I'm having trouble understanding how WildcardPermissionBasedAuthorization works (docs)
The following code returns false, which as far as I know means that the user is not authorized, though I would expect at least one of these 'or' authorizations to match the wildcard one of "t*"
User user = User.create(new JsonObject().put("username", "testUser"));
user.authorizations().add("", PermissionBasedAuthorization.create("test"));
user.authorizations().add("", WildcardPermissionBasedAuthorization.create("t*"));
OrAuthorization or = OrAuthorization.create();
or.addAuthorization(PermissionBasedAuthorization.create("t"));
or.addAuthorization(PermissionBasedAuthorization.create("te"));
or.addAuthorization(WildcardPermissionBasedAuthorization.create("t"));
or.addAuthorization(WildcardPermissionBasedAuthorization.create("te"));
or.addAuthorization(WildcardPermissionBasedAuthorization.create("te*"));
or.match(user); //is false
What I'm trying to achieve is give my user access to anything that starts with 't', and then in my handler assert whether the user has access to 'te'
thanks,
Fil
Ok, turns out you can put a wildcard for an entire colon-delimited section only, like
"newsletter:edit:*"
from here
Related
Please does anyone know why this:
SELECT to_tsvector('an');
returns nothing but
SELECT to_tsvector('nn');
or
SELECT to_tsvector('n');
or
SELECT to_tsvector('aa');
do?
I am testing this on PostgreSQL 13 running on SUPABASE.
Thanks
Because "an" is a stop word in your current setup (probably English, the default).
From the documentation
The to_tsvector function internally calls a parser which breaks the document text into tokens and assigns a type to each token. For each token, a list of dictionaries (Section 12.6) is consulted, where the list can vary depending on the token type.
And (emphasis mine)...
Some words are recognized as stop words (Section 12.6.1), which causes them to be ignored since they occur too frequently to be useful in searching.
I have a Protractor test that pulls various values from the UI and stores them as variables for comparison with values from a different database.
Now this test needs to run against multiple sites BUT of the 25 maximum data points recorded, some sites only have 22.
Clearly the test fails on those "22" sites since the elements are not present.
What I want to achieve is where there's a "22" site, the tests against the not present elements are ignored and the test proceeds to the end. Conveniently, the "missing" elements are the last ones in the spec.
Crudely speaking...
if element-y is not present end test or if element-y is present continue
Grateful if anyone could advise.
Thanks #sergey. I've modified your example as below....
if (!(await element(by.xpath('//*[#id="root"]/div/div[2]/main/div/div/section[5]/div/div/div[1]/section/div/span')).isPresent())) {
console.warn ('Functions are not present, closing the session')
await browser.close()
I get this error:
if (!(await element(by.xpath('//*[#id="root"]/div/div[2]/main/div/div/section[5]/div/div/div[1]/section/div/span')).isPresent())) {
^^^^^^^
SyntaxError: Unexpected identifier
I've tried using a 'var' instead of the actual element, but get the same result.
Thanks
well the best option that I recall is still pretty dirty... you can do something like this
if (!(await element.isPresent())) {
console.warn('Element not present, closing the session')
await browser.close()
}
And then the rest of test cases will fail as session not found or similar error
The reason you can't do anything better because in protractor you can't do conditional test cases based on a Promise-like condition, if that makes sense...
Some Background:
I use Lists a lot for a Google Action with a NodeJS fulfillment backend. The Action is primarily Voice-based. The reason for using List is that I can encode information in List's key and use it later to make a decision. Another reason is that Google Assistant will try to fuzzy match the user's input with the Title of the List's items to find the closest matched option. This is where thing's get a bit hard for me. Consider the following example:
{
JSON.stringify(SOME_OBJECT): {
title: 'Yes'
},
JSON.stringify(ANOTHER_OBJECT): {
title: 'No'
}
}
Now if I say Yes / No, I can get the user's choice and do something with information stored as stringified JSON in the choice's Key.
But, the users may say Sure or Yup or OK as they basically mean the same thing as saying Yes. But as those words don't match Yes, Google Assistant will ignore the "Yes" option. But all of these words belong to the smalltalk.confirmation.yes built-in intent. So, if I could use this intent instead of hardcoding the string Yes then I would be able to capture all of the inputs that mean Yes.
I know I could do this with a Synonyms list or Confirmation intent. But they also have some problems.
Using Synonyms would require me finding every word which is similar. Besides, I would also need to localize these synonyms to all the supported language.
With Confirmation intent, I won't be able to show some information to the user before asking them to choose an option. Besides, it also doesn't support encoding the options as I can do in List's key.
So, List is a good choice for me in this case.
So, is there any way to leverage the built-in intents for this purpose? What do you do in this situation?
I will use WildcardPermission in my code. I use it Similar following code:
getSubject().isPermitted(new WildcardPermission("a:b:*"));
getSubject().isPermitted(new WildcardPermission("a:b"));
getSubject().isPermitted(new WildcardPermission("a:b:c,d"));
getSubject().isPermitted(new WildcardPermission("a:b:c"));
getSubject().isPermitted(new WildcardPermission("a:b:d"));
The first 3 lines return false but lines 4 and 5 return true. I use apache shiro 1.2.0.
Have i any mistake? Do you have any solution for it?
Thanks.
What you actually do is query with strings that are used to declare permissions.
Taking your comment into account, the permissions declaration whould be something like:
[role]
x = a:b:c,d,e
Now the role x declares that it has permission on a:b:c, a:b:d and a:b:e.
Those are the values you can check permissions on. You can't check on wildcards as those are only used in declaring permissions.
So query on a:b:* or a:b:c,d will never work.
Query on a:b would work if you have declared it specifically in your shiro.ini.
So the only thing you can query on is a:b:c, a:b:d and a:b:e.
To give another example. User x can have the right to print anything, but user y only print on epson.
You declare the right for user x as: print:* and for user y as print:epson.
Now for user x print:epson and print:brother will return true, but for user y only print:epson will return true and print:brother will return false.
So you declare that some role/user is allowed anything below a:b by using a:b, or a:b:*, but the actual action you query should be specific, so that is why only a:b:c and a:b:d return true.
In JavaScript I have this test 'ontouchstart' in document.documentElement. If the event exists (even if null) it evaluates to true otherwise to false. I don't know how to do the equivalent in CoffeeScript. Writing it exactly as is translates to using an __indexOf function which does not do the same thing (it is always returning false).
You can also try 'onmousemove' for an event that always exists.
Use of instead :
'ontouchstart' of document.documentElement
From the documentation :
You can use in to test for array presence, and of to test for
JavaScript object-key presence.