limiting browse based on login?

Tom Aldridge toma at aldridgeinc.com
Wed Sep 2 12:50:51 PDT 2009 

Mark (Fairlight) responded to what Tom Aldridge wrote:
> 
> If they can ever get access to the shell or to full *clerk, all bets are
> off, as a qualified file is not "protected".
> 
[remainder snipped]

> mark->
> 

Mark,

Thanks for the words of caution as one can't argue with keeping things 
secure. A few things though about the set up:

1) Their local shell, if they got to one, is not on the server the 
filePro application resides on.
2) They don't know the name of the server it is on.
3) They don't know any login names for the server.
4) They don't interactively login to the server. They just click an icon 
and are presented with an inputpw popup in a terminal screen where they 
enter an ID that authenticates them against a filePro file, then the 
appropriate filePro application is presented, where they find themselves 
in a field on a screen or in a browse or whatever the processing table 
calls for.
6) I'm not seeing what difference it would make being in the "key" file 
vs a qualified file.
7) If they drop out (save the record, answer no to add or update another 
record, exit via screen prompt, whatever) the application closes and 
their session terminates.
8) Could they somehow drop to a shell on the filePro server while on a 
screen or in a browse lookup or answering a msgbox, etc.? Perhaps a dumb 
question.

I hope this reply did not fan any flames as that is not my intention.

Going back to the original posting, I just happen to like qualifiers for 
presenting only certain records for a number of  applications. An 
example is our inventory system. The office can maintain the main file's 
item descriptions, prices, etc. as well as activate/inactive items or 
disallow certain items for certain restaurants, or copy par levels for 
items to all locations or only to one. As these items are updated, 
added, deleted, etc. the qualifiers for the restaurants are updated. The 
managers then obviously have access to only their items and that's all 
they want anyway.

-or-

In the case of the poster, after logging in, have the user enter a 
unique identifier checked against a filePro file. Then use that 
identifier to copy the desired records to a qualified file. Then put the 
user at viewing, updating, whatever, only at those records.

-- 
Tom Aldridge
Aldridge, Inc.
1661 N Water St, Suite 205
Milwaukee, WI 53202
o (414) 271-5050 x24
c (262) 893-1124
f (414) 271-5225
toma at aldridgeinc.com

More information about the Filepro-list mailing list