Progress
Programming
Handbook
Checking for User IDs
This sections shows some examples of procedures that you can use to check for user IDs. The following procedure uses
_prostar.p
:
This procedure defines user access by first running the
_prostar.p
procedure before displaying the following main menu in a character environment.
![]()
Suppose you want to define, on a per procedure basis, the individuals who can run each of the Maintenance and Reporting menu procedures. You can use the CAN–DO function to check the user ID(s) established by
_prostar.p
. Thep-adcust.p
procedure allows you to enter customer information:
If you want to limit the use of this procedure to users with a user ID of manager or salesrep, you can modify the procedure as follows to include security checking:
p-adcus2.p
![]()
The first part of
p-adcus2.p
handles security checking that ensures the user is authorized to run the procedure. The CAN–DO function compares the values listed in the parentheses against the user ID attempting to run the procedure. If the user ID does not match any of the values listed, the procedure displays a message and exits. If the user ID does match one of the values, the procedure continues executing.The ID list you provide in the CAN–DO function is a comma-separated list of user ID tokens. You can use tokens to indicate specific users who have or do not have access. Table 14–1 lists the types of tokens you can specify.
For more information on the CAN–DO function, see the Progress Language Reference .
You can also use the USERID function to check user IDs in a procedure. Use this function when you want to allow only one user ID access to a procedure:
p-adcus3.p
![]()
If the user ID of the user running the procedure is not manager, the procedure displays a message and exits. If the user ID is manager, the procedure continues.
If you use either the CAN–DO function or the USERID function to compare the user ID of a user with one or more user IDs you include in a procedure, you must modify and recompile that procedure whenever you change the user IDs allowed access to it. You can avoid having to make these changes by building a permissions table for activities in your application.
NOTE: If you connect to more than one database, the USERID function requires a logical database name and the CAN–DO function requires a user ID qualification. For more information on multiple-database considerations, see Database Access."
Copyright © 2004 Progress Software Corporation www.progress.com Voice: (781) 280-4000 Fax: (781) 280-4095 |