Railo DSN Allow permissions


I got asked a question by one of our sysadmins earlier about permissions on railo DSN’s. I had usually just set the permissions in the admin and then copied the resulting values into our puppet configs. But a quick dig through the source code and I found the full low down.

This is a typical DSN connection line from the railo-web.xml.cfm

 <data-source allow="15" blob="false" class="org.gjt.mm.mysql.Driver" clob="false" connectionTimeout="1" custom="characterEncoding=UTF-8&autoReconnect=true&useUnicode=true&allowMultiQueries=true&useOldAliasMetadataBehavior=true&jdbcCompliantTruncation=true&tinyInt1isBit=true&zeroDateTimeBehavior=exception" database="dbname" dsn="jdbc:mysql://{host}:{port}/{database}" host="localhost" metaCacheTimeout="60000" name="datasourcename" password="dbpassword" port="3306" storage="false" username="dbusername" validate="false"/>

The field I was interested in was allow=”15″.

In the file: railo-java/railo-loader/src/railo/runtime/db/DataSource.java I got the details:

1 SELECT
2 DELETE
4 UPDATE
8 INSERT
16 CREATE
32 GRANT
64 REVOKE
128 DROP
256 ALTER

Some handy values:

  • 1 – SELECT only
  • 15 – SELECT, INSERT, UPDATE, DELETE

It’s great to be able to get right into the source to get the full details of what the system is doing.

Cheers,
Mark


This post was posted in , , , , by on