Menu
▾
▴
Re: [Openinteract-help] Security of initial data
|
From: Chris W. <ch...@cw...> - 2001-10-13 14:12:39
|
* Jochen Lillich (jl...@te...) [011013 06:11]: > Hi Chris, > > As we already discussed, I tried to import some data by converting it > into an initial_data.perl file. The data import went well, but I was > surprised that no security entries were generated. So my data couldn't > be accessed by anyone but the superuser. Is this behaviour intentional? I had a response all prepared for this based on what I *thought* would happen, but then I actually looked at the code and saw this wasn't so. Whoops! Previously I'd generated all new security entries by hand (or script) and put them in the 'install_security.dat' files you'll find in the various packages, but this clearly isn't scalable. The problem is that when we're installing security we're not running under a user, so we have to do the 'save()' call with 'skip_security' set to allow the insert to proceed. However, when 'skip_security' is active we also don't create security, so that's why no security was created for your objects. To automate this there's a batch security creation script at 'pkg/base_security_x.xx/script/create_object_security.pl'. To solve the problem is a little more tricky and a bit of a bootstrapping issue. (It's also kind of complicated.) So maybe what I'll do for now is writeup a data import guide that has the instructions to use the script I mentioned above. In the long-term maybe we can make this more consistent. Thanks, Chris -- Chris Winters (ch...@cw...) Building enterprise-capable snack solutions since 1988. |
