Just looking for some advise on how I could store if a user has permissions to do a certain task.
The way the project is laid out is there are lots of "section" and then there are multiple permissions associated within that section.
For example
Management section permissions
can delete
can add
can move
Creation section permissions
can create
can createbigger
can createbest
Each user can have any of these permissions and does not require the previous permission in order to have it
Probably not the best example but I cant think of anything
I was thinking of having a system using intergers kinda like linux's permission system but was wondering what other people would recommend sorry if my question is not very clear.
Thanks!
Forgot to mention I indtend of storing the permissions in a database!
I want to create a databag with credentials of servers which needs to be encrypted.
Do I need to create chef-vault first ?
I hope this https://blog.chef.io/2016/01/21/chef-vault-what-is-it-and-what-can-it-do-for-you/ will help you. When it comes to editing a vault, I would rather delete and recreate a vault than edit it as it's easy to do.
I am trying to delete an instance from GUI web tool. It is showing that the instance have been deleted and it is removed from the list. Also the desk have been deleted. But after some time it is coming back in the list. Can some one please tell me what is the issue ?
Thanks!
As mention on my previous comment, if you have installed any of the click to deploy software packages in GCE, you need to delete the cluster in the same page.
If this is not the case, in the Developers Console, the 'Operation' option, provides information of instance being created and by whom. This can give you an idea on what is sniping back the instance. If is's a service account, you need to find the script that is creating the instance and stop it.
I trying to find a way to determine if meeting details have changed so I can update the records of it in a database that is used to display the details for the meetings on a web site.
I know there is Appointment.LastModifiedTime but that also changes when a response is returned. I want something that will change only if there was an update to the meeting details.
I've seen Appointment.IsUnmodified and tested it with a new meeting but it still returned false.
Does anyone know of a reliable way to check this?
On a side note, is there any id associated with an item that I can use as a reference in the db? I've been using itemID, but i read that under certain circumstances that will change. Is that true?
You can store the ChangeKey along with the UniqueId in the database.
I'm working on logs for a customer service application. Another guy who is not a very experienced developer is working on other things, but we're both in the same database. He has some friends that work in Customer Service. I don't think he'd delete logs, but I want to be sure that if logs were deleted, we'd know about it.
Is it possible to get an email if a row is deleted, can I make a backup of that row in another database somewhere of the "deleted" data if it was deleted...... what are my options?
Or better yet.... what do you do?
Update
Part of the issue here is that there is no "programming" or "development" manager. The company has 25 employees - 2 of which are developers and we answer to the office manager who knows nothing about development.
For starters, don't allow developers access to the production environment. (Nobody should have direct access to the production environment except your highly trusted system administrator.)
Next, do all data changes via stored procs with a special account, and don't allow interactive access to the tables.
Finally, as part of the software, add an audit trail so you can see who did the deletion.
Or better yet.... what do you do?
Create second database user for him and do not grant DELETE privileges for log table?
I think hourly backups, and if necessary comparing the row counts, are the easiest and most reliable thing to do.
That's one reason why developers should not have access to production data. There are many more, privacy comes to mind, but to me the most important is still that you do not want anyone, no matter how trusted, able to "mess" with live data in any way.
So make sure developers work against a separate database, and ensure that the live production database does not have any users with priviliges they shouldn't have.
Make backups in another table with ENGINE=ARCHIVE? You need the privileges to run DDL statements in order to remove data from an ARCHIVE table.