D3 and mvBase

 View Only
  • 1.  restricting write access

    Posted 09-30-2022 08:40
    Hi, all. I used to work for a Rocket UniData client who was able to restrict permissions on production in such a way that for designated production logins, it was not possible to write to disc. One could use the editor, but not file the record; no compiles or catalogs; no file creation; etc. Is there a documented way of setting up this feature? [It has obvious implications for SOX compliance.]

    ------------------------------
    Ken Cibelli
    developer
    Rocket Forum Shared Account
    ------------------------------


  • 2.  RE: restricting write access

    Posted 09-30-2022 09:47
    Hi Ken,

    In MvBase, the Account Definition item has 2 ways of restricting write
    access:
    1. The account itself - i.e. everything inside it can have restrictive
    Privilege codes such as SYS0, SYS1, SYS2, etc., which can be used in a
    Q-Pointer for specific user to restrict read, write, and so on.
    2. The L/RET and L/UPD (the clue is in the name) must match the L/RET
    and/or the L/UPD attributes in the user access definition item, else access
    and/or Updates simply don't work for that user.

    It's all in the manuals somewhere, and works at Account, User, and File
    (both Data and Dicts) levels. Else write some code to restrict particular
    items with Port, User, Date, Time, and so on restrictions.
    For System commands, look up CREATE-ACCOUNT, it's all in there :-)

    Have Fun,

    Merry

    --
    +44 (0)7774212819
    07774212819
    https://www.linkedin.com/in/merryplayer
    https://www.merryplayer.com




  • 3.  RE: restricting write access

    Posted 09-30-2022 09:52
    much appreciated, Marty. Studying up.

    ------------------------------
    Ken Cibelli
    developer
    Rocket Forum Shared Account
    ------------------------------