Login

Consultor Eletrônico



Kbase P7192: 4GL/ABL: How to programmatically assign a Progress database security administrator?
Autor   Progress Software Corporation - Progress
Acesso   Público
Publicação   8/16/2010
Status: Verified

GOAL:

4GL/ABL: How to programmatically assign a Progress database security administrator?

GOAL:

How to programmatically make a user a database security administrator using 4GL/ABL?

GOAL:

How to add a user to a 9.x Database Security Administrator list without using the Data Administration Tool?

FACT(s) (Environment):

All Supported Operating Systems
Progress 9.x
OpenEdge Category: Language (4GL/ABL)

FIX:

The following 4GL code creates a user and grants him/her Security Administrator privileges for the currently attached Progress 9.x database. To avoid duplicating the userid in the database security administrator list, the code uses the 4GL CAN-DO function to check if the user has already been granted a privilege before granting that privilege. These are the same privileges granted to a Database Security Administrator added using the Data Dictionary's Data Administration Tool. Specifically, the Progress 9.x Database Security Administrator is granted the following permissions:
_File Table:
Write permission on the _File._Can-read field
Write permission on the _File._Can-write field
Write permission on the _File._Can-create field
Write permission on the _File._Can-delete field
_Field Table:
Write permission on _Field._Can-read field
Write permission on _Field._Can-write field
_User Table:
Create permission on the _User table
Delete permission on the _User table
DEFINE VARIABLE SecAdmin AS CHARACTER NO-UNDO.
CREATE _User.
ASSIGN _User._Userid = "Alpha"
_User._Password = ENCODE("Alpha")
_User._User-Name = "Alpha"
SecAdmin = _User._Userid.

/* Grant necessary permissions on _File table */
FIND DICTDB._File "_File" WHERE DICTDB._File._Owner = "PUB".
/* Grant Write permission on _File._Can-read */
FIND DICTDB._Field "_Can-read" OF _File.
IF NOT CAN-DO(_Field._Can-write,SecAdmin) THEN
ASSIGN _Field._Can-write = _Field._Can-write + "," + SecAdmin.
/* Grant Write permission on _File._Can-write */
FIND DICTDB._Field "_Can-write" OF _File.
IF NOT CAN-DO(_Field._Can-write,SecAdmin) THEN
ASSIGN _Field._Can-write = _Field._Can-write + "," + SecAdmin.
/* Grant Write permission on _File._Can-create */
FIND DICTDB._Field "_Can-create" OF _File.
IF NOT CAN-DO(_Field._Can-write,SecAdmin) THEN
ASSIGN _Field._Can-write = _Field._Can-write + "," + SecAdmin.
/* Grant Write permission on _File._Can-delete */
FIND DICTDB._Field "_Can-delete" OF _File.
IF NOT CAN-DO(_Field._Can-write,SecAdmin) THEN
ASSIGN _Field._Can-write = _Field._Can-write + "," + SecAdmin.
/* Grant necessary permissions on _Field table */
FIND DICTDB._File "_Field" WHERE DICTDB._File._Owner = "PUB".
/* Grant Write permission on _Field._Can-read */
FIND DICTDB._Field "_Can-read" OF _File.
IF NOT CAN-DO(_Field._Can-write,SecAdmin) THEN
ASSIGN _Field._Can-write = _Field._Can-write + "," + SecAdmin.
/* Grant Write permission on _Field._Can-write */
FIND DICTDB._Field "_Can-write" OF _File.
IF NOT CAN-DO(_Field._Can-write,SecAdmin) THEN
ASSIGN _Field._Can-write = _Field._Can-write + "," + SecAdmin.
/* Grant necessary permissions on _User table */
FIND DICTDB._File "_User" WHERE DICTDB._File._Owner = "PUB".
/* Grant Create permission on _User */
IF NOT CAN-DO(_File._Can-create,SecAdmin) THEN
ASSIGN _File._Can-create = _File._Can-create + "," + SecAdmin.
/* Grant Delete permission on _User */
IF NOT CAN-DO(_File._Can-delete,SecAdmin) THEN
. ASSIGN _File._Can-delete = _File._Can-delete + "," + SecAdmin.
.