Alpha Software Mobile Development Tools:   Alpha Anywhere    |   Alpha TransForm subscribe to our YouTube Channel  Follow Us on LinkedIn  Follow Us on Twitter  Follow Us on Facebook

Announcement

Collapse

The Alpha Software Forum Participation Guidelines

The Alpha Software Forum is a free forum created for Alpha Software Developer Community to ask for help, exchange ideas, and share solutions. Alpha Software strives to create an environment where all members of the community can feel safe to participate. In order to ensure the Alpha Software Forum is a place where all feel welcome, forum participants are expected to behave as follows:
  • Be professional in your conduct
  • Be kind to others
  • Be constructive when giving feedback
  • Be open to new ideas and suggestions
  • Stay on topic


Be sure all comments and threads you post are respectful. Posts that contain any of the following content will be considered a violation of your agreement as a member of the Alpha Software Forum Community and will be moderated:
  • Spam.
  • Vulgar language.
  • Quotes from private conversations without permission, including pricing and other sales related discussions.
  • Personal attacks, insults, or subtle put-downs.
  • Harassment, bullying, threatening, mocking, shaming, or deriding anyone.
  • Sexist, racist, homophobic, transphobic, ableist, or otherwise discriminatory jokes and language.
  • Sexually explicit or violent material, links, or language.
  • Pirated, hacked, or copyright-infringing material.
  • Encouraging of others to engage in the above behaviors.


If a thread or post is found to contain any of the content outlined above, a moderator may choose to take one of the following actions:
  • Remove the Post or Thread - the content is removed from the forum.
  • Place the User in Moderation - all posts and new threads must be approved by a moderator before they are posted.
  • Temporarily Ban the User - user is banned from forum for a period of time.
  • Permanently Ban the User - user is permanently banned from the forum.


Moderators may also rename posts and threads if they are too generic or do not property reflect the content.

Moderators may move threads if they have been posted in the incorrect forum.

Threads/Posts questioning specific moderator decisions or actions (such as "why was a user banned?") are not allowed and will be removed.

The owners of Alpha Software Corporation (Forum Owner) reserve the right to remove, edit, move, or close any thread for any reason; or ban any forum member without notice, reason, or explanation.

Community members are encouraged to click the "Report Post" icon in the lower left of a given post if they feel the post is in violation of the rules. This will alert the Moderators to take a look.

Alpha Software Corporation may amend the guidelines from time to time and may also vary the procedures it sets out where appropriate in a particular case. Your agreement to comply with the guidelines will be deemed agreement to any changes to it.



Bonus TIPS for Successful Posting

Try a Search First
It is highly recommended that a Search be done on your topic before posting, as many questions have been answered in prior posts. As with any search engine, the shorter the search term, the more "hits" will be returned, but the more specific the search term is, the greater the relevance of those "hits". Searching for "table" might well return every message on the board while "tablesum" would greatly restrict the number of messages returned.

When you do post
First, make sure you are posting your question in the correct forum. For example, if you post an issue regarding Desktop applications on the Mobile & Browser Applications board , not only will your question not be seen by the appropriate audience, it may also be removed or relocated.

The more detail you provide about your problem or question, the more likely someone is to understand your request and be able to help. A sample database with a minimum of records (and its support files, zipped together) will make it much easier to diagnose issues with your application. Screen shots of error messages are especially helpful.

When explaining how to reproduce your problem, please be as detailed as possible. Describe every step, click-by-click and keypress-by-keypress. Otherwise when others try to duplicate your problem, they may do something slightly different and end up with different results.

A note about attachments
You may only attach one file to each message. Attachment file size is limited to 2MB. If you need to include several files, you may do so by zipping them into a single archive.

If you forgot to attach your files to your post, please do NOT create a new thread. Instead, reply to your original message and attach the file there.

When attaching screen shots, it is best to attach an image file (.BMP, .JPG, .GIF, .PNG, etc.) or a zip file of several images, as opposed to a Word document containing the screen shots. Because Word documents are prone to viruses, many message board users will not open your Word file, therefore limiting their ability to help you.

Similarly, if you are uploading a zipped archive, you should simply create a .ZIP file and not a self-extracting .EXE as many users will not run your EXE file.
See more
See less

Desktop Security - A simple question.

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Desktop Security - A simple question.

    I have seven users on a small network using A5v12 runtime. Data is stored on a Network Attached Storage device. Developer ver 12.4.3.2 build 4105; addins build 4819. Runtime plus has same ver and build.

    If a user is permitted to "run" a form, browse or report, double clicking on said object should allow that object to run, correct? I have set security on the tables to change, view and enter records.

    I have granted multiple users permission to perform such tasks and it doesn't work. Even some reports that were operable from particular users are not working now. It would seem to be a simple process. You grant or deny permission to run, view, change, etc and the software allows or denies the user in accord with the settings and yet it's not.

    What's going on?

  • #2
    Re: Desktop Security - A simple question.

    Bob,

    - are you using native Alpha Five tables?

    - do you see different results if the data is stored on a conventional server or pc?

    - are you using the built-in security features to organize users into groups and manage passwords?

    -- tom

    Comment


    • #3
      Re: Desktop Security - A simple question.

