Gossamer Forum
Home : Products : DBMan : Installation :

Permissions are driving me nuts

Quote Reply
Permissions are driving me nuts
I have been over the default.cfg file over and over. I have read the readme file 2x and the permissions file at www.jpdeni.com/dbman. I spent 3 hours just trying different permutations to get it to work.

This is what I want dbman to do but it is not doing it. As the administrator, I am creating the users and all I want them to be able to do is have access to view and modify their record--not delete or add to their record. I have created a user called nick with password nick at www.siand.com/ORRA/dbman/db.cgi. Nick has permissions to view and modify his record.
When Nick logs in, he can view all the records but he cannot modify his own with
user id 8888. WHY CAN HE SEE ALL THE RECORDS BUT NOT MODIFY HIS OWN?
Below are the set permissions and fields
#!/usr/bin/perl5.003

# Wait until this file finishes loading and then save it to your hard drive as default.cfg.
#
# After you have saved the file, use the "back" button on your browser to build the next file.
#
# ----------------------
# DBMan
# ----------------------
# Database Administrator
#
# File: default.cfg
# Description: This is the setup file that contains the database definition,
# and most of the options required to set the program up.
# Author: Alex Krohn
# Email: alex@gossamer-threads.com
# Web: http://www.gossamer-threads.com/
# Version: 2.04
#
# COPYRIGHT NOTICE:
#
# Copyright 1997 Gossamer Threads Inc. All Rights Reserved.
#
# This program is being distributed as shareware. It may be used and
# modified free of charge for personal, academic, government or non-profit
# use, so long as this copyright notice and the header above remain intact.
# Any commercial use should be registered. Please also send me an email,
# and let me know where you are using this script. By using this program
# you agree to indemnify Gossamer Threads Inc. from any liability.
#
# Selling the code for this program without prior written consent is
# expressly forbidden. Obtain permission before redistributing this
# program over the Internet or in any other medium. In all cases
# copyright and header must remain intact.
#
# Please check the README file for full details on registration.
# =====================================================================
# File and URL's
# --------------------------------------------------------
# URL of the directory dbman resides in. No Trailing Slash Please.
$db_dir_url = "http://www.siand.com/ORRA/dbman";
# URL of dbman.
$db_script_url = $db_dir_url . "/db.cgi";
# Full Path and File name of the database file.
$db_file_name = $db_script_path . "/default.db";
# Full path and file name of the counter file.
$db_id_file_name = $db_script_path . "/default.count";
# Full path and file name of the authorization directory.
$auth_dir = $db_script_path . "/auth";
# Full path and file name of the password file.
$auth_pw_file = $db_script_path . "/default.pass";
# Full path and file name of the log file.
$auth_log_file = $db_script_path . "/default.log";
# Full path and file name of the html routines.
require $db_script_path . "/html.pl";

# Database Definition
# --------------------------------------------------------
# Definition of your database. Format is
# field_name => ['position', 'field_type', 'form-length', 'maxlength', 'not_null', 'default', 'valid_expr']

%db_def = (
'Secret ID Number' => [ 0, 'alpha', 20, 255, 1, '', ''],
'User ID' => [ 1, 'alpha', 20, 255, 1, '', ''],
'Active Member' => [ 2, 'alpha', 20, 255, 1, '', ''],
'Associate Member' => [ 3, 'alpha', 20, 255, 0, '', ''],
'Member Name' => [ 4, 'alpha', 20, 255, 1, '', ''],
'Contact Person' => [ 5, 'alpha', 20, 255, 1, '', ''],
'Certified Rug Appraiser' => [ 7, 'alpha', 20, 255, 0, '', ''],
'800 Number' => [ 7, 'alpha', 20, 255, 0, '', ''],
'Phone: Voice' => [ 8, 'alpha', 20, 255, 1, '', ''],
'Phone: Fax' => [ 9, 'alpha', 20, 255, 1, '', ''],
'Email Address' => [10, 'alpha', 20, 255, 0, '', '.+@.+..+'],
'Store Website' => [11, 'alpha', 20, 255, 0, 'http://', '^http://'],
'ORRA Website' => [12, 'alpha', 20, 255, 0, 'http://', '^http://'],
'Address 1' => [13, 'alpha', 20, 255, 1, '', ''],
'Address 2' => [14, 'alpha', 20, 255, 1, '', ''],
'City' => [15, 'alpha', 20, 255, 1, '', ''],
'State' => [16, 'alpha', 20, 255, 1, 'USE 2 letter abbrev.', ''],
'Zip' => [17, 'alpha', 20, 255, 1, '', ''],
'Country' => [18, 'alpha', 20, 255, 1, '', ''],
'Services:Retailer' => [19, 'alpha', 0, 21, 0, '', ''],
'Services:Cleaner' => [20, 'alpha', 0, 15, 0, '', ''],
'Services:Repairer' => [21, 'alpha', 0, 16, 0, '', ''],
'Summary of Store' => [22, 'alpha', 40x5, 1000, 0, '', ''],
'Special Notes' => [23, 'alpha', 40x5, 1000, 0, '', '']
);

