| Subject | Re: Please help me |
|---|---|
| Author | james_027 |
| Post date | 2005-02-12T05:19:55Z |
Hi Helen,
Everything on the server side is already setup. I just run into
troubles on the client side.
every role? If that's what iam going to do I think there no need to
set the priviledge on the server side. My problem is that when a user
without a insert priviledge by just opening the dataset produce an
error because of the preparing of the xxxsql properties set. But I
understand that I won't allow him to insert when he tries to. So I
wish to avoid the preparing of the xxxsql properties.
James
> You get a live dataset, i.e. one that gives access to the underlyingtables
> for inserting, updating or deleting, in two ways, either:I see. Thanks.
>
> 1. Set RequestLive true; or
> 2. Set the XXXXXSQL properties.
>
> Read the documentation for SQL privileges - this is a databasething, not
> an IBO thing. A role is a package of privileges that can be GRANTedto one
> or more users. Don't grant any other privileges to those users, orto PUBLIC.
>role.
> At login time, the user must log in with both the user name and the
Everything on the server side is already setup. I just run into
troubles on the client side.
>that
> >That IBO will know what previlidges are allow to the user/roles?
> No, of course IBO won't know that. But one assumes that you do. IBO
> doesn't need to know. The server will simply return an exception if
> user tries to log in without the role.TIB_Connection.
>
> IBO does support ROLE at login. See the SQLRole property of
>SetIdiotProtect;
> So, for example,
> ....
> type
> ...
> MyDatamodule = class(TDataModule)
>
> ..........
>
> private
> FIdiotProtect: Boolean;
> procedure SetIdiotProtect (Value: Boolean);
> ....
> public
> property IdiotProtect: Boolean read FIdiotProtect write
> ....SQLRole
>
> implementation
>
> procedure MyDataModule.SetIdiotProtect (Value: Boolean);
> begin
> FIdiotProtect := Value;
> end;
> ...
>
> Once you implement the SetIdiotProtect procedure, you can read the
> property at connect time and set the internal variable FIdiotProtectIdiotProtect from
> accordingly. Then your application can read the property
> anywhere, e.g. in the Create method of a dataset that you want toprotect:
>Do you mean to say that I have to customize the xxxsql properties for
> ..
> if not IdiotProtect then
> begin
> // proceed to apply strings to the XXXSQL properties, or to set
> RequestLive true
> end
>
every role? If that's what iam going to do I think there no need to
set the priviledge on the server side. My problem is that when a user
without a insert priviledge by just opening the dataset produce an
error because of the preparing of the xxxsql properties set. But I
understand that I won't allow him to insert when he tries to. So I
wish to avoid the preparing of the xxxsql properties.
James