      Tom,

      Yes, I'm using native alpha5 tables. I've been using Alpha for a long time and I'm reasonably certain the tables were created in Alpha4 (possibly 3) and have been tweaked and amended over the years.

      If I move the data to a pc, the user can open the database directly and do what they wish; however, there doesn't appear to be any security involved - no login was required.

      Yes, I'm using the A5 security with users and groups, although with my current situation, each user is their own group.

      Additionally, if an administrator logs in, they can print the desired form with no issue.

      Lastly, is my understanding correct? That checking the "run" box on a report or form should allow that user to print, view, etc.?

      Bob

      Comment


      • #4
        Re: Desktop Security - A simple question.

        Bob,

        In the desktop security framework, isn't the "run" box (in the dialog setting permissions for a form or report) limited to "groups", not "users"?

        Tell us about your security setup. The typical approach defines a master password for the workspace, then defines groups, then defines users with separate passwords, and finally placing them in one or more groups. The user must log in when database opens. Check the help file topic "desktop security" for details.

        Perhaps others can chime in here to help.

        I have little experience doing it the way you are trying. In my own work I setup the users and groups, then use buttons to open forms and reports. The button onPush scripts examine the current user's group list and if he or she is in a group that has permission to open / run the form or report, the script does so, otherwise the script informs the user they don't have permission.

        -- tom

        Comment


        • #5
          Re: Desktop Security - A simple question.

          Tom,

          Yes, the permissions are set for groups but since I have a VERY small office, each group is, effectively, a user.

          As far as a security setup, I have two people, my wife and I, who are administrators. Everything works perfectly for us.

          I have an AR person who is allowed access to the customer table and the receivable, billing and financial history databases.

          I have an AP person who is allowed access to the customer table, purchasing, paid bill and payable tables.

          I have an assistant who is allowed read only access to the customer table and unfettered access to the sales table.

          I would prefer to not create buttons for each task since, IMHO, the button "permission check" would likely run into the same security roadblock that a user just trying to access the object would.

          If there isn't a way to fix this, is there a way to completely remove all security from all tables in a workspace and then rebuild the security from the ground up?

          Bob

          Comment


          • #6
            Re: Desktop Security - A simple question.

            Sorry. Don't know answer to your question. If time permits I'll build a simple test case to see if perhaps you've bumped into a bug. If so I'll submit a bug report.

            Comment


            • #7
              Re: Desktop Security - A simple question.

              Giant KUDOS to Tom Cone! Tom surmised that it could be a "philosophical" difference and was able to recommend a solution which, thus far, has worked.

              THANK YOU VERY MUCH, TOM!.

              By the way, the difference was Alpha allows you to grant or deny permission if one is not explicitly set permissions for an object.I had checked "deny". Tom surmised that the "deny" was confusing alpha and recommended I check "grant. I did so and then spent the afternoon checking a lot of check boxes but everything does seem to be working as intended now.

              Comment


              • #8
                Re: Desktop Security - A simple question.

                Originally posted by Tom Cone Jr View Post
                Bob,

                In the desktop security framework, isn't the "run" box (in the dialog setting permissions for a form or report) limited to "groups", not "users"?

                Tell us about your security setup. The typical approach defines a master password for the workspace, then defines groups, then defines users with separate passwords, and finally placing them in one or more groups. The user must log in when database opens. Check the help file topic "desktop security" for details.

                Perhaps others can chime in here to help.

                I have little experience doing it the way you are trying. In my own work I setup the users and groups, then use buttons to open forms and reports. The button onPush scripts examine the current user's group list and if he or she is in a group that has permission to open / run the form or report, the script does so, otherwise the script informs the user they don't have permission.

                -- tom
                This is our security setup but we have about 6 usergroups with various permissions assigned to forms & dbfs BUT we would like to copy ALL "group names" to s Form (screen). Can that be done? We now have groups named: Manager, Supervisor, Mechanic but don't want to hard code the group names onto the form. Bit of a prob if they decide to call a group Leadhand Electrical instead of Mechanic.

                Thanks.

                Comment


                • #9
                  Re: Desktop Security - A simple question.

                  A5_get_groups()
                  There can be only one.

                  Comment


                  • #10
                    Re: Desktop Security - A simple question.

                    Originally posted by Stan Mathews View Post
                    A5_get_groups()
                    I thought a jpg mite show what I am attempting to do as I am NO programmer.

                    Comment


                    • #11
                      Re: Desktop Security - A simple question.

                      Form Secuirty.jpg

                      Pressed the wrong button...sorry about that.

                      I would like to print the group names on the left so if a group name changes then the TEXT on screen gets revised. As it is now the text to to the left of Manager...Supevos next to OK....is hard coded in so if a Group Name changes, it does not change the text on the screen. Does that make sense?

                      Comment


                      • #12
                        Re: Desktop Security - A simple question.

                        If you define a text object for the form you can populate it with (probably in the onactivate event)

                        textobjectname.text = A5_get_groups()

                        By doing it in the onactivate if you navigate away, add a group, it will refresh when you reactivate your form.
                        There can be only one.

                        Comment

                        Working...
                        X