Railo DSN Allow permissions


I got asked a question by one of our sysadmins earlier about permissions on railo DSN’s. I had usually just set the permissions in the admin and then copied the resulting values into our puppet configs. But a quick dig through the source code and I found the full low down.

This is a typical DSN connection line from the railo-web.xml.cfm

 <data-source allow="15" blob="false" class="org.gjt.mm.mysql.Driver" clob="false" connectionTimeout="1" custom="characterEncoding=UTF-8&autoReconnect=true&useUnicode=true&allowMultiQueries=true&useOldAliasMetadataBehavior=true&jdbcCompliantTruncation=true&tinyInt1isBit=true&zeroDateTimeBehavior=exception" database="dbname" dsn="jdbc:mysql://{host}:{port}/{database}" host="localhost" metaCacheTimeout="60000" name="datasourcename" password="dbpassword" port="3306" storage="false" username="dbusername" validate="false"/>

The field I was interested in was allow=”15″.

In the file: railo-java/railo-loader/src/railo/runtime/db/DataSource.java I got the details:

1 SELECT
2 DELETE
4 UPDATE
8 INSERT
16 CREATE
32 GRANT
64 REVOKE
128 DROP
256 ALTER

Some handy values:

  • 1 – SELECT only
  • 15 – SELECT, INSERT, UPDATE, DELETE

It’s great to be able to get right into the source to get the full details of what the system is doing.

Cheers,
Mark

Related Content


This post was posted in , , , , by on