Consultor Eletrônico

Status: Verified

SYMPTOM(s):

Errors running r-code after security change.

Security change opened access to tables for user.

** Insufficient access privilege for table <table>. (234)

QUERY-OPEN for query <name> requires a previous QUERY-PREPARE. (7312)

Cannot run GET methods on query <name> until it is opened. (7313)

Insufficient permission to read buffer field <name>. (7364)

Error: Invalid access to change security for <file name> File. (499)

Error: Insufficient access privilege for table <name>. (978)

FACT(s) (Environment):

All Supported Operating Systems
Progress 8.x
Progress 9.x
OpenEdge 10.x

CAUSE:

PROGRESS supports compile time security by default. With few exceptions, the security created through the security administration tools (Data Administration / Admin / Security) is ignored when running a compiled .r program. The r-code does not contain any security information. If you run the code in .p form, it will preserve the data security that was created on your database and report a message. (See exceptions below).

An exception to that is when the tables involved are metaschema tables. In that case, the enforcement might be done at runtime in some cases. You might encounter errors (499) and (978) when accessing some metaschema tables that you have no access to.
Another exception is when the r-code contains dynamic queries referencing tables that your user id has no access to. In this case some or all of the errors (234), (7312), (7313) and (7364) will be generated.
A third exception is when the "Use Runtime Permissions Checking" database security option is checked. In this case, the user permissions are checked in both compile and runtime.

FIX:

You must compile this code and then run the .r. Your application will have to control the security at run-time. To run r-code that references database tables, the user id running this code must have access privileges to these tables.