Using the CAN-DO Function in a Singleton SELECT

To use the CAN-DO function in a singleton SELECT, you can invoke it with the following syntax:

SYNTAX
EXEC SQL SELECT CAN\-DO( privilege-field [ , user-list ] ) 
  INTO :target-variable  
  FROM privilege-table
  WHERE record-select-clause ; 

privilege-field

The name of the privilege field associated with a permission you want to check (such as the _Can-Read field in the Progress _File schema table). It can exist either in a Progress schema table or in an activities-based permissions table that you create.

user-list

A comma-separated list of user IDs. If you do not specify this value, the CAN-DO function uses the user ID of the ESQL session, which you can also specify with the ESQL keyword USER.

target-variable

A host language variable of type sqlbool to receive the value of the CAN-DO function.

privilege-table

The name of a table that contains privilege fields.

record-select-clause

A selection clause that specifies a specific record of the privilege-table that you are querying.

This example selects a record from the _File schema table when the value of the _File-name schema field equals “customer”, tests the value of the _Can-Write schema field, and sets the host language variable cando to the result:

EXEC SQL BEGIN DECLARE SECTION;
  sqlbool cando;
EXEC SQL END DECLARE SECTION;
                  .
                  .
                  .
EXEC SQL SELECT CAN\-DO(_Can\-Write, USER) INTO :cando
           FROM _File
          WHERE _File\-name = "customer"; 

You subsequently test the value of the host language variable to determine what action to take next. For example, if the CAN-DO function returns a 0, you can display an error message from your program:

if (cando == 0)
{
  writeln("Sorry, you are not authorized to run this program.");
  return -1;
}
                      .
                      .
                      . 


Copyright © 2004 Progress Software Corporation
www.progress.com
Voice: (781) 280-4000
Fax: (781) 280-4095