Need a details of Users with query like admin access,sys access, role access, permmsions

Mike

Mike

Moderator
Hi All,

Please help me to get a query of details of users of their roles ,permission and access in database. a output file may be???

progress version 9.1d and 8.3b ,Please help.

With regards
Mike
 
TomBascom

TomBascