What's the best way...
Kogan, Arthur
akogan@westpac.com.au
Fri, 19 Mar 1999 09:55:54 +1100
This message is in MIME format. Since your mail reader does not understand
this format, some or all of this message may not be legible.
------_=_NextPart_000_01BE7193.56F57C54
Content-Type: text/plain;
charset="iso-8859-1"
I agree, Blue. This type of functionality is quite common. In my experience,
this is mostly commonly handled by creating screen duplicates with most of
the code kept in use files, such as...
screen read_write ...
use the_rest
and
screen read_only activities find ...
use the_rest
Note: using this technique, you need to be careful, when adding procedures
to do with update (e.g. entry, update, delete, preupdate, postupdate,
preentry, append, field edit etc...) I have not tried this, but I suspect
Quick disallows changes, by generating appropriate default procedures, such
as
PROCEDURE UPDATE
DISABLE
I am not sure, what would happen, if the "activities find" screen contains a
user designed UPDATE procedure, which updates files. Bob, can you enlighten
us please?
It would be VERY handy to be able to run the same screen in 2 modes.
Regards,
Arthur Kogan
Westpac Financial Services
Sydney, Australia
> -----Original Message-----
> From: Robert J.M. Edis [SMTP:Robert.Edis@creatcomp.com]
> Sent: Friday, 19 March 1999 12:50 AM
> To: 'powerh-l@lists.swau.edu'
> Subject: RE: What's the best way...
>
> Chris
>
> I'm a little bit puzzled by your statement that quick has to open the
> file/table in read/write mode. Security can be implemented on many
> levels,
> at least in a VMS environment. The first level of write prevention I
> would
> use on the table is a RIGHTS IDENTIFIER on the file or table. If the user
> only has read privileges to the file, it doesn't matter what security you
> put in the Quick screen. However, a dumb user will not find out they
> don't
> have ENTRY,CHANGE or DELETE capability until they try to perform a screen
> update. Then they will get a nasty message from the file system.
>
> I think the simplest way is the conditional compile method and use the ASC
> at the menu level to select which QKC to run. This PLUS the RIGHTS
> IDENTIFIER of course. Someone already stated that an enterprising user
> will
> find a way around the screen security.
>
> If you have the case where different users are allowed to update different
> fields then you will be forced to perform an ASC check in an EDIT
> procedure
> for each screen field plus the PREUPDATE procedure.
>
> Contrary to Bob's observation about the extent of usage for these methods,
> I
> have seen them used extensively on at least three large systems.
>
> Blue
> PowerHouse consultant
> Rhode Island, USA
>
> Disclaimer:
> The opinions and ideas expressed in this message are my own and have no
> relationship to my current employer, Initial Technical Staffing, its
> client
> CCI, or any of CCI's clients.
>
>
>
> -----Original Message-----
> From: Chris Sharman [SMTP:Chris.Sharman@ccagroup.co.uk]
> Sent: Thursday, March 18, 1999 6:59 AM
> To: Bob.Deskin@Cognos.COM
> Cc: Chris.Sharman@ccagroup.co.uk; powerh-l@lists.swau.edu
> Subject: RE: What's the best way...
>
> >This sort of need doesn't come up very often which is why we don't
> have mode
> >based security. It's been a nice to have but not a killer.
>
> Well, nearly everyone seems to have their own fixes, of varying
> nastiness.
> Even when you've done all that procedural coding (which we all
> bought
> Powerhouse in order to avoid), you still have to give write access
> to the data
> to all the readers to allow Quick to open the files, so the
> knowledgeable can
> still exploit that to alter/trash the data by other means if you're
> not careful.
>
> There's a lot to be said for having Quick work in readonly mode when
> it can't
> open the data files read/write. That would get rid of all this
> horrible code
> and the potential security hole, and give us all screens that worked
> either
> way. To preserve existing behaviour you could add an "ALLOWREADONLY"
> keyword or
> similar to the screen or file statement.
>
> "Nice to have" is what it's all about with a premium product, I
> think.
>
> BTW, nice to see REVERSE is present in all 8.x components: any other
> corrections to my post of gains & losses for VMS 7->8 ?
