× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. December 2016

Re: Object Authority for SQL Use

Here is how we have solved this issue. We use a combination of authorization lists and group profiles. Each file has its' own authorization list with the same name as the file. We assign groups to the authorization list. If we want to group files together for some reason like query access, we create a group profile and add it to the authorization list. Then, we change the user profile and add this group as a supplemental group. It may not be a perfect solution, but it works for us.

Dean Eshleman
Software Development Architect

Everence Financial
1110 North Main Street
PO Box 483
Goshen, IN 46527
Phone: (574) 533-9515 x3528
www.everence.com<http://www.everence.com/>


On 12/22/2016 9:52 AM, Andrew Lopez (SXS US) wrote:
Have more than one authority list...

Instead of PRODDATA have
ORDDATA
GLDATA
APDATA
ARDATA

However many groups that are required.

And you should have your users assigned to group profiles.

Group profiles are then given access via the authority list.

We have the group profiles/authority list cross reference. But the approach of having an authority list for each unique combination of users would be very problematic. We're long past the stage where our production data could be broken into just a couple dozen categories. For our E1 data libraries alone, I have dozens of users authorized to query only one/two/three files. Each time I added a new user for a new interface, I would further be breaking down the groups:
- MANDATA starts for manufacturing data,
- MANDTAJOBP gets broken off for an interface with a 3rd party scheduling software
- MANDTALAB needs some of the same files as MANDTAJOBP for an interface with lab software, but others as well. I'm now faced with an authority list for files that both Job Pack and the Lab software can use, another for the ones that just Job Pack can use, and a third for the ones that the Lab software needs. Oh wait, job pack needs to update one file, and the lab software another file, but neither one should have update rights to any other files.

I'll pass. I already have 160 authority lists for grouped library/library object authorities, and a total north of 220 counting all the TAA Tool ones.

_____________________________________________________________________
Spirax-Sarco Engineering Plc. This e-mail has been scanned for viruses by Verizon Business Internet Managed Scanning Services - powered by MessageLabs. For further information visit http://www.verizonbusiness.com/uk



______________________________________________________________________
Confidentiality Notice: This information is intended only for the individual or entity named. If you are not the intended recipient, do not use or disclose this information. If you received this e-mail in error, please delete or otherwise destroy it and contact us at (800) 348-7468 so we can take steps to avoid such transmission errors in the future. Thank you.

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow-Ups:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.