Subject Re: [IBO] Please help me
Author Helen Borrie
At 02:32 AM 12/02/2005 +0000, you wrote:

> > Yes. You will also get the InsertSQL prepared if you scroll a live
>dataset past EOF.
>What do you mean by live dataset? I dont have my RequestLive property
>set to True.

You get a live dataset, i.e. one that gives access to the underlying tables
for inserting, updating or deleting, in two ways, either:

1. Set RequestLive true; or
2. Set the XXXXXSQL properties.

Setting RequestLive true won't work on joined sets, selectable stored
procedures, sets got by a Group query or non-updatable views. The purpose
of the XXXSQL properties is to give you ways to make them act as if they were.


> > Going by some of your earlier confused posts about the way dataset
>state is automated.....where you want some users to be able to update
>datasets while others can't - define a Boolean property of the form or
>datamodule that can be set at connection time to condition what specific
>users/roles are allowed to do. Assuming you use roles, or you set up user
>privileges with enough granularity, your code can read this property at
>any time and make decisions according to its value.
>How do i do this?

Read the documentation for SQL privileges - this is a database thing, not
an IBO thing. A role is a package of privileges that can be GRANTed to one
or more users. Don't grant any other privileges to those users, or to PUBLIC.

At login time, the user must log in with both the user name and the role.

>That IBO will know what previlidges are allow to the user/roles?

No, of course IBO won't know that. But one assumes that you do. IBO
doesn't need to know. The server will simply return an exception if that
user tries to log in without the role.

IBO does support ROLE at login. See the SQLRole property of TIB_Connection.

So, for example,
MyDatamodule = class(TDataModule)


FIdiotProtect: Boolean;
procedure SetIdiotProtect (Value: Boolean);
property IdiotProtect: Boolean read FIdiotProtect write SetIdiotProtect;


procedure MyDataModule.SetIdiotProtect (Value: Boolean);
FIdiotProtect := Value;

Once you implement the SetIdiotProtect procedure, you can read the SQLRole
property at connect time and set the internal variable FIdiotProtect
accordingly. Then your application can read the property IdiotProtect from
anywhere, e.g. in the Create method of a dataset that you want to protect:

if not IdiotProtect then
// proceed to apply strings to the XXXSQL properties, or to set
RequestLive true