>
> Chris
>
> ______________________________________________________________________
> Chris Sharman Chris.Sharman@CCAgroup.co.uk
> CCA Stationery Ltd, Eastway, Fulwood, Preston, Lancashire, PR2 9WS.
> = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =
> = = = =
> Subscribe: "subscribe powerh-l" in message body to
> majordomo@lists.swau.edu
> Unsubscribe: "unsubscribe powerh-l" in message to
> majordomo@lists.swau.edu
> powerh-l@lists.swau.edu is gatewayed one-way to
> bit.listserv.powerh-l
> This list is closed, thus to post to the list, you must be a
> subscriber.
> = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =
> =
> Subscribe: "subscribe powerh-l" in message body to
> majordomo@lists.swau.edu
> Unsubscribe: "unsubscribe powerh-l" in message to majordomo@lists.swau.edu
> powerh-l@lists.swau.edu is gatewayed one-way to bit.listserv.powerh-l
> This list is closed, thus to post to the list, you must be a subscriber.
------_=_NextPart_000_01BE7193.56F57C54
Content-Type: application/ms-tnef
Content-Transfer-Encoding: base64
eJ8+IgcXAQaQCAAEAAAAAAABAAEAAQeQBgAIAAAA5AQAAAAAAADoAAEIgAcAGAAAAElQTS5NaWNy
b3NvZnQgTWFpbC5Ob3RlADEIAQSAAQAbAAAAUkU6IFdoYXQncyB0aGUgYmVzdCB3YXkuLi4ASQgB
CYABACEAAABBQTA3NzNBRDgxREREMjExODg0QzAwMDA4MzY4MzU2NwD2BgEggAMADgAAAM8HAwAT
AAoAAgAEAAUAAQEBBYADAA4AAADPBwMAEwAJADcANgAFAGcBAQ2ABAACAAAAAgACAAEDkAYAQBEA
ACsAAAALAAIAAQAAAAMALgAAAAAAQAA5AIC/gXqScb4BHgBwAAEAAAAXAAAAV2hhdCdzIHRoZSBi
ZXN0IHdheS4uLgAAAgFxAAEAAAAbAAAAAb5xSI8a6WoOw90QEdKeGwAA9rj6EQASAhywAAIBCRAB
AAAAUwwAAE8MAABaFwAATFpGdYfCfikDAAoAcmNwZzEyNdIyAPszNgHoIAKkA+MJAgBjaArAc2V0
MB4gBxMCgwBQEFZwcnHeMhFZDlAD1RFlfQqACMjsIDsJbw4wNRV/CmACgNkKgXVjAFALA2MAQQtg
Im4OEDAzMwumIElEIGEJwiwgQgpBLgggVGgEACB0eXAAZSBvZiBmdW5YY3RpAiAHQGkbYCC5GzFx
dRyAG5AFoG0EYCpuGvBJA6BtHKBleO8bgAiBHAAagXQbIhsxBGB4c3RsHKAdVB+xEOBuZGRsCYAg
Yh/BFuBhGxwgGTAgBPEJ4SBkdf8LUA3gIVAHkQPwHvAfYxuixx7wHTIBACBrZQUxC4B8IHUREBvQ
