Data level security

Data level security

My environment is Win95, PB6.5, and Sybase SQL Server 11.0x. The table consists of entity, center, account, name, dollars, and hours. I need to be able to restrict access to data based on values contained in entity and center. The application is developed and works correctly without the restrictions. The application will be used by multiple users with varying degrees of access. I thought about using views, but the datawindow is always username.view_name and I haven’t been able to set up username as a usable variable for passing to the datawindow. Where should I continue my search?

Your best bet will be to lay synonyms on the user accounts that point to either the tables or views. That way you get the most flexibility today and into the future. You will have to write a procedure that sets up your users and creates the synonyms. You could opt for public synonyms, but I’ve found the best way to go is with synonyms on each account.

Then in PB just call the synonyms from your datawindows and SQL. The sysnonyms point back to the real table or view in the master domain account.


Share the Post: