Does this strict reading allow both Extra attack and Thirsthing blade to be used together?

The warlock invocation Thirsting Blade cannot be normally used with the class feature Extra attack since both feature explicitly say attack twice instead of once. But it seems to me that you could use both features when using two weapon fighting.

Assuming two light weapons, one of which is your pact weapon. You take the Attack action on your turn to attack twice with your non-pact weapon using you Extra Attack class feature.

Then, given the two fighting rules, you use your bonus action to attack once using your pact weapon this time.

Two weapon fighting rules (PHB p.195):

When you take the Attack action and attack with a light melee weapon that you’re holding in one hand, you can use a bonus action to attack with a different light melee weapon that you’re holding in the other hand.

But since your have the Thirsting Blade invocation, and you used the Attack action, you get to attack twice with your pact weapon.

Thirsting Blade (PHB p.111):

Vou can attack with your pact weapon twice, instead of once, whenever you take the Attack action on your turn.

Does this combo work or is there any interaction I’m not aware of ?

How to allow AD group to access and manage IIS sites and pools?

i manage actually a domain with around 34 IIS servers running webapplications.

I would like to get a better user right management in my domain.

For the moment, my users allowed to manage IIS websites and pools are members of the Domain Admins group which is not really secure.

For getting more control i would like to create an AD group containing the users allowed to manage IIS sites and pools ans only let them manage this part of the server.

But, i don’t know how to proceed for allowing this group to acces and manage IIS websites.

I’ve read some article on Technet explaining how to do this manually but i got lot of servers running IIS and lot of users and i cannot do it by hand here it is :

My users access to the management console from RDP connection. They can open the console but they don’t see any website in the left pane.

Can you help me ?

Would it be unbalanced to allow a ranger to take multiple archetypes as if multiclassing?

I’m DM-ing a game in which one of the players wants to take two ranger archetypes as if multiclassing as a ranger/ranger.

The two archetypes would be treated as if they were separate classes and they would take new levels in one archetype or the other. So for example, at character level 7 they would have everything a level 7 ranger has regardless of archetype and, say they were hunter 4/beast master 3, they would have the features of a level 4 hunter and a level 3 beast master.

Would it break the game to allow them to do this?

How can I allow interaction between user-only modules & admin-only modules without polluting with privilege checks?

Important note: This is PHP (5.3+). PHP is stateless and everything you do dies when the request is over unless saved to a persistent storage.

My system right now can register a module and set its usage permissions, e.g: who can access this module’s functionality based on a pre-defined set of rules, but generally, most of the time we’ll just be looking for whether the requester is an user or an administrator.

Thing is though, I realized this late that there’s a potentially big problem: if I register a module as admin-level, the permissions are then set at the moment that module initializes, there’s virtually no way for my user-level modules, or really anyone without promer permissions to interact with them, even if these unprivileged parties have a real reason for it, as such, a few points up until now:

Point 1: Well, maybe if an u-level module has to interact with an a-level, then that a-level really shouldn’t be an a-level module. As it stands right now, when the user logs in and the modules are loaded, this is how it looks: enter image description here

The user can’t even find the module, because it’s not there.

Resolve: Create a new hierarchy where my modules have sub-modules or partitions and if one of them deviates from the inherited parent-module’s permissions, you have to write that by hand, it’d look like this:

enter image description here

So, now, the big module has no permissions set, but the sub-modules do and they’re being checked every single time the user accesses them.

This seems to solve the issue, but only at a surface level because it lands me back to the issue of me having to check every time I access a resource:

enter image description here

Point 2: This is both I/O so I need to make everything available.


I came up with “data residuums”. Basically, if the user-level module is interested in the inner-workings / output of the admin-level modules, that admin-level module can spit out “registries” of data that it updates whenever it has to and whoever is interested in these can just check them. This way, it’s ensured that, no matter what it happens, I can still access the admin-level module’s data if I need, but I won’t be able to interact with its inner-workings. I’ll be able to see (some) of them, but this way, I can ensure that low-privileged users can’t suddenly make admin-level changes on my site:

enter image description here

So, the a-level module does its things and at the end of it all, it saves that output to an in-memory storage that anyone interested in can access.

But this means that I can’t really call everything that I’d want because once the a-level module is done running its internals, it’s over.

This also means that I’d need my a-level modules to run first, just to ensure that the u-level modules actually have data to work with. This is incompatible with what I currently have.

Given all these issues, what is a pattern or a solution that I can use or rather, how should I think about things when writing my modules?

I was thinking that, even if I believe PHP doesn’t allow it, maybe “attach credentials” to every important call that’s made:

enter image description here

But then again, this still requires me to do a check on every call.

I guess, really, I’m looking for a way to establish identity and it being handled automatically when making calls.

I know this is already extremely long, but an example would be an a-level module that deals with generating suggestions based on the application’s ever-changing state with possibly sensitive data, let’s call this SuggestionsModule. Now, if I allow everyone to have access to SuggestionsModule\Register\addSuggestion, I give everyone the possibility to add suggestions, **unless I add a check for this exactly addSuggestion and here the problem becomes even worse: at times, these sub-module’s functions will have checks on their own. What if a sub-module is fine to load for user-level, then I hit a function that’s very sensitive?

how to allow Inline css tag?

I am unable to use inline css in ckeditor wyswig for full html . In Allowed HTML tags i have added but the tag “style” get removed in ckeditor and appears as in finally render of the page .how can i get be rendered.

I am trying to use <span style="font-size:1.5em; line-height: 1.5em;>Content </span> but it appears as <span>Content</span>.

Are email Attachments technically always inline, or does macOS Mail not allow conventional, non-inline attachments?

In macOS mail, you are forced to attach files inline in the message. I am aware you can enable “Always Insert Attachments at End of Message” in the menubar’s Edit menu, but I understand this still leaves the attachment inline. Even when an image or PDF is shown as an icon at the end of the message in macOS Mail, the recipient ends up seeing the attachment as a huge inline image.

Is there an actual difference in “inline” vs. “non-inline” attachments in email protocol? Or are do other apps technically attach things inline at the end, just visually showing it differently?