AxAHkBqQc+MYQCMAYXMuJdAKogqExwqAIbUhMWRfdwUQHSH3JdcksiOhXxbgH5AmCiCB3yYPJxUg
IwDQHCB2HIAIkD8EICTwIJAn3yjvKiROb/0dIDokoSFyHvMdIBDQAwDLHPAagXkIYCBuCeAg0Dx0
byDgHTEKwAEQdWzdGpB3I7ADoCdQZCFyEqDebx6wIiAo8TGiZDHAItOlIjBkIoEgKBrgZxrw8Qnw
dHJ5GpA0xBqQAQDXILA2QhKgZTYGcB+BNzfzCdI1s2FwG4AgkBqQJPCfNpAg0AmAHIAeIHRjJdHW
KRoREOB2G5BuL3AbUM8IgTGRGyEakGJ1BUAaIE0lYHMbgBwQIFEdAGPeayIQBAAHQAkAdwQgENHf
GTAlIiDxPlAxYHIhVDkR3wNgEqAHMB0hAQFhMmAFQA8zaCVHCuMqZlBST0MARURVUkUgVVAwREFU
RSolAZEgROBJU0FCTEO2KjMaIf5tOyMlYBbgMoIhUCLACGC/OcEQ4DkiGpAGkCOTIiv9viIhpgWg
AjALcQQgYSSi9wXAAQAAkGcxYCDQQ2QzWD8ygg3gNKYsgiURGvBCb35iGpAicAOgMSIJ8BxwZz5o
HSAkkjNQILAlsGU/Dy5PRTZGxjHhVkVSWb8gYxygMbQBoCCwMaJyG/D/I5M9kAeAIaYkgRLQBGIl
wPEqKlJlZwsRJTAqKgcQ4x7wCHAgS29WcAuQKjPGVykBCrBjIEYLgABw/mMHMQZSLDAesBCgKjMG
sHZkMWA10UEksDWwHGFh/1A+CzAccA8xGMEBQDNhMHFDKSAR8zE2IC1egk/tBRBnWUEDIE0HkD2Q
PlA/XoMqJl2UXWELE12WaS0YMTQ0AUAccDE4MK8BQAzQYiNEUEYDYToMgx5iEUAIADHgACAgSi4K
TRrwRT1xIFtTTahUUDpkRC5lAkAhI+kdUXAuHVFdKiVEUAZgNwIwY7djcGk04DXRMTk/BdAKwCWB
aTBp0GkgMjpKNRFBTWdXVG9jtyeFN7B3BJBoLWxAHHCvH5AlwAPgQHAuM6EnZ1hYdWJqPNFjuEUv
oFd9RqEnG0EjsTHgI0Fs4Hn/Jdlgr13CXOYTkROSDAEqM9xDaAUQWkVFRSdF0EpQDxxxH6BvwToR
cHV6ev8gtTEhBcAfkCKBB4ACMB7h/0axHPE9QRDgM/M/wCHxI6F7KiQk8i8BkVNBJIEnMi/vJ4QE
YhrwBlFjCHEckU4S/zHhB3BPYXdCIMECIB3wAHD3HKAgsDsAbFa2RrFPciRjvUpQVgXhCfAsMANg
bndC/3thGxAk0hEAfrJ98RuiJ4T/NwE7AAIwHDEaEUbjLSh9UQcjonnlSjJSSUdIVAEF8ElERU5U
SUb+SVIgg+Yk8hugBcB543th/kkjhEpyKiQgJQQgJzIzUf8sISCwPlExooZmR6EFQDRA+QeQbicF
QADAAkBKkUaT/xEQe7UxISokdfAkYyOiPRTbIbR7YUhr8TsAcjjxIhH/BtBKZAPwPbA7IyyjCGB3
cn9a8DQxi4EqJDrjhaFSMCzgQ0hBTkdDQAWxhZD/RMBLkSJwCrB1sBxzG/AcIL8DIJGzNbExoh5R
AhBydQL/IbQtJTTTgHRTwxygkJM+UP8FQEpQHFAfkBygB4FfkhvQ8wNhhlhzeR+QdzAl+xog/R7x
bj1QU+N8k3AEHLIjpO8gkCxBHEIdQnCGsgeAHvCfBHAaMCzBLYURUFNDfkf/I6J3QTFAgUQxsREQ
ILA84XFMdFFLQ1NlgHMbMVD8TFUF8COihRRFRYWZG8DfBaAIcBEQe2IDcGUCIFMB/mwnMhygdvM7
skaxA5F88v5yP9Ev05BHeTYswUpQncL/CsAIYCzBU+MhxIyGm6wbwP8xIjrjI6NPkTKSFuA9YQEg
