RE: Order of null values in sorting from Babich, Alan on 1998-07-19 (www-webdav-dasl@w3.org from July to September 1998)

From: Babich, Alan <ABabich@filenet.com>
Date: Sun, 19 Jul 1998 15:23:26 -0700
To: "'Jim Davis'" <jdavis@parc.xerox.com>, www-webdav-dasl@w3.org
Message-ID: <72B1992276A9D111A20E00805FEAC96D01324C73@cm-expo1.filenet.com>

From first to last, ascending order should be

D3 (author has never been set, or you are unauthorized)
D2 (author is the zero length string. Such strings  
    are considered to have a value, i.e., are not null.
    And they come before all strings with length > 0.)
D1 (author is "Reddy")

The basic principle of security is that it quietly
drops out things that you aren't permitted to see.
Your question assumes property level security.
So, for the case that you can't see a property
because you are unauthorized, I would propose to 
treat the property as if it were null. I would
not distinguish this type of null from any other
type of null in order to avoid giving out any
information. (This would also probably be the
easiest approach to implement.)

As for discriminating between undefined and null:
I seem to remember that most or all of us who 
have expressed an opinion agreed (1) that we would 
like to give a fatal error for misspelled property 
names (i.e., undefined properties) so that the query 
fails, and (2) that in the case where multiple disjoint 
collections are involved, that three valued elimination 
is used by the middleware to massage the copies of 
the query sent to each scope element such that 
no undefined properties or operators are 
seen by any scope element. (If there is no middleware
functionality available, and middleware functionality 
is needed, the query fails.)


Alan Babich

> -----Original Message-----
> From: Jim Davis [mailto:jdavis@parc.xerox.com]
> Sent: July 17, 1998 9:57 PM
> To: www-webdav-dasl@w3.org
> Subject: Re: Order of null values in sorting
> 
> 
> >Therefore, in view of (1)-(8), I propose we put nulls first 
> >in DASL sortby result orderings.
> 
> Seems fine to me.
> 
> One last question: what is the relative order of undefined 
> properties and
> null properties?
> 
> e.g, you search for documents where title = foo and sort by 
> author.  For
> doc D1, the author is Reedy, for D2, the author has been set 
> to the empty
> string,
> for D3 the author property has never been set (or perhaps the 
> client has no
> right to see it.)
> 
> Clearly D2 comes before D3 in the sort.  But what about D1?
>

Received on Sunday, 19 July 1998 18:26:22 UTC