Progress
Results Administration
and Development Guide


Application Security

Application security restricts access to functional units in the Results application and application resources. You can control user access to applications in two ways:

By default, all users can access and use all Results features and can read queries from and write queries to any other query directory or public query directory. However, Results allows you to determine access to features by user ID, and you can protect query directories using Results features. Features are functional units in Results that you decide whether to make available to users. Most features are attached to menu options or buttons on the tool bar. See "Results Features," for information about the standard features supplied with the Results product. For information about users and user IDs, see the "User IDs" section in this chapter.

Feature Security

The Results security mechanism reconfigures the application interface for each user based upon that user’s permissions. The interface reconfiguration occurs when the user starts Results. When the user does not have permission to use a feature, Results configures the application interface for the user in the following manner:

Results stores the user permissions for all features in the current QC7 file. To access and change the user permissions for a feature, choose Query Site Admin Feature Security. The Feature Security dialog box appears:

The features in the Features selection list are either Results core features or add-on features created by your organization or a third party. See "Results Features," for more information about a particular feature in Results.

To set user permissions for a feature, select a feature in the Features selection list, then edit the setting that appears in the User List. A user list is a comma-separated list of the user ID specifications. A user ID specification is a string expression that specifies one user ID or a group of user IDs.

NOTE: You must define feature for security for all the features. You cannot define one feature and use the defaults for the others.

Table 2–1 shows the forms of a user ID specification.

Table 2–1: User ID Specifications 
Specification
Meaning
*
All users can execute the feature.
userid
A specified user can execute the feature.
!userid
A specified user cannot execute the feature.
string*
User IDs that begin with string can execute the feature.
!string*
User IDs that begin with string cannot execute the feature.

If the user list for a feature contains multiple user ID specifications, you must separate the user ID specifications with commas. Do not insert blanks between the user ID specifications. Table 2–2 provides some examples of user ID specifications in a user list.

Table 2–2: User List Examples 
User List Example
Description
fred,ida,wilma,delmer
Only fred, ida, wilma, and delmer can execute the feature.
!per,!jan,*
Users per and jan cannot execute the feature. Everyone else can.
doc*,dev*
Only user IDs that begin with the strings “doc” and “dev” can execute the feature.
!mark*,!acct*,*
User IDs that begin with the strings “mark” and “acct” cannot execute the feature. Everyone else can.

NOTE: The second and fourth user list examples in Table 2–2 show how to exclude certain users from accessing a feature. It is important to note that the trailing asterisk (*) in both examples allows all other users to access the feature. If you do not specify the trailing asterisk, then no user will be able to access the feature.

When you finish assigning user lists for features, choose OK to write the feature security settings to the current QC7 file and exit the Feature Security dialog box.

Query Directory Security

By default, all users can read queries from and write queries to another user’s query directory or the public query directory. Results provides several features that allow you to determine user access to query directories using the Query Open, Query Save, and Query Save As menu options. These features are: ReadOtherDirectory, ReadPublicDirectory, WriteOtherDirectory, and WritePublicDirectory.

NOTE: Results security does not override any operating system permissions for the query directories.

Use the Feature Security capability to set user permissions for these features and secure user access to query directories. See the previous section, "Feature Security," for more information about how to set user permissions for a feature.


Copyright © 2004 Progress Software Corporation
www.progress.com
Voice: (781) 280-4000
Fax: (781) 280-4095