I know there's got to be an easy way to do this, could someone just point me in the right direction? I've spent a few hours trying to track this down, but I ran across a line in the 'Describing Data with the WebFocus Language' that makes me think that what I want to do is not so common/easy (Setting the DBA password in the Site.wfs and later specifying it in the FEX using the master file). This is less than ideal, since user's A, B, and C are using the same fexs that the 'good' user will be -- I need it to be user/role based, not password based).

Basically, I have a master file (source is Oracle) with some sensitive fields (Salary, etc) that I want some people to see and most not. A CAR representation of this might be thought of like this (except CAR is Focus based and my source is Oracle, and the 'Salary' field represents a 'secret' field):

FILENAME=testcar, SUFFIX=EDA     , $
  SEGMENT=CAR, SEGTYPE=S0, $
    FIELDNAME=SALARY, ALIAS=MODEL, USAGE=A24, ACTUAL=A24, $
    FIELDNAME=COUNTRY, ALIAS=COUNTRY, USAGE=A10, ACTUAL=A10, $
    FIELDNAME=CAR, ALIAS=CAR, USAGE=A16, ACTUAL=A16, $
    FIELDNAME=MODEL, ALIAS=MODEL, USAGE=A24, ACTUAL=A24, $
    FIELDNAME=BODYTYPE, ALIAS=BODYTYPE, USAGE=A12, ACTUAL=A12, $
    FIELDNAME=WARRANTY, ALIAS=WARRANTY, USAGE=A40, ACTUAL=A40, $
    FIELDNAME=STANDARD, ALIAS=STANDARD, USAGE=A40, ACTUAL=A40, $
    FIELDNAME=SEATS, ALIAS=SEATS, USAGE=I3, ACTUAL=I4, $
    FIELDNAME=DEALER_COST, ALIAS=DEALER_COST, USAGE=D7, ACTUAL=D8, $
    FIELDNAME=RETAIL_COST, ALIAS=RETAIL_COST, USAGE=D7, ACTUAL=D8, $
    FIELDNAME=SALES, ALIAS=SALES, USAGE=I6, ACTUAL=I4, $
    FIELDNAME=LENGTH, ALIAS=LENGTH, USAGE=D5, ACTUAL=D8, $
    FIELDNAME=WIDTH, ALIAS=WIDTH, USAGE=D5, ACTUAL=D8, $
    FIELDNAME=HEIGHT, ALIAS=HEIGHT, USAGE=D5, ACTUAL=D8, $
    FIELDNAME=WEIGHT, ALIAS=WEIGHT, USAGE=D6, ACTUAL=D8, $
    FIELDNAME=WHEELBASE, ALIAS=WHEELBASE, USAGE=D6.1, ACTUAL=D8, $
    FIELDNAME=FUEL_CAP, ALIAS=FUEL_CAP, USAGE=D6.1, ACTUAL=D8, $
    FIELDNAME=BHP, ALIAS=BHP, USAGE=D6, ACTUAL=D8, $
    FIELDNAME=RPM, ALIAS=RPM, USAGE=I5, ACTUAL=I4, $
    FIELDNAME=MPG, ALIAS=MPG, USAGE=D6, ACTUAL=D8, $
    FIELDNAME=ACCEL, ALIAS=ACCEL, USAGE=D6, ACTUAL=D8, $

What I'd like to do is specify that user A, B, and C can get results for all fields in the table, but all other users get Missing, or blank or 0 or something else. Ideally, there will be no code changes to the FEXs that call this master file.

My gut says that something like this should work, but doesn't.

 
FILENAME=testcar, SUFFIX=EDA     , $
  SEGMENT=CAR, SEGTYPE=S0, $
 
-IF IBIMR_user NE 'Me' GOTO SKIPSALARY;
    FIELDNAME=SALARY, ALIAS=MODEL, USAGE=A24, ACTUAL=A24, $
-SKIPSALARY

    FIELDNAME=COUNTRY, ALIAS=COUNTRY, USAGE=A10, ACTUAL=A10, $
    FIELDNAME=CAR, ALIAS=CAR, USAGE=A16, ACTUAL=A16, $
    FIELDNAME=MODEL, ALIAS=MODEL, USAGE=A24, ACTUAL=A24, $
....

Any ideas?

-ABT

This message has been edited. Last edited by: Kerry,

You can not do it this way.
You should look in the documentation

An other solution is to solf this in the reports

How about creating the master wholly on the fly.

