I know there's got to be an easy way to do this, could someone just point me in the right direction? I've spent a few hours trying to track this down, but I ran across a line in the 'Describing Data with the WebFocus Language' that makes me think that what I want to do is not so common/easy (Setting the DBA password in the Site.wfs and later specifying it in the FEX using the master file). This is less than ideal, since user's A, B, and C are using the same fexs that the 'good' user will be -- I need it to be user/role based, not password based).
Basically, I have a master file (source is Oracle) with some sensitive fields (Salary, etc) that I want some people to see and most not. A CAR representation of this might be thought of like this (except CAR is Focus based and my source is Oracle, and the 'Salary' field represents a 'secret' field):
What I'd like to do is specify that user A, B, and C can get results for all fields in the table, but all other users get Missing, or blank or 0 or something else. Ideally, there will be no code changes to the FEXs that call this master file.
My gut says that something like this should work, but doesn't.
Not actually had chance to test, so this is off the top of my head, but should be okay!
Alan. WF 7.705/8.007
September 13, 2010, 05:10 AM
Maybe the DBA security in the master file is something for you? You can find it in the manual Describing Data with WebFOCUS, chapter 10.
- Using AS 8.2.01 on Windows 7 - IE11.
in Focus since 1988
September 13, 2010, 04:09 PM
Kudos to Alan for getting the closest to what I was originally describing.
I ended up going with the DBA security, though because I there was a key portion of the equation missing. The 'Defining Data...' manual failed to mention that the user ID could be set/interpreted via the 'IBIF_dbapass_src' option in site.wfs. Based on the options I saw in the manual, I was under the impression that the user had to be set as 'SET USER = user1' or 'Set Pass = Password' which was inadequate for what I am trying to achieve. After setiing to MR ID, I get the desired effect.
Now, I have one last question. My circumstance is that I have an admin account that needs to access the 'sensitive' data, all others are to just see nothing. Seems like I need a facility to indicate all other users (*, ALL, etc). We have hundreds of users that I don't want to list individually. Any ideas?