteForum + >JQv> permissions.editThread + permissions.deleteThread + >JQv> permissions.deleteMessage + permissions.userGroup; > >JQv> all well and good. But if I use the secure tag thus: > >JQv> requiredPermission="#permissions.userGroup#" >JQv> userPermissions="#permissions.anonGroup#" > >JQv> it returns true! how can that be? Could someone please draw me a >JQv> picture because I'm obviously not getting it... > >JQv> Toby > >JQv> >---------------------------------------------------------------------------- >JQv> -------- > >JQv> Life is Poetry, write it in your own words > >JQv> >---------------------------------------------------------------------------- >JQv> -------- > >JQv> Toby Tremayne >JQv> Senior Technical Consultant >JQv> Code Poet and Zen Master of the Heavy Sleep >JQv> Lyricist Software >JQv> www.lyricist.com.au >JQv> m: +61 416 048 090 >JQv> icq: 13107913 > > > > > > > >------------------------------------------------------------------------------------ > > Life is Poetry, write it in your own words > >------------------------------------------------------------------------------------ > >Toby Tremayne >Senior Technical Consultant >Code Poet and Zen Master of the Heavy Sleep >Lyricist Software >www.lyricist.com.au >m: +61 416 048 090 >icq: 13107913 > end *********************************************************** "There are only two ways to live your life. One is as though nothing is a miracle. The other is as though everything is a miracle. " - Albert Einstein (1879-1955) *********************************************************** Michael "Maxx" Porter Advanced Macromedia ColdFusion 5.0 Certified Developer mailto:[EMAIL PROTECTED] ==^================================================================ This email was sent to: [email protected] EASY UNSUBSCRIBE click here: http://topica.com/u/?bUrFMa.bV0Kx9 Or send an email to: [EMAIL PROTECTED] T O P I C A -- Register now to manage your mail! http://www.topica.com/partner/tag02/register ==^================================================================
