Kbase P78859: Dyn 2.1A: Security for modify action ignored with thin client when table-io type is save
| Autor |
Progress Software Corporation - Progress |
| Acesso |
Público |
| Publicação |
21/05/2004 |
|
Status: Unverified
FACT(s) (Environment):
Dynamics 2.1A
SYMPTOM(s):
Security Allocation for 'modify' action is ignored
Thin client session (with AppServer)
The toolbar is of 'save' table-io type (not 'update')
Dynamics 2.1A02
CAUSE:
Known issue, dev aware. With a thin client session, the Modify action seems to work even when restricted and when the toolbar is of table-io type 'save'. Note that other actions like 'add' and 'delete' do not hit this problem.
FIX:
Solution is to run the following before super in InitializeObject of a restricted viewer. This seems to make the restriction on the modify action be taken into account:DEFINE VARIABLE hContainerSource AS HANDLE NO-UNDO.
DEFINE VARIABLE cLogicalContainerName AS CHARACTER NO-UNDO.
DEFINE VARIABLE cContainerRunAttribute AS CHARACTER NO-UNDO.
DEFINE VARIABLE cSecurityOptions AS CHARACTER NO-UNDO.
{get ContainerSource hContainerSource}.
{get LogicalObjectName cLogicalContainerName hContainerSource}.
{get RunAttribute cContainerRunAttribute hContainerSource}.
RUN tokenSecurityCheck IN gshSecurityManager
(cLogicalContainerName, cContainerRunAttribute, OUTPUT cSecurityOptions).
Please see Issue# 20040503-004 on www.possenet.org for more details.