Using _site_profile say, issue a FILEDEF for the master and then -WRITE the complete MFD, using real or DEFINEd fields where approriate.

APP FI master DISK testcar.mas
-RUN
-WRITE master FILENAME=testcar, SUFFIX=EDA     , $
-WRITE master  SEGMENT=CAR, SEGTYPE=S0, $
-WRITE master    FIELDNAME=SALARY, ALIAS=MODEL, USAGE=A24, ACTUAL=A24, $
.
.
-SET &DEFSAL = IF IBIMR_user NE 'Me' THEN 'DEFINE SALARY/A24 = ''' ''';,$' ELSE ' ';
-IF IBIMR_user NE 'Me' GOTO SKIPSALARY;
-WRITE master    FIELDNAME=SALARY, ALIAS=MODEL, USAGE=A24, ACTUAL=A24, $
-SKIPSALARY
.
.
-WRITE master &DEFSAL 

or something along those lines.

Not actually had chance to test, so this is off the top of my head, but should be okay!

Maybe the DBA security in the master file is something for you? You can find it in the manual Describing Data with WebFOCUS, chapter 10.

Kudos to Alan for getting the closest to what I was originally describing.

I ended up going with the DBA security, though because I there was a key portion of the equation missing. The 'Defining Data...' manual failed to mention that the user ID could be set/interpreted via the 'IBIF_dbapass_src' option in site.wfs. Based on the options I saw in the manual, I was under the impression that the user had to be set as 'SET USER = user1' or 'Set Pass = Password' which was inadequate for what I am trying to achieve. After setiing to MR ID, I get the desired effect.

Now, I have one last question. My circumstance is that I have an admin account that needs to access the 'sensitive' data, all others are to just see nothing. Seems like I need a facility to indicate all other users (*, ALL, etc). We have hundreds of users that I don't want to list individually. Any ideas?

  
FILENAME=TEST_TABLE, SUFFIX=SQLMSS  , $                   
  SEGMENT=TEST_TABLE, SEGTYPE=S0, $                                   
    FIELDNAME=EVENTID, ALIAS=EventID, USAGE=I11, ACTUAL=I4, FIELDTYPE=R, $      
    FIELDNAME=EVENTTIME, ALIAS=EventTIme, USAGE=HYYMDs, ACTUAL=HYYMDs,          
      MISSING=ON, $                                                             
    FIELDNAME=EVENTTYPE, ALIAS=EventType, USAGE=A10, ACTUAL=A10,                
      MISSING=ON, $                                                             
    FIELDNAME=USERID, ALIAS=UserID, USAGE=A10, ACTUAL=A10,                      
      MISSING=ON, $                                                             
    FIELDNAME=REPORTID, ALIAS=ReportID, USAGE=A8, ACTUAL=A8,                    
      MISSING=ON, $                                                             
    FIELDNAME=REPORTDATE, ALIAS=ReportDate, USAGE=A10, ACTUAL=A10,              
      MISSING=ON, $                                                             
    FIELDNAME=GROUPID, ALIAS=GroupID, USAGE=A10, ACTUAL=A10,                    
      MISSING=ON, $                                                             
    FIELDNAME=UNIQUEID, ALIAS=UniqueID, USAGE=A10, ACTUAL=A10,                  
      MISSING=ON, $                                                             
    FIELDNAME=FLAG1, ALIAS=Flag1, USAGE=A1, ACTUAL=A1,
      MISSING=ON, $
    FIELDNAME=FLAG2, ALIAS=Flag2, USAGE=A1, ACTUAL=A1,
      MISSING=ON, $
    FIELDNAME=FLAG3, ALIAS=Flag3, USAGE=A1, ACTUAL=A1,
      MISSING=ON, $
    FIELDNAME=FLAG4, ALIAS=Flag4, USAGE=A1, ACTUAL=A1,
      MISSING=ON, $
END                                                                             
DBA=password, $          
                                                       
USER=EVERYONE, ACCESS=RW, $       
 ACCESS=R, RESTRICT=NOPRINT, NAME=Flag1, $
 ACCESS=R, RESTRICT=NOPRINT, NAME=Flag2, $
 ACCESS=R, RESTRICT=NOPRINT, NAME=Flag3, $
 ACCESS=R, RESTRICT=NOPRINT, NAME=Flag4, $               

USER=ADMIN, ACCESS=RW, $