• Grammah Nahtzee (unregistered) in reply to Yuval
    Yuval:
    You mean "its".

    (this was a commentary on the superfluous apostrophe in the last paragraph of the article. Seriously. "It's development"??)

    It could also be a commentary on the post immediately preceding yours. ;-)

  • validus (unregistered) in reply to Anon
    Anon:
    Ken B.:
    by:
    Yes, it will be difficult (without some creativity) to assign multiple roles to induhviduals.
    What makes you think it's so difficult? Simply replace
    return UserName.StartsWith(roleName.Substring(0, 3));
    with
    return UserName.Contains(roleName.Substring(0, 3));

    Now that's TRWTF.

    But TRTRWTF would be to do the same thing, case-insensitive.

  • Joe Delote (unregistered) in reply to Admiral Nelson

    My company has an immediate opening for you Nelson.

  • Bill's kid (unregistered) in reply to Bert Glanstron
    Bert Glanstron:
    Admiral Nelson:
    I don't see the problem. It's very convenient for me.

    Dear Admiral Nelson,

    In case you can’t tell, this is a grown-up place. The fact that you insist on using your ridiculous handle clearly shows that you’re too young and too stupid to be using the admin role.

    Go away and grow up.

    Sincerely, Bert Glanstron

    Shut up Bert! you're just mad you're stuck in the Bottom Enduser Role.

  • Godot (unregistered) in reply to Admiral Nelson

    I completely agree.

  • justsomedude (unregistered)

    Now if the User Name Login authentication also strips off the first few chars, you see where I'm going...

  • BradMKempthorn-Vounier (unregistered) in reply to validus
    validus:
    Anon:
    Ken B.:
    by:
    Yes, it will be difficult (without some creativity) to assign multiple roles to induhviduals.
    What makes you think it's so difficult? Simply replace
    return UserName.StartsWith(roleName.Substring(0, 3));
    with
    return UserName.Contains(roleName.Substring(0, 3));

    Now that's TRWTF.

    But TRTRWTF would be to do the same thing, case-insensitive.

    I really don't see what you mean.

  • logical.. (unregistered) in reply to Bloat Grotsnorf
    Bloat Grotsnorf:
    zelmak:
    Bert Glanstron:
    Dear Admiral Nelson,

    In case you can’t tell, this is a grown-up place. The fact that you insist on using your ridiculous handle clearly shows that you’re too young and too stupid to be using the admin role.

    Go away and grow up.

    Sincerely, Bert Glanstron

    /me wrestles that meme to the ground and beats it to death with a hamster.

    How do you do this on an embedded system with no file system? (/me runs for cover.)

    Brillant! now when do we get the xkcd for this wtf?

  • Tessa (unregistered) in reply to Pentium100
    Pentium100:
    Anonymous:
    Say you have 10 modules in your site and want to be able to grant employees access to update different modules. Suppose further that you have 1000 employees and they all need access to different groupings of modules? Now you need to create a ton of prefixes to cover all of those scenarios. Once you determine the prefixes, you need to hardcode each code into the permissions code.

    Simple - assign each module a number (power of 2, so 10 modules would have numbers of 1, 2, 4, ..., 1024). When you want to give a user privileges to certain odules, just add their numbers and place the sum as a prefix to user name, so 16_n00b will have access to module number 5, while 2047_admin will have access to all modules.

    that's a long way of saying 'bitmask'.

    anyone know why my account does random things all the time? It is very frustrating.

  • (cs) in reply to Anon
    Anon:
    Buzz Killington:
    True most don't let you choose your user name. Most systems also allow one person to have multiple roles that are far more fine-grained than Customer, Employee and Admin. The point is that intelligence should never be built into keys - that is the beauty of relational databases.

    Most system perhaps, but we are making assumptions again about how this particular system works. It's quite possible to only have roles that are supersets (or subsets) of other roles so there is never a need for multiple roles.

    I agree that including roles in username is an inelegant solution and is missing the point of relational databases.

    Just because roles are subsets and supersets of each other today doesn't mean that a design that prohibits it forever is a good idea.

    As for missing the point of relational database... some software I inherited has a properly designed relational database with a user table, a role table, and a junction table between the two for membership. However, the UI and all of the permission evaluation code only support one role per user. It also stores both the username and the surrogate PK of the user in the user-role table and is inconsistent in the use of the two. Also, the UI has no feature to change the role of a user, mainly due to the fact that the UI actually creates the user account and assigns a role derived prefix. At least the data design is decent enough to allow us to fix these issues one at a time.

