At 12/27/2001 07:45 AM (Thursday), Govindkrishna wrote:

>For e.g. I am writing a inventory program. My parts master has 120 fields.
>Based on the users/department and authorisations.
>I build up an SQL statement which will return only the appropriate fields.
>Authorisations etc. are user configurable.
>With this scheme the front end just displays all the fields that are returned.
>So how do we do this in IB.

You might also consider defining a set of views, then map the user/auth
combination to the appropriate view to get the columns that are needed. Of
course, this depends on how dynamic the sets of columns are. Most
applications I have implemented with these sorts of variations only end up
with about half a dozen different sets of columns. Picking one from a half
dozen available views is not too hard, even if the user/dept/authorization
combinations are complex.

You might also want to investigate ROLES in your scheme for grouping
combinations of user/dept/authorization. Here you might allow your client
to create user/dept combinations which map to a predefined set of
authorization categories. Then given the authorization category you can map
to a set of views which are appropriate. To really make security work well,
make the authorization categories map one-to-one to IB ROLES which are
predefined. Then grant the SQL access to the views to the roles which use them.