/6+xd2FKckoxr8E9ozGENMX/r/d5Njmxb4NONJCTMeGWcf8zkZYLA6Cg4T4BBZA9UH8y8wOgQwBJ
VDNYeTUFsSFAfyWBIbU5lAtQTzEjokLARf9LXiX7CFA1oQrAUqNNwW9x+03QSoF2IVF9UQGgkXUe
If9O8SNTJLCaI4byI7AkwZ+0/SUxSZJZERB41EXQJLE50f++0gCQffEcoL3yfrYe8AnR/3UwCsCa
MZtEVXwaskJla/J/j0AksknBJWBAkABwKSVSc5/hG5BJcxkROWGk0EG1KipEBABjC2EHgHJjsP8q
M4CiP8ALgBwxSjEswWjQ/0+BHiIo8cJijeMfQpn1sPL/HgE90LbCRyI7AyokFuALYPUcInMbIHAx
oh4Be7GwQ/N3MAtQb3mPkh3QLEFZof5UMIMicFmxAZABICFxivLHPfEccLK3Q0NJGpAFsf99khux
1TFvcdR0VXzXa0Qy/16PX55EMmN31hBz4gYAEOH3A4JlVHPTLtwlZmAicAnA4whgZvIudWtnRkQy
Z+dvGwGnAWjjaWU4aRJp4TY/ajBpQGp33+NrNE2yLkR1B5BrC4BACFBLAB+ALuRDT+IaQ2Pbad1f
3mT+OzehbA9tEt7abglu72//9UPYPhsTcwkRG6IxY4tG/x1Rh/HQ0I+B1dJO8kx0GzG/MqCYsUAh
kh0EYuyqYk+R/yDQrPcaEOsSMeAywjFQWhH/MaI64zwyOzJKUOPAPbAEkP/sP+rQNpAycTFgCsAf
sY9y/zEgp8HBscUw9TcjoX/wzsP9JPB4JSIbsb2wNcAhcSok35mCC4DZwSX2RDJFgmEylP0xISc7
AZIBsRN3hDNmnwP9MxMoTHTxAT2hVzS+MU7R/0PJxsOf4CSyJIEFsA7QhwHrMcA68G9o0CkxBPxR
kLH/rrQxwNlQOwEnhLigWiFaRf+KRTThW7ZEMgQS/vMbkCcy/7CyCLQ90D0FeIkk54pTVzT6azsw
dyCxPlBTI04RQ8n/BQQeMbFQOhF3kwizi/F50P8/ENCgB3cg4i9wr6GZ0cfg+x8hrlMnt9Y7MjIV
9s+Akv8W4OshdSE7QjHDPZAEcL+z7zrhIXI9FEbgcraTJzIgI/9VMjKTVzQ6EU4RkjbYgwsH/xDj
JPN6aTVw4CBGt5kiaMHf7fL+5HQGn+DRcGkNY/JM/6AiI6I3sL7iWZKMh5/gitL/oCIF408x/uK4
5OsyRrMXoP8NEFc0+kARckPJcDJrETby/72CvqJsgS/iMeAWsnayMSIPpuE5wTLxqSIiQUxMBE9X
QzBBRE9OTPxZIgxlWvAXgX0xJWqdMf+VUODQija45dWBmvR3BhPP/UggTvUJSTDwk0axlOAVMv+Q
sb4kNHOE8DcBLDCQAECyP//APODA15yTLo9NsFRX3/gh9QXBseqRUhFTQ0DwkY8mo3dhfzKQsTgu
eJ8j/6ex1sHqwNWzJT2m4NFxSFF/y+LQ9CDww/HuAVZwShImHxVxzRFI0dWBf4I3LT68OCBPzNuH
Q8hXNF9AL/dBP0JPQ19fPi7cFmPDRhX75c3VMEHm6eSqR8DTgtBi6e+STHTJIUV+8XAxwNDeRhOg
gwBVQMDQUDcxvND6bsDQTFlhEGH6UIrhukDRVRA5V1P8yj1OH08vf1A/UU1XNFHr6Ya44R8wZf3q
wCLHoFP156cwcX1hmfXfAcCoQbzQxcTcYGoDse8Q9m/oP/z3VceRU/isAFSf/1WsVt9X7/z3579s
9J3yO/B/siBwMX0j2hCdwlx2dbEu+2xzvZEuXyYUO/CRbHKd8v/KcORADRDA0KjgudKWITuC94pF
bHIEpG0DQPYgtJEH9f9ah/a2UU9qn2uvbL9R61Pf/1rfVf59cV0f6NlZj2+PW63/cd9d/F8vYD9h
SxEgYo9jl79kf2WPZp9np7jQaK59LzACAIKQAAMA/T9SAwAAHgBCEAEAAAA3AAAAPDU3MTk1MUYz