  • CAPTCHA: appellatio (unregistered)

    Dear Alex,

    Please change the name of the comments section to "Daily Hints for How to Over-Engineer Software Solutions."

  • trak998 (unregistered)

    Three words: Extensible Markup Language

    http://download.oracle.com/javaee/5/tutorial/doc/bncav.html

    Not spam, askimet--just trying to keep my comment brief.

  • Buzz Killington (unregistered) in reply to trak998
    trak998:
    <snip> FTFY

    Seriously, every time someone uses a relational database for something that could be fixed in a text file that can be sent via HTTP and parsed trivially another kitten dies.

    Knowing that, I will continue to use a database for everything. Now if you said a puppy dies...I'd rethink my position.

  • M. Auratus (unregistered) in reply to zelmak
    zelmak:
    Bert Glanstron:
    Dear Admiral Nelson,

    In case you can’t tell, this is a grown-up place. The fact that you insist on using your ridiculous handle clearly shows that you’re too young and too stupid to be using the admin role.

    Go away and grow up.

    Sincerely, Bert Glanstron

    /me wrestles that meme to the ground and beats it to death with a hamster.

    You know what they say. "When your only tool is a hamster..."

  • (cs) in reply to trak998
    trak998:
    Seriously, every time someone uses a relational database for something that could be fixed in a text file that can be sent via HTTP and parsed trivially another kitten dies.
    We'd better crack on with porting everything to RDBMSes. The world contains too many kittens already.

    And puppies.

    And people.

  • Jerry Penacoli (unregistered) in reply to M. Auratus
    M. Auratus:
    zelmak:
    Bert Glanstron:
    Dear Admiral Nelson,

    In case you can’t tell, this is a grown-up place. The fact that you insist on using your ridiculous handle clearly shows that you’re too young and too stupid to be using the admin role.

    Go away and grow up.

    Sincerely, Bert Glanstron

    /me wrestles that meme to the ground and beats it to death with a hamster.

    You know what they say. "When your only tool is a hamster..."

    I can hook you up. ;)

  • Harder than Hard-Core (unregistered) in reply to Buzz Killington
    Buzz Killington:
    trak998:
    <snip> FTFY

    Seriously, every time someone uses a relational database for something that could be fixed in a text file that can be sent via HTTP and parsed trivially another kitten dies.

    Knowing that, I will continue to use a database for everything. Now if you said a puppy dies...I'd rethink my position.

    At my job, we use a database for everything too: including source code. Each line is stored in LINE_NO. The interpreter that drives the code is stored in binary and is executed directly on the operating system (we have different binaries for Windows and Linux, not Apple). Some developers have some difficulty with this concept and insist on hard-coding values in the source that is in the database without defining the foreign keys (this approach is actually quite extensible if you need to execute different code for different data values on the fly--the conditional statements can be reduced quite a bit based on how you write the stored procedures). Once you get the hang of it, it's really quite an elegant system (of course I designed it and don't have to maintain it anymore, so I'm biased).

    Truly one of the wonders of the modern software world and not a WTF at all.

  • (cs)

    A user never changes role. It's the caste system. Born level 1 tech support, always level 1 tech support. Must've been developed in India. MAKES PERFECT SENSE! You people and your western-centrism.

  • vovo (unregistered)

    select roles.roleabbr + user.lastname as UserName ...

  • fjf (unregistered) in reply to logical..
    logical..:
    Bloat Grotsnorf:
    zelmak:
    Bert Glanstron:
    Dear Admiral Nelson,

    In case you can’t tell, this is a grown-up place. The fact that you insist on using your ridiculous handle clearly shows that you’re too young and too stupid to be using the admin role.

    Go away and grow up.

    Sincerely, Bert Glanstron

    /me wrestles that meme to the ground and beats it to death with a hamster.

    How do you do this on an embedded system with no file system? (/me runs for cover.)

    Brillant! now when do we get the xkcd for this wtf?

    I asked Paula Beans. She said FILE_NOT_FOUND.

  • (cs) in reply to nixar
    nixar:
    A user never changes role. It's the caste system. Born level 1 tech support, always level 1 tech support. Must've been developed in India. MAKES PERFECT SENSE! You people and your western-centrism.

    Really? When I looked at this, I thought it looked like it came from a Russian outsourcing team, actually...

  • Nicolás (unregistered) in reply to Admiral Nelson

    Ordinario!

  • TRL_BRILLIANT (unregistered) in reply to UNR_JohnSmith

    Your solution just suck.

  • Anonymous (unregistered)

    I tried wikipedia, but I still don't get the Admiral Nelson joke. Can someone please explain?

