Progress
Language Reference


CAN-DO Function

Interfaces
OS
SpeedScript
All
All
Yes

Checks a string value against two types of comma-separated lists:

SYNTAX

CAN-DO ( id-list [ , string ] ) 

idlist

A constant, field name, variable name, or expression that evaluates to a list of one or more user IDs. If the expression contains multiple user IDs, you must separate the user IDs with commas. Do not insert blanks between the user IDs

Table 10 lists values you can use in idlist.

Table 10: Values to Use for ID Lists 
Value
Meaning
*
All users have access.
user
This user has access.
!user
This user does not have access.
string*
Users whose IDs begin with string have access.
!string*
Users whose IDs begin with string do not have access.

You can use any combination of values to define idlist, and you must separate the values with commas.

string

A character expression. The string is checked against idlist. If you do not enter string, the compiler inserts the USERID function that is evaluated each time you run the procedure. If the compiler inserts the USERID function, it does not reference a database name. If you use the USERID function and have more than one database connected, be sure to include the database name, for example, USERID “demo”.

EXAMPLES

The r-cando.p procedure is based on an activity permission table called permission. The permission table is not included in your demo database. However, the records in that table might look something like this.

Activity
Can-Run
custedit
manager,salesrep
ordedit
manager,salesrep
itemedit
manager,inventory
reports
manager,inventory,salesrep

In r-cando.p the FIND statement reads the record for the activity custedit in the permission table. (This assumes that a unique primary index is defined on the activity field.) The CAN-DO function compares the user ID of the user running the procedure with the list of users in the can-run field of the custedit record. If the user ID is manager or salesrep, the procedure continues executing. Otherwise, the procedure displays a message and control returns to the calling procedure.

r-cando.p
DO FOR permission:
  FIND permission "custedit".
  IF NOT CAN-DO(permission.can-run)
  THEN DO:
    MESSAGE "You are not authorized to run this procedure".
    RETURN.
  END.
END. 

In this next example, the CAN-DO function compares userid (the user ID for the current user) against the values in idlist. The values in idlist include manager and any user IDs beginning with acctg except acctg8. If there is no match between the two values, the procedure displays a message and then exits.

r-cando2.p
IF NOT CAN-DO("manager,!acctg8,acctg*")
THEN DO:
  MESSAGE "You are not authorized to run this procedure.".
RETURN.
END. 

In addition to performing security checks, you can use the CAN-DO function for looking up any value in a comma-separated list. For example, the following procedure searches your PROPATH for your DLC directory.

r-cando3.p
MESSAGE "The DLC directory " +
        (IF CAN-DO(PROPATH, OS-GETENV("DLC")) THEN "is" ELSE "is NOT") +
        " in your PROPATH.". 

NOTES

SEE ALSO

SETUSERID Function, USERID Function, VALIDATE Statement


Copyright © 2004 Progress Software Corporation
www.progress.com
Voice: (781) 280-4000
Fax: (781) 280-4095