I will use WildcardPermission in my code. I use it Similar following code:
getSubject().isPermitted(new WildcardPermission("a:b:*"));
getSubject().isPermitted(new WildcardPermission("a:b"));
getSubject().isPermitted(new WildcardPermission("a:b:c,d"));
getSubject().isPermitted(new WildcardPermission("a:b:c"));
getSubject().isPermitted(new WildcardPermission("a:b:d"));
The first 3 lines return false but lines 4 and 5 return true. I use apache shiro 1.2.0.
Have i any mistake? Do you have any solution for it?
Thanks.
What you actually do is query with strings that are used to declare permissions.
Taking your comment into account, the permissions declaration whould be something like:
[role]
x = a:b:c,d,e
Now the role x declares that it has permission on a:b:c, a:b:d and a:b:e.
Those are the values you can check permissions on. You can't check on wildcards as those are only used in declaring permissions.
So query on a:b:* or a:b:c,d will never work.
Query on a:b would work if you have declared it specifically in your shiro.ini.
So the only thing you can query on is a:b:c, a:b:d and a:b:e.
To give another example. User x can have the right to print anything, but user y only print on epson.
You declare the right for user x as: print:* and for user y as print:epson.
Now for user x print:epson and print:brother will return true, but for user y only print:epson will return true and print:brother will return false.
So you declare that some role/user is allowed anything below a:b by using a:b, or a:b:*, but the actual action you query should be specific, so that is why only a:b:c and a:b:d return true.
Related
I'm having trouble understanding how WildcardPermissionBasedAuthorization works (docs)
The following code returns false, which as far as I know means that the user is not authorized, though I would expect at least one of these 'or' authorizations to match the wildcard one of "t*"
User user = User.create(new JsonObject().put("username", "testUser"));
user.authorizations().add("", PermissionBasedAuthorization.create("test"));
user.authorizations().add("", WildcardPermissionBasedAuthorization.create("t*"));
OrAuthorization or = OrAuthorization.create();
or.addAuthorization(PermissionBasedAuthorization.create("t"));
or.addAuthorization(PermissionBasedAuthorization.create("te"));
or.addAuthorization(WildcardPermissionBasedAuthorization.create("t"));
or.addAuthorization(WildcardPermissionBasedAuthorization.create("te"));
or.addAuthorization(WildcardPermissionBasedAuthorization.create("te*"));
or.match(user); //is false
What I'm trying to achieve is give my user access to anything that starts with 't', and then in my handler assert whether the user has access to 'te'
thanks,
Fil
Ok, turns out you can put a wildcard for an entire colon-delimited section only, like
"newsletter:edit:*"
from here
I have a traversal as follows:
g.V().hasLabel("demoUser")
.as("demoUser","socialProfile","followCount","requestCount")
.select("demoUser","socialProfile","followCount","postCount")
.by(__.valueMap())
.by(__.out("socialProfileOf").valueMap())
.by(__.in("followRequest").hasId(currentUserId).count())
.by(__.outE("postAuthorOf").count())
I'm trying to select a user vertex, their linked social profile vertex, and some other counts. The issue is that all users may not have a socialProfile edge. When this is the case the traversal fails with the following error:
The provided start does not map to a value: v[8280]->[TitanVertexStep(OUT,[socialProfileOf],vertex), PropertyMapStep(value)]
I did find this thread from the gremlin team. I tried wrapping the logic inside of .by() with a coalesce(), and also appending a .fold() to the end of the statement with no luck.
How do I make that selection optional? I want to select a socialProfile if one exists, but always select the demoUser.
coalesce is the right choice. Let's assume that persons in the modern graph have either one or no project associated with them:
gremlin> g.V().hasLabel("person").as("user","project").
select("user","project").by("name").by(coalesce(out("created").values("name"),
constant("N/A")))
==>{user=marko, project=lop}
==>{user=vadas, project=N/A}
==>{user=josh, project=ripple}
==>{user=peter, project=lop}
Another way would be to completely exclude it from the result:
g.V().hasLabel("person").as("user","project").choose(out("created"),
select("user","project").by("name").by(out("created").values("name")),
select("user").by("name"))
But obviously this will only look good if each branch returns a map / selects more than 1 thing, otherwise you're going to have mixed result types.
I'm a total erlang noob and I just want to see what's in a particular table I have. I want to just "select *" from a particular table to start with. The examples I'm seeing, such as the official documentation, all have column restrictions which I don't really want. I don't really know how to form the MatchHead or Guard to match anything (aka "*").
A very simple primer on how to just get everything out of a table would be very appreciated!
For example, you can use qlc:
F = fun() ->
Q = qlc:q([R || R <- mnesia:table(foo)]),
qlc:e(Q)
end,
mnesia:transaction(F).
The simplest way to do it is probably mnesia:dirty_match_object:
mnesia:dirty_match_object(foo, #foo{_ = '_'}).
That is, match everything in the table foo that is a foo record, regardless of the values of the fields (every field is '_', i.e. wildcard). Note that since it uses record construction syntax, it will only work in a module where you have included the record definition, or in the shell after evaluating rr(my_module) to make the record definition available.
(I expected mnesia:dirty_match_object(foo, '_') to work, but that fails with a bad_type error.)
To do it with select, call it like this:
mnesia:dirty_select(foo, [{'_', [], ['$_']}]).
Here, MatchHead is _, i.e. match anything. The guards are [], an empty list, i.e. no extra limitations. The result spec is ['$_'], i.e. return the entire record. For more information about match specs, see the match specifications chapter of the ERTS user guide.
If an expression is too deep and gets printed with ... in the shell, you can ask the shell to print the entire thing by evaluating rp(EXPRESSION). EXPRESSION can either be the function call once again, or v(-1) for the value returned by the previous expression, or v(42) for the value returned by the expression preceded by the shell prompt 42>.
I'm trying to filter noise out of an image in matlab and I've hit an issue. I need to be able ask some function whether or not if the index -1,-3 or -1,4 or 5,-1 exists, and I need it to return some integer or a false so that I can put it in an if statement. so far, with islogical() exist() and just ARRAYNAME(-1,4) I've gotten an error saying that index position doesn't exist (duh, but that's not what I want) is there a function that can return 1 if there's an error? I really just need this one thing. let me know if the question is too vague.
You can use try-catch statement as follows.
function element=neverReturnIndexingError(array1)
%array1=[1 2 3 4];
try
element=array1(-1,2);
catch
fprintf('Index is invalid\n');
element=1; %returning 1 as you said
end
Using Watir Webdriver, I wanted to have a helper that would check for any element with given id. I may not know what type it is ( button or link or text). Can I just do
browser.Element(:id, id).exists
All of the examples i've found on google check against a specific element type, as in
browser.button(:id," ").exits
If there is a way, please share the syntax.
In Watir-Webdriver, I would use something like this:
browser.element(class: 'post-tag').exists?
which would find the watir-webdriver tag on this page and report that it exists. Note that I used the 1.9 syntax instead of the alternative syntaxes of:
browser.element(:class => 'post-tag').exists?
or
browser.element(:class, 'post-tag').exists?
As Dave points out, there is #element method. (You were wrong just in capitalization, it is not #Element.)
Since you are asking about accessing it using id attribute, try this:
browser.element(:id => id)
I've never gotten .exists? to work right on it's own.
What I've had to use in these cases has been to explicitly validate the "exist?"... like:
cf_checbox = #browser.text_field(:id=>'continue-ring', :value=>true).exists?
assert( cf_description == true)
without that explicit assertion, I would always get a "true" even when the value didn't exist.