Subject | Re[2]: [IBO] LiveMode - read this Jason. |
---|---|
Author | Carlos H. Cantu |
Post date | 2001-03-15T16:39:59Z |
Jason, I dont know how IBX handles that since I dont use it ;) I just exposed a
situation to you that appeared in the IB-BR discussion group.
I think that the people who is requesting this feature dont want to code
that by hand, they want something as easy as a property... I also think
they would be satisfied with a "basic" version that deals only with
Queries and not with procedures, etc... just a guess...
[]s
Carlos
WarmBoot Informatica - http://www.warmboot.com.br
Interbase-BR - http://www.interbase-br.com
JW> Carlos,
JW> I don't get how this works. I agree that I could do some metadata queries to
JW> find out what roles people are using and therefore the permissions but I
JW> think it is a bit of a can of worms to try and automate this all.
JW> A user can also have permissions too that add in above the role they are
JW> using. Do you want me to have to add all this to the schema cache? What if
JW> they want to use stored procedures as the DML statements? It's just too
JW> messy I think...
JW> How does it know which tables are involved with a query to base the
JW> permissions lookup on? Has IBX finally added a parser to figure things out?
JW> I thought Jeff was entirely opposed to doing that. This sounds to me like
JW> Jeff is changing philosophies mid-stream.
JW> With IBO is all someone has to do is provide an OnGetCanModify event handler
JW> and maintain their own security table lookup to return false if someone
JW> doesn't have the correct permissions.
JW> I suppose I could add a property to do this but it seems to me like people
JW> would need some sort of customized behavior to really get it working right
JW> anyway. I believe in adding properties when they can deliver 100% on what
JW> they promise. This just doesn't seem like a possible case here to me. For
JW> certain it isn't a priority, even if people want to boast IBX over IBO here.
JW> FWIW,
JW> Jason Wharton
JW> CPS - Mesa AZ
JW> http://www.ibobjects.com
JW> ----- Original Message -----
JW> From: "Carlos H. Cantu" <ibo@...>
JW> To: "Jason Wharton" <IBObjects@yahoogroups.com>
JW> Sent: Thursday, March 15, 2001 5:30 AM
JW> Subject: Re: [IBO] LiveMode - read this Jason.
situation to you that appeared in the IB-BR discussion group.
I think that the people who is requesting this feature dont want to code
that by hand, they want something as easy as a property... I also think
they would be satisfied with a "basic" version that deals only with
Queries and not with procedures, etc... just a guess...
[]s
Carlos
WarmBoot Informatica - http://www.warmboot.com.br
Interbase-BR - http://www.interbase-br.com
JW> Carlos,
JW> I don't get how this works. I agree that I could do some metadata queries to
JW> find out what roles people are using and therefore the permissions but I
JW> think it is a bit of a can of worms to try and automate this all.
JW> A user can also have permissions too that add in above the role they are
JW> using. Do you want me to have to add all this to the schema cache? What if
JW> they want to use stored procedures as the DML statements? It's just too
JW> messy I think...
JW> How does it know which tables are involved with a query to base the
JW> permissions lookup on? Has IBX finally added a parser to figure things out?
JW> I thought Jeff was entirely opposed to doing that. This sounds to me like
JW> Jeff is changing philosophies mid-stream.
JW> With IBO is all someone has to do is provide an OnGetCanModify event handler
JW> and maintain their own security table lookup to return false if someone
JW> doesn't have the correct permissions.
JW> I suppose I could add a property to do this but it seems to me like people
JW> would need some sort of customized behavior to really get it working right
JW> anyway. I believe in adding properties when they can deliver 100% on what
JW> they promise. This just doesn't seem like a possible case here to me. For
JW> certain it isn't a priority, even if people want to boast IBX over IBO here.
JW> FWIW,
JW> Jason Wharton
JW> CPS - Mesa AZ
JW> http://www.ibobjects.com
JW> ----- Original Message -----
JW> From: "Carlos H. Cantu" <ibo@...>
JW> To: "Jason Wharton" <IBObjects@yahoogroups.com>
JW> Sent: Thursday, March 15, 2001 5:30 AM
JW> Subject: Re: [IBO] LiveMode - read this Jason.
>> Remember a previous discussion about this "rights thing" ? Now some IBXJW> IBO not
>> defenders on my Interbase-BR list are saying that IBX has the answer and
>> (...zzzzZZZ).JW> ROLES...
>>
>> I think something similar would be interesting to IBO people using
>> it would make the life easier for them.JW> TLiveMode, read-only.
>>
>> From the IBX 4.52 README file :
>>
>> 2. New Property - IBDatabase, IBQuery, IBTable - LiveMode, public, Set of
>>JW> InsertSQL, ModifySQL,
>> Starting in 4.5 IBX should better support Roles. If you have an
>> DeleteSQL and RefreshSQL assigned, when the Dataset is prepared theJW> LiveMode
>> property will reflect what permissions were granted by the server.JW> LiveMode is a set with
>> the following possible valuesJW> stop
>>
>> (lmInsert, lmModify, lmDelete, lmRefresh)
>>
>> So if your user does not have insert privledges then LiveModes would have
>> [lmModify, lmDelete, lmRefresh] and CanInsert will return false. IBX will
>> you from going into InsertMode if lmInsert is not part of the LiveModeJW> set.
>>JW> let IBX
>> You can query LiveMode to determine the roles granted, or normally just
>> handle the stopping of editing, inserting etc. as needed.JW> specific
>>
>> []s
>>
>> Carlos
>> WarmBoot Informatica - http://www.warmboot.com.br
>> Interbase-BR - http://www.interbase-br.com
>>
>> >> Is there a property in IBO similar to the new one in IBX "LiveMode"?
>>
>> JW> I don't know what IBX's "LiveMode" is. Perhaps you could be more
>> JW> about what you want?JW> simple it
>>
>> >> I have the problem that various users have different rights and I use
>> >> the same IBOQuery for everyone. So because my iboq component has an
>> >> insert_sql it gives an error when a user who does not have rights to
>> >> insert opens it... ...although I control access from my app...
>>
>> JW> IBO has a RequestLive capability which will try and figure out how to
>> JW> deliver a live dataset for you. As long as your queries are fairly
>> JW> will usually figure it out. It does not automatically take permissionsJW> into
>> JW> consideration. This is a requested feature that I may consider for aJW> future
>> JW> release.JW> PreventEditing
>>
>> JW> You might like to take a look at using the PreventInserting,
>> JW> and PreventDeleting properties which would allow you to control theJW> http://docs.yahoo.com/info/terms/
>> JW> permissions in your application.
>>
>> JW> HTH,
>> JW> Jason Wharton
>> JW> CPS - Mesa AZ
>> JW> http://www.ibobjects.com
>>
>>
>>
>>
>>
>>
>> JW> Your use of Yahoo! Groups is subject to
>>JW> Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
>>
>>
>>
>>
>>
>> Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
>>
>>