  • ideo (unregistered) in reply to Yuval
    Yuval:
    You mean "its".

    (this was a commentary on the superfluous apostrophe in the last paragraph of the article. Seriously. "It's development"??)

    Well, it is development... o_0

  • ADM_iral_Nelson (unregistered) in reply to Anonymous
    Anonymous:
    I tried wikipedia, but I still don't get the Admiral Nelson joke. Can someone please explain?
    I have no idea.
  • Andrew (unregistered) in reply to M. Auratus
    M. Auratus :
    You know what they say. "When your only tool is a hamster..."

    ...every problem is a celebrity's colon?

  • Me (unregistered)

    TRWTF is the definition of a "role" in the preamble.

    Applications should define privileges ("create invoice", "view invoice", "pay invoice" etc); roles are collections of privileges; users are assigned roles (preferably; direct privileges if messy).

  • robo (unregistered) in reply to Anonymous
    Anonymous:
    I tried wikipedia, but I still don't get the Admiral Nelson joke. Can someone please explain?

    UserName = "Admiral Nelson";

    if(IsInRole("Administrator") { // Brillant! ...

  • (cs) in reply to TRL_BRILLIANT
    TRL_BRILLIANT:
    Your solution just suck.

    Shouldn't that be TRL_BRILLANT?

  • (cs) in reply to Anon
    Anon:
    jonsjava:
    After entering her password (Snookums1902 -- her cat's name, and her year of birth).

    Wow! That's one old cat.

    No one said the cat was still alive....

  • Schro-dingbat (unregistered) in reply to notromda
    notromda:
    Anon:
    jonsjava:
    After entering her password (Snookums1902 -- her cat's name, and her year of birth).

    Wow! That's one old cat.

    No one said the cat was still alive....

    Obviously it was both alive and dead at the same time...

    CAPTCHA 'augue', I'd augue with you about it, but the cat is still pretty damn old either way.

  • (cs) in reply to Schro-dingbat
    Schro-dingbat:
    Obviously it was both alive and dead at the same time...

    Don't open the box!

  • qbolec (unregistered)
    As for the rest of the system, it's development was similar: it passed the test cases and little more.
    This is what you get when you use Test Driven Development in conjunction with Deadline Fear Management
  • Knux2 (unregistered) in reply to notromda
    notromda:
    Anon:
    jonsjava:
    After entering her password (Snookums1902 -- her cat's name, and her year of birth).

    Wow! That's one old cat.

    No one said the cat was still alive....

    Is it still in a box with a small amount of radioactive substance and some hydrocyanic acid?

  • (cs) in reply to fjf
    fjf:
    logical..:
    Bloat Grotsnorf:
    zelmak:
    Bert Glanstron:
    Dear Admiral Nelson,

    In case you can’t tell, this is a grown-up place. The fact that you insist on using your ridiculous handle clearly shows that you’re too young and too stupid to be using the admin role.

    Go away and grow up.

    Sincerely, Bert Glanstron

    /me wrestles that meme to the ground and beats it to death with a hamster.

    How do you do this on an embedded system with no file system? (/me runs for cover.)

    Brillant! now when do we get the xkcd for this wtf?

    I asked Paula Beans. She said FILE_NOT_FOUND.

    I am curious. Is there a reason why so many people know all these memes, going back years, but don't bother to register? Am I doing it wrong?

  • Rick (unregistered) in reply to Rick
    Rick:
    I am curious. Is there a reason why so many people know all these memes, going back years, but don't bother to register? Am I doing it wrong?

    So you can change your post name to coordinate with the story. Like this. Whoa...

  • (cs)

    It seems to me that it's much more of a Brown M&M than a Canary.

  • TRL_away (unregistered) in reply to logical..
    logical..:
    Bloat Grotsnorf:
    zelmak:
    Bert Glanstron:
    Dear Admiral Nelson,

    In case you can’t tell, this is a grown-up place. The fact that you insist on using your ridiculous handle clearly shows that you’re too young and too stupid to be using the admin role.

    Go away and grow up.

    Sincerely, Bert Glanstron

    /me wrestles that meme to the ground and beats it to death with a hamster.

    How do you do this on an embedded system with no file system? (/me runs for cover.)

    Brillant! now when do we get the xkcd for this wtf?

    (/everyone searches for IGNORE button)

  • (cs) in reply to Rick
    Rick:
    Rick:
    I am curious. Is there a reason why so many people know all these memes, going back years, but don't bother to register? Am I doing it wrong?

    So you can change your post name to coordinate with the story. Like this. Whoa...

