Need a details of Users with query like admin access,sys access, role access, permmsions

Mike

Moderator
Hi All,

Please help me to get a query of details of users of their roles ,permission and access in database. a output file may be???

progress version 9.1d and 8.3b ,Please help.

With regards
Mike
 

TomBascom

Curmudgeon
You have added Progress 8.3B to your portfolio? You are moving backwards from ancient, obsolete, unsupported and criminally irresponsible towards public endangerment.

Many applications enforce security through their own designs. You have not mentioned what application you are using so I have no idea if that is the case for you. If your application is using its own security then you need to consult that application's documentation.

If your application is using standard Progress users and security:

Code:
for each _user no-lock:
  display _user.
end.

Table permissions:

Code:
for each _file no-lock where _file-num > 0 and _file-num < 10000:
  display
    _file-name
    _can-create
    _can-delete
    _can-dump
    _can-load
    _can-read
    _can-write
  .
end.

Field permissions:

Code:
for each _file no-lock where _file-num > 0 and _file-num < 10000,
      each _field no-lock of _file:
  display
    _file-name
    _field-name
    _can-read
    _can-write
  .
end.

This topic is, by the way, a major source of criminally irresponsible security. These security measures were designed when the world was a very different place and the defaults are wholly inadequate for a modern environment. The _user table and _can* permissions were widely recognized as being, at best, "weak" back in the 90s.

"Security" when running v8 or v9 is as full of holes as Swiss cheese. Significant improvements have been made in more modern releases.
 

dimitri.p

New Member
You are moving backwards from ancient, obsolete, unsupported and criminally irresponsible towards public endangerment.
You may be preaching to the wrong choir. The sermon, amuzing at first, starts to get repetitevly annoying.

"Security" when running v8 or v9 is as full of holes as Swiss cheese. Significant improvements have been made in more modern releases.
...and yet here we are. There is a chance among all the "buy my product or service" presentations over the years I might have missed the ones on how to implement "more secure" "security". At the same time, arguing about security "flaws", actual or perceived, realistic, pragmatical, imagined or philosophical in public doesn't exactly enhance the security of existing systems ...
 

TomBascom

Curmudgeon
Perhaps you missed features like disallowing blank userids? Enforcing security at run time rather than compile time? Using the OE Authentication gateway?

You have much, much better options for security with a modern release.
 
Top