Path: utzoo!attcan!utgpu!jarvis.csri.toronto.edu!rutgers!tut.cis.ohio-state.edu!ucbvax!pasteur!helios.ee.lbl.gov!nosc!cod!dberg
From: dberg@cod.NOSC.MIL (David I. Berg)
Newsgroups: comp.databases
Subject: Re: Restricting access to Informix tables
Summary: A permissions table
Message-ID: <1537@cod.NOSC.MIL>
Date: 23 May 89 15:13:06 GMT
References: <1080@investor.UUCP> <1092@altos86.UUCP> <1347@infmx.UUCP>
Organization: Naval Ocean Systems Center, San Diego
Lines: 23

In article <1347@infmx.UUCP>, aland@infmx.UUCP (Dr. Scump) writes:
> In article <1092@altos86.UUCP> jon@altos86.UUCP (Jonathan Ma) writes:
> >In article <1080@investor.UUCP> news@investor.UUCP ( Bob Peirce) writes:
> >>We have a database we want to keep most people from updating or
> >>inserting except under controlled circumstances; ie, No from sperform,
> >>but YES from a 4GL data entry program.  
> >>-- 

As inelegant as it may seem to be, we solved the problem by adding a
permissions table to the database.  Each row represents a user; each
column represents a "functional" application.  The column values can
be from a domain as simple as Y or N to as complex as a set of values 
for different levels of permissions.  The 4GL program obtains UID upon
entry and reads the row in the permission table corresponding to that
UID into an array in the program.  Each functional application checks
its appropriate entry in the array to see if the user has permission
to execute it.

-- 
David I. Berg (dberg@nosc.mil)
GENISYS Information Systems, Inc., 4250 Pacific Hwy #118, San Diego, CA 92110
MILNET: dberg@nosc.mil
UUCP:   {akgua decvax dcdwest ucbvax}!sdcsvax!noscvax!dberg