# The column name for the database key. Can be any column, but it must be unique!
# You can't have two records with the same key value!
$db_key = 'Secret ID Number';
# Track the key? Should DBMan keep a counter of the next key to use? This isn't
# neccessary if you can guarantee that your entry in the key field will be unique
# (i.e. a userid).
$db_key_track = 0; #counting starts at Zero
# Database delimeter.
$db_delim = ' '; #tab is between the spaces here
# Use file locking (1 = Yes, 0 = No). Should be used, but won't work on Win95.
$db_use_flock = 1;
# Auto generate the html forms (1 = Yes, 0 = No).
$db_auto_generate = 0;
# Display Benchmarking Information (1 = Yes, 0 = No).
# use Benchmark; # Uncomment this line if benchmarking is used.
$db_benchmark = 0;
# Display Debugging Information (1 = Yes, 0 = No).
$db_debug = 0;

# Select fields. Field name => 'comma seperated list of drop down options'.
%db_select_fields = (

);

# Radio fields. Field name => comma seperated list of radio buttons.
%db_radio_fields = (

);

# Checkbox fields. Field name => Checkbox value.
%db_checkbox_fields = (
'Services:Retailer' => 'Store Sells Retail OR',
'Services:Cleaner' => 'Store Cleans OR',
'Services:Repairer' => 'Store Repairs OR'
);

# Default maximum number of hits returned in a search.
$db_max_hits = 10;
# Bold search results (1 = Yes, 0 = No).
$db_bold = 1;
# Regular and title fonts used in auto_generation and html.pl.
$font = 'font face="verdana,arial,helvetica" size="2"';
$font_title = 'font face="verdana,arial,helvetica" size="4"';

# Authorization Options
# --------------------------------------------------------
# No Authentication? (1 = "there is no authentication", 0 = "there is authentication")
# If you choose no authentication, then set the permissions of what
# people can do with: @auth_default_permissions below.
$auth_no_authentication = 0;

# The amount of time in seconds that user files are kept in the
# auth directory before the program removes them. 2-6 hours is
# probably a good value.
$auth_time = 21600; # 6 hours (in seconds)

# Enable (1) or disable (0) logging.
$auth_logging = 1;

# Allow a default user? This means you can specify a user via the URL
# and skip the logon process. Use this to allow people to search without
# logging on, but require log in if they want to add/modify/remove etc.
# (1 = "yes", 0 = "no")
$auth_allow_default = 1;

# Default permissions used if there is no authentication, or for a default
# user. (View, Add, Delete, Modify, Admin), 1 = enable, 0 = disable.
@auth_default_permissions = (1,0,0,0,0);

# Allow people to sign up for their own userid/passwords? They will
# recieve default permissions.
$auth_signup = 1;

# Permissions a new signup should get.
@auth_signup_permissions = (1,1,0,1,0);
# Registered users: can modify/delete _only_ own records. For this to make
# sense you should set default off or to 1,0,0,0.
$auth_modify_own = 1;

# Registered users: can view _only_ own records. For this to make sense
# you should turn off default permissions.
$auth_view_own = 0;

# Auth user field. This is the field position in the database used for storing
# the userid who owns the record. Set to -1 if not used.
$auth_user_field = 0;

# URL to send user if they chose log off. Leave blank and the script will return to
# the logon prompt (although this only makes sense if you are using authentication).
$auth_logoff = "http://www.orrainc.com";


# ===========================================================================
# Build up some variables from your definitions. Internal use only.
foreach (sort { $db_def{$a}[0] <=> $db_def{$b}[0] } keys %db_def) {
push (@db_cols, $_);
$db_sort{$_} = $db_def{$_}[1];
$db_form_len{$_} = $db_def{$_}[2];
$db_lengths{$_} = $db_def{$_}[3];
$db_not_null{$_} = $db_def{$_}[4];
$db_defaults{$_} = $db_def{$_}[5];
$db_valid_types{$_} = $db_def{$_}[6];
($_ eq $db_key) and $db_key_pos = $db_def{$_}[0];
}
1;


Subject Author Views Date
Thread Permissions are driving me nuts nickdbman 1616 Sep 19, 1999, 11:18 AM
Post Re: Permissions are driving me nuts
Eliot 1551 Sep 19, 1999, 12:27 PM
Post Re: Permissions are driving me nuts
nickdbman 1554 Sep 19, 1999, 1:15 PM
Post Re: Permissions are driving me nuts
Eliot 1567 Sep 19, 1999, 1:22 PM
Post Re: Permissions are driving me nuts
nickdbman 1545 Sep 19, 1999, 2:25 PM
Post Re: Permissions are driving me nuts
Eliot 1547 Sep 19, 1999, 5:01 PM