| Subject | RE: [IBO] Roles & Permissions |
|---|---|
| Author | Alan McDonald |
| Post date | 2003-04-04T15:45:07Z |
Norman,
it may well work, if the role in fact, still has grant all permissions. but
if the role does not have all permissions, IBO appears to try to prepare
editable statements. It kind of defeats setting permissions on the server at
all if all the protection is set on the client. And if this users role still
needs all the server permissions, what would stop them logging on as the
other role?
I don't quite undestand this
Alan
-----Original Message-----
From: Norman Dunbar [mailto:norman.dunbar@...]
Sent: Saturday, 5 April 2003 1:36 AM
To: 'IBObjects@yahoogroups.com'
Subject: RE: [IBO] Roles & Permissions
Alan,
officially, I have no idea, but unofficially :
can you trap the role being used (TIB_Connection.SQLRole ?) and if the one
in question is found, set all the queries and/or transactions ReadOnly
property to true ? The help for TIB_Transaction says that setting this to
true propogates to all data sets connected to the transaction.
I don't (yet) use roles, and I have not had anything like this problem
before, but it might just work. I've just tested setting a transaction to
read only and it does indeed stop my update bars from allowing me to
add/edit/delete - so it could be what you are after.
HTH
Cheers,
Norman.
-------------------------------------
Norman Dunbar
Database/Unix administrator
Lynx Financial Systems Ltd.
mailto:Norman.Dunbar@...
Tel: 0113 289 6265
Fax: 0113 289 3146
URL: http://www.Lynx-FS.com
-------------------------------------
This email is intended only for the use of the addressees named above and
may be confidential or legally privileged. If you are not an addressee you
must not read it and must not use any information contained in it, nor copy
it, nor inform any person other than Lynx Financial Systems or the
addressees of its existence or contents. If you have received this email
and are not a named addressee, please delete it and notify the Lynx
Financial Systems IT Department on 0113 2892990.
___________________________________________________________________________
IB Objects - direct, complete, custom connectivity to Firebird or InterBase
without the need for BDE, ODBC or any other layer.
___________________________________________________________________________
http://www.ibobjects.com - your IBO community resource for Tech Info papers,
keyword-searchable FAQ, community code contributions and more !
Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
it may well work, if the role in fact, still has grant all permissions. but
if the role does not have all permissions, IBO appears to try to prepare
editable statements. It kind of defeats setting permissions on the server at
all if all the protection is set on the client. And if this users role still
needs all the server permissions, what would stop them logging on as the
other role?
I don't quite undestand this
Alan
-----Original Message-----
From: Norman Dunbar [mailto:norman.dunbar@...]
Sent: Saturday, 5 April 2003 1:36 AM
To: 'IBObjects@yahoogroups.com'
Subject: RE: [IBO] Roles & Permissions
Alan,
officially, I have no idea, but unofficially :
can you trap the role being used (TIB_Connection.SQLRole ?) and if the one
in question is found, set all the queries and/or transactions ReadOnly
property to true ? The help for TIB_Transaction says that setting this to
true propogates to all data sets connected to the transaction.
I don't (yet) use roles, and I have not had anything like this problem
before, but it might just work. I've just tested setting a transaction to
read only and it does indeed stop my update bars from allowing me to
add/edit/delete - so it could be what you are after.
HTH
Cheers,
Norman.
-------------------------------------
Norman Dunbar
Database/Unix administrator
Lynx Financial Systems Ltd.
mailto:Norman.Dunbar@...
Tel: 0113 289 6265
Fax: 0113 289 3146
URL: http://www.Lynx-FS.com
-------------------------------------
This email is intended only for the use of the addressees named above and
may be confidential or legally privileged. If you are not an addressee you
must not read it and must not use any information contained in it, nor copy
it, nor inform any person other than Lynx Financial Systems or the
addressees of its existence or contents. If you have received this email
and are not a named addressee, please delete it and notify the Lynx
Financial Systems IT Department on 0113 2892990.
___________________________________________________________________________
IB Objects - direct, complete, custom connectivity to Firebird or InterBase
without the need for BDE, ODBC or any other layer.
___________________________________________________________________________
http://www.ibobjects.com - your IBO community resource for Tech Info papers,
keyword-searchable FAQ, community code contributions and more !
Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/