MzQ2N0QxMTFBMjhFMDBBMEM5OTgwOThGMTMwQTkzQGNyZWF0Y29tcC5jb20+AAALAACACCAGAAAA
AADAAAAAAAAARgAAAAADhQAAAAAAAAMAB4AIIAYAAAAAAMAAAAAAAABGAAAAABCFAAAAAAAAAwAj
gAggBgAAAAAAwAAAAAAAAEYAAAAAUoUAAHQQAAAeACSACCAGAAAAAADAAAAAAAAARgAAAABUhQAA
AQAAAAUAAAA4LjAyAAAAAAMAD4AIIAYAAAAAAMAAAAAAAABGAAAAAAGFAAAAAAAACwApgAggBgAA
AAAAwAAAAAAAAEYAAAAADoUAAAAAAAADAAyACCAGAAAAAADAAAAAAAAARgAAAAARhQAAAAAAAAMA
K4AIIAYAAAAAAMAAAAAAAABGAAAAABiFAAAAAAAAHgA6gAggBgAAAAAAwAAAAAAAAEYAAAAANoUA
AAEAAAABAAAAAAAAAB4AO4AIIAYAAAAAAMAAAAAAAABGAAAAADeFAAABAAAAAQAAAAAAAAAeADyA
CCAGAAAAAADAAAAAAAAARgAAAAA4hQAAAQAAAAEAAAAAAAAAAwAmAAAAAAADADYAAAAAAB4AMUAB
AAAADwAAAEtPR0FOQTREQ0I3ODM4AAADABpAAAAAAB4AMEABAAAADwAAAEtPR0FOQTREQ0I3ODM4
AAADABlAAAAAAAMAgBD/////AgH5PwEAAABiAAAAAAAAANynQMjAQhAatLkIACsv4YIBAAAABgAA
AC9PPVdFU1RQQUMvT1U9V0JDL0NOPVJFQ0lQSUVOVFMvQ049TVNNQUlMIEFERFJFU1NFUy9DTj1L
T0dBTkE0RENCNzgzOAAAAB4A+D8BAAAADgAAAEtvZ2FuLCBBcnRodXIAAAAeADhAAQAAAA8AAABL
T0dBTkE0RENCNzgzOAAAAgH7PwEAAABiAAAAAAAAANynQMjAQhAatLkIACsv4YIBAAAABgAAAC9P
PVdFU1RQQUMvT1U9V0JDL0NOPVJFQ0lQSUVOVFMvQ049TVNNQUlMIEFERFJFU1NFUy9DTj1LT0dB
TkE0RENCNzgzOAAAAB4A+j8BAAAADgAAAEtvZ2FuLCBBcnRodXIAAAAeADlAAQAAAA8AAABLT0dB
TkE0RENCNzgzOAAAQAAHMPAejZeQcb4BQAAIMFR89VaTcb4BHgA9AAEAAAAFAAAAUkU6IAAAAAAe
AB0OAQAAABcAAABXaGF0J3MgdGhlIGJlc3Qgd2F5Li4uAAALACkAAAAAAAsAIwAAAAAAAwAGEA3a
VPsDAAcQuw4AAAMAEBAAAAAAAwAREAEAAAAeAAgQAQAAAGUAAABJQUdSRUUsQkxVRVRISVNUWVBF
T0ZGVU5DVElPTkFMSVRZSVNRVUlURUNPTU1PTklOTVlFWFBFUklFTkNFLFRISVNJU01PU1RMWUNP
TU1PTkxZSEFORExFREJZQ1JFQVRJTkdTAAAAAJjA
------_=_NextPart_000_01BE7193.56F57C54--
= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =
Subscribe: "subscribe powerh-l" in message body to majordomo@lists.swau.edu
Unsubscribe: "unsubscribe powerh-l" in message to majordomo@lists.swau.edu
powerh-l@lists.swau.edu is gatewayed one-way to bit.listserv.powerh-l
This list is closed, thus to post to the list, you must be a subscriber.