Question Make a trigger for read

fdantas

fdantas

New Member
Hi friends,

is possible create a trigger for see when someone try read one information on database ?
 
RealHeavyDude

RealHeavyDude

Well-Known Member
You should be aware that FIND triggers will considerably slow down your application on tables where you implement them. Plus, they will only fire when these tables are accessed via the ABL - not when accessed via SQL.

Heavy Regards, RealHeavyDude.
 
RealHeavyDude

RealHeavyDude

Well-Known Member
Yes, it is possible. You can put any code into a trigger procedure that you can put in any other procedure.

But - I would not recommend you to do so. Usually one tries to get the best read performance out of an application. You do so by avoiding as much i/o on the database as possible and and have the operations as atomic as possible. If you update something in a FIND trigger, you are not even bouncing back and forth between the database engine and the ABL execution layer ( triggers are executed in the ABL execution layer in the client context and _NOT_ in the database engine ) for each record you retrieve for such a table, additonally you modify buffers in the shared memory which need to be written back to disk plus all the transaction overhead that the server does to make sure your data does not get corrupted.

Again, you can do that, but from a performance perspective this IS THE WORST CASE SCENARIO that one can think of when it comes to read performance. If you really must implement auditing on retrieval of record from certain tables you should look into the auditing functionality that is built into the database engine since OpenEdge 10.1A. This is because it is optimized to get the best possible peformance. And, as a bonus, you don't need to change any code in your application.

Heavy Regards, RealHeavyDude.
 
fdantas

fdantas

New Member
In my case, i have one table with salary of all employees, and some have access a progress editor, and i like monitoring this field of table or block this field.
how do i use auditing functionality ? you have a documentation ? regards and very thanks for your help friend
 
Rob Fitzpatrick

Rob Fitzpatrick

ProgressTalk.com Sponsor
fdantas said:
In my case, i have one table with salary of all employees, and some have access a progress editor, and i like monitoring this field of table or block this field.
how do i use auditing functionality ? you have a documentation ? regards and very thanks for your help friend
Click to expand...

If this is sensitive data that some or all users shouldn't access at all then instead of auditing after the fact who accessed the table, you could use the can-* permissions on the table's _File record to restrict access.
 
fdantas

fdantas

New Member
Rob Fitzpatrick said:
If this is sensitive data that some or all users shouldn't access at all then instead of auditing after the fact who accessed the table, you could use the can-* permissions on the table's _File record to restrict access.
Click to expand...
Cool, but how i do this Rob ? Exists documentation for this ? this protection change CRC of table ? I dont have source code of the system that my client use
 
TomBascom

TomBascom

Curmudgeon
fdantas said:
In my case, i have one table with salary of all employees, and some have access a progress editor, and i like monitoring this field of table or block this field.
how do i use auditing functionality ? you have a documentation ? regards and very thanks for your help friend
Click to expand...

Just an observation that applies to a great many threads...

Starting off with a question about a specific technical issue and waiting until post #10 top describe your actual requirements is not a recipe for efficient problem solving. On the bright side you have now described those requirements. Some posters never get around to that.
 
TomBascom

TomBascom

Curmudgeon
Auditing does not directly support auditing of READ events. To do so would be extremely expensive from a performance perspective. (That doesn't stop people from asking for it though.)

There is a way to add user-specified audit events in your code. In theory, those could be tied to a FIND trigger. It would still be a dangerous thing to do from a performance perspective.

To BLOCK access to a table or field you should use the CAN-* permissions as Rob mentions.
 
fdantas

fdantas

New Member
TomBascom said:
Just an observation that applies to a great many threads...

Starting off with a question about a specific technical issue and waiting until post #10 top describe your actual requirements is not a recipe for efficient problem solving. On the bright side you have described those requirements. Some posters never get around to that.
Click to expand...
Sorry for this
 
TomBascom

TomBascom

Curmudgeon
fdantas said:
Sorry for this
Click to expand...

It's ok -- you're hardly the first. I just thought it was a "learning opportunity" as the thread morphed from one line of inquiry to another. With any luck at least a few people will notice that you get a much better answer when you provide better information.
 
You must log in or register to reply here.

Similar threads

S
Can you prevent a trigger programatically?
Replies
4
Views
733
TomBascom
TomBascom
K
  • Locked
[Stackoverflow] [Progress OpenEdge ABL] CREATE trigger in an OpenEdge database
Replies
0
Views
214
Khansolo
K
R
Connection through Progress
Replies
1
Views
390
peterjudge
peterjudge
D
Auditing - Creating data for one table and not the other
Replies
3
Views
523
Dawn M
D
H
  • Locked
[Progress News] [Progress OpenEdge ABL] Progress Corticon 7.0: Enhancing the Power of Analytics with Corticon 7.0
Replies
0
Views
355
Hinal Patel
H
Top