[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Demexp-dev] login method and cookie

From: Lyu Abe
Subject: Re: [Demexp-dev] login method and cookie
Date: Sun, 12 Oct 2008 23:06:23 +0200
User-agent: Thunderbird (Windows/20080914)


ok, so if I understand right, all the methods I mentioned in my email (max_question_id and max_tag_id) should work and return correct values even if I'm not logged in. Other functions with 'privilege' will return an error code.

In that case I get it. And yes, the code returns error codes is any (for example 'rt_bad_login' if I enter the wrong login/pwd).

        See you, Lyu.

David MENTRE a écrit :
Hi Lyu,

On Sun, Oct 12, 2008 at 22:09, Lyu Abe <address@hidden> wrote:
Actually no: I am using a C code (xmlrpc-c) to call the methods on the
server with the "root" login.

I commented the 'login' method calls but could still obtain responses from
other methods ('max_question_id' and 'max_tag_id'). I don't know if this is
a normal behaviour.

Certain methods are restricted to certain role. E.g. method
set_question_status is restricted to classifier.
You need to look at the code to know the restriction about each method.;file=srv/

For example:
347 let set_question_status (cookie, q_id, new_status) =
348     do_if_classifier cookie

This method is executed only if the caller has "classifier" rights.

It's a very simple C code (just call and proceed the result). I just skipped
the 'login' step, and could still access other methods...

Do you check return codes of the other method calls (after the login)?
It is normal to be able to call them. But they should return an error
if you don't have enough access rights.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]