Gossamer Forum
Home : Products : DBMan : Customization :

admin privileges

Quote Reply
admin privileges
I have two databases, one named “directory” the other named “ABR”, both share the password file. There are three users that I would like to have "admin" privileges in the "ABR" database but not in the "directory" db. Any ideas on the best way to handle this?


Thank you,
Ed-
Quote Reply
Re: [knue] admin privileges In reply to
hi!
i have separated the password and permission files in all my installations. so all the databases in one installation share a password file, but each database can have its own permission file. some databases share permission files too. the changes are extensive, probably too many! but i just thought of a way that wouldn't be too difficult.

in auth.pl sub auth_check_permissions, look for:

Code:
else {
($userid =~ /^([A-Za-z0-9]+)\.\d+$/) ? ($username = $1) : return (0,0,0,0,0);
}

# Get the permissions.
open (PER, "<$auth_pw_file") or &cgierr("unable to open password file. Reason: $!");
@permissions = <PER>;
close PER;
right above #Get the permissions, insert the following:
Code:
if (($username eq 'admin') && ($db_setup eq 'ABR')) {
return (1,1,1,1,1,1,1,1);
}
note above, i have three additional permissions compared to original dbman. so if you still have the original 5, just return the 5 you want. also change 'admin' to the users you want. if the if statement isn't true, the script will pull permissions from the password file, so don't give them admin permissions in password file.
Quote Reply
Re: [delicia] admin privileges In reply to
 
Quote Reply
Re: [delicia] admin privileges In reply to
Hello Delicia,

I made your changes and this is what works:

if (($username eq '908app') && ($db_setup eq 'default')) {
return (1,1,1,1,1);
}

but when i try to add a 2nd user like this, it dose not.


if (($username eq '908app,912app') && ($db_setup eq 'default')) {
return (1,1,1,1,1);
}


I was also thinking, could I do this?

in the default.cfg add this:

# ARB members with admin permission
$arb_officers = '908app,912app';


then in the auth.pl do this:

if (($username eq '$arb_officers') && ($db_setup eq 'default')) {
return (1,1,1,1,1);
}

This way as the officers change, I can make the changes in the cfg file.


As always thank you!!
Ed-

Quote Reply
Re: [knue] admin privileges In reply to
i agree that's a better way to do it. does it work? i don't think the syntax is right...
Quote Reply
Re: [delicia] admin privileges In reply to
No, it did not work.
Quote Reply
Re: [knue] admin privileges In reply to
I just changed this:

if (($username eq '$arb_officers') && ($db_setup eq 'default')) {
return (1,1,1,1,1);
}

to this:

if (($username eq "$arb_officers") && ($db_setup eq 'default')) {
return (1,1,1,1,1);
}

*******************************************
'$arb_officers' to "$arb_officers".


now it works with one user but not two.
Quote Reply
Re: [knue] admin privileges In reply to
Take a look at the code for building radio fields or something. That might give you an idea for syntax for comparing username to list. And do the if database first. Then a second if for username. I don't have time to look at it now. Going to New Orleans Saturday!
Quote Reply
Re: [delicia] admin privileges In reply to
sweet, I hope you have a good time!
Quote Reply
Re: [knue] admin privileges In reply to
I think you put your list @Are. Then for each $officer @arb compare.

If dbsetup eq arb [
Foresch officer@arb [
If username eq officer [
Return permissions
]
]
]
Now it looks in password file if username didn't match. I'm typing on phone and couldn't find curly bracket and left out most punctuation. Hopefully you can figure out from this.
Quote Reply
Re: [delicia] admin privileges In reply to
I did this in the cfg file:

# ABR members with admin permission
$arb_officers1 = '908app';
$arb_officers2 = '912app';
$arb_officers3 = '907app';


and this in the auth.pl:

if (($username eq "$arb_officers1") && ($db_setup eq 'default')) {
return (1,1,1,1,1);
}
if (($username eq "$arb_officers2") && ($db_setup eq 'default')) {
return (1,1,1,1,1);
}
if (($username eq "$arb_officers3") && ($db_setup eq 'default')) {
return (1,1,1,1,1);
}


it's working, I don't know if this will create a problem or not.
Quote Reply
Re: [knue] admin privileges In reply to
 glad it's working. You could have nested the three usernames in one if dbsetup instead of treating db three times. But the important thing is it's working!
Quote Reply
Re: [delicia] admin privileges In reply to
I'm going to play with it to see if I can get your way to work. i would for it to be correct. If i can not i'll wait till you get back and ask for your helpBlush.

Have fun, be safe.

Ed
Quote Reply
Re: [knue] admin privileges In reply to
Hi,

You would make that a bit cleaner by just having one conditional :)

Code:
if (
($username eq "$arb_officers1" || $username eq "$arb_officers2" || $username eq "$arb_officers3")
&& ($db_setup eq 'default')) {
return (1,1,1,1,1);
}

Cheers

Andy (mod)
andy@ultranerds.co.uk
Want to give me something back for my help? Please see my Amazon Wish List
GLinks ULTRA Package | GLinks ULTRA Package PRO
Links SQL Plugins | Website Design and SEO | UltraNerds | ULTRAGLobals Plugin | Pre-Made Template Sets | FREE GLinks Plugins!
Quote Reply
Re: [Andy] admin privileges In reply to
you will still have to change auth.pl if you add more officers. this is what i had in mind:

in cfg:
# this is only thing that will ever need to be changed
# you can add or delete or change userids
@arb_officers = ('user1','user2','user3'); # put actual userids


then in auth.pl
Code:
if ( $db_setup eq 'ARB') {
foreach $officer (@arb_officers) {
if ($username eq $officer) {
return (1,1,1,1,1);
}
}
}

andy can probably improve this! one objective is not to have to modify auth.pl again
Quote Reply
Re: [delicia] admin privileges In reply to
This is perfect! This is what I was hoping to find. Thank you, enjoy your trip.