Progress
Programming
Handbook


Checking for User IDs

This sections shows some examples of procedures that you can use to check for user IDs. The following procedure uses _prostar.p:

p-csmnu3.p
DEFINE VARIABLE selection AS INTEGER FORMAT "9". 
RUN _prostar.p. 
REPEAT: 
  FORM  SKIP(2)    "    M A I N M E N U" 
      SKIP(1)    "  1)  Add a new customer" 
      SkIP(1)    "  2)  Change customer Information" 
      SkIP(1)    "  3)  Display orders" 
      SKIP(1)    "  4)  Create mailing labels" 
      SKIP(1)    "  5)  Delete a customer" 
      SKIP(1)    "  6)  EXIT" 
  WITH CENTERED TITLE "Maintenance and Reporting". 
  UPDATE SKIP(2) SPACE(1) selection AUTO-RETURN 
      WITH SIDE LABELS. 
HIDE. 
      IF selection EQ 1 THEN RUN p-adcust.p. 
  ELSE IF selection EQ 2 THEN RUN p-chcust.p. 
  ELSE IF selection EQ 3 THEN RUN p-itlist.p. 
  ELSE IF selection EQ 4 THEN RUN p-rept6.p. 
  ELSE IF selection EQ 5 THEN RUN p-delcus.p. 
  ELSE IF selection EQ 6 THEN QUIT. 
  ELSE MESSAGE "Incorrect selection - please try again". 
END. 

This procedure defines user access by first running the _prostar.p procedure before displaying the following main menu in a character environment.

Suppose you want to define, on a per procedure basis, the individuals who can run each of the Maintenance and Reporting menu procedures. You can use the CAN–DO function to check the user ID(s) established by _prostar.p. The p-adcust.p procedure allows you to enter customer information:

p-adcust.p
REPEAT: 
  INSERT customer WITH 2 COLUMNS. 
END. 

If you want to limit the use of this procedure to users with a user ID of manager or salesrep, you can modify the procedure as follows to include security checking:

p-adcus2.p

The first part of p-adcus2.p handles security checking that ensures the user is authorized to run the procedure. The CAN–DO function compares the values listed in the parentheses against the user ID attempting to run the procedure. If the user ID does not match any of the values listed, the procedure displays a message and exits. If the user ID does match one of the values, the procedure continues executing.

The ID list you provide in the CAN–DO function is a comma-separated list of user ID tokens. You can use tokens to indicate specific users who have or do not have access. Table 14–1 lists the types of tokens you can specify.

Table 14–1: Values to Use for ID Lists  
Value
Meaning
*
All users are allowed access.
user
This user has access.
!user
This user does not have access.
string*
Users whose IDs begin with “string” have access
!string*
Users whose IDs begin with “string” do not have access

For more information on the CAN–DO function, see the Progress Language Reference .

You can also use the USERID function to check user IDs in a procedure. Use this function when you want to allow only one user ID access to a procedure:

p-adcus3.p

If the user ID of the user running the procedure is not manager, the procedure displays a message and exits. If the user ID is manager, the procedure continues.

If you use either the CAN–DO function or the USERID function to compare the user ID of a user with one or more user IDs you include in a procedure, you must modify and recompile that procedure whenever you change the user IDs allowed access to it. You can avoid having to make these changes by building a permissions table for activities in your application.

NOTE: If you connect to more than one database, the USERID function requires a logical database name and the CAN–DO function requires a user ID qualification. For more information on multiple-database considerations, see Database Access."


Copyright © 2004 Progress Software Corporation
www.progress.com
Voice: (781) 280-4000
Fax: (781) 280-4095