    For that, just don't sign in for the post.

    Sincerely, Horatio

  • Photo (unregistered) in reply to Rick
    Rick:
    fjf:
    logical..:
    Bloat Grotsnorf:
    zelmak:
    Bert Glanstron:
    Dear Admiral Nelson,

    In case you can’t tell, this is a grown-up place. The fact that you insist on using your ridiculous handle clearly shows that you’re too young and too stupid to be using the admin role.

    Go away and grow up.

    Sincerely, Bert Glanstron

    /me wrestles that meme to the ground and beats it to death with a hamster.

    How do you do this on an embedded system with no file system? (/me runs for cover.)

    Brillant! now when do we get the xkcd for this wtf?

    I asked Paula Beans. She said FILE_NOT_FOUND.

    I am curious. Is there a reason why so many people know all these memes, going back years, but don't bother to register? Am I doing it wrong?

    Yes. You need to put it on a wooden table first.

  • The Nerve (unregistered) in reply to Rick
    Rick:
    fjf:
    logical..:
    Bloat Grotsnorf:
    zelmak:
    Bert Glanstron:
    Dear Admiral Nelson,

    In case you can’t tell, this is a grown-up place. The fact that you insist on using your ridiculous handle clearly shows that you’re too young and too stupid to be using the admin role.

    Go away and grow up.

    Sincerely, Bert Glanstron

    /me wrestles that meme to the ground and beats it to death with a hamster.

    How do you do this on an embedded system with no file system? (/me runs for cover.)

    Brillant! now when do we get the xkcd for this wtf?

    I asked Paula Beans. She said FILE_NOT_FOUND.

    I am curious. Is there a reason why so many people know all these memes, going back years, but don't bother to register? Am I doing it wrong?

    Or we just ran across this sight a couple of months ago; and used the random link already hundreds of times.

  • Larry (unregistered) in reply to qbolec
    qbolec:
    As for the rest of the system, it's development was similar: it passed the test cases and little more.
    This is what you get when you use Test Driven Development in conjunction with Deadline Fear Management

    +1 for sad truth.

  • Bert Glanstron (unregistered) in reply to Rick
    Rick:
    Rick:
    I am curious. Is there a reason why so many people know all these memes, going back years, but don't bother to register? Am I doing it wrong?

    So you can change your post name to coordinate with the story. Like this. Whoa...

    Dear Rick,

    In case you can’t tell, this is a grown-up place. The fact that you insist on replying to your own post clearly shows that you’re too young and too stupid to be using thedailywtf.com.

    Go away and grow up.

    Sincerely, Bert Glanstron

  • ÃÃââ (unregistered)

    That system obviously won't work for me. I can't think of any role that would start with ÃÆ

  • (cs) in reply to Rick
    Rick:
    I am curious. Is there a reason why so many people know all these memes, going back years, but don't bother to register? Am I doing it wrong?

    It's how you can tell the n00bs. Most of these memes are repeated almost daily, so it takes no time at all to pick up on them. Captcha posting is another telltale sign of newness.

  • Bert Glanstron (unregistered) in reply to frits
    frits:
    Rick:
    I am curious. Is there a reason why so many people know all these memes, going back years, but don't bother to register? Am I doing it wrong?

    It's how you can tell the n00bs. Most of these memes are repeated almost daily, so it takes no time at all to pick up on them. Captcha posting is another telltale sign of newness.

    You are an idiot and should be banned from your mommy and daddy’s modem.

  • Private Discussion (unregistered) in reply to Admiral Nelson

    So, when the customer, "Cusine Showroom" comes through, there's no problem, but when the customer is "Empire Products", well, they get the keys to the kingdom.

  • shimon (unregistered) in reply to logical..
    logical..:
    Brillant! now when do we get the xkcd for this wtf?

    For “brillant”, we seem to have one right today: http://xkcd.com/780/

  • (cs) in reply to Bert Glanstron
    Bert Glanstron:
    frits:
    Rick:
    I am curious. Is there a reason why so many people know all these memes, going back years, but don't bother to register? Am I doing it wrong?

    It's how you can tell the n00bs. Most of these memes are repeated almost daily, so it takes no time at all to pick up on them. Captcha posting is another telltale sign of newness.

    You are an idiot and should be banned from your mommy and daddy’s modem.

    You know, the difference between funny and you is the obviousness of your reference. If you were to refer to something obscure but related, it may be construed as interesting. That way, you could still just copy-and-paste someone else's work, but at least it would be entertaining.

Leave a comment on “Role-based Canary”

Log In or post as a guest

Replying to comment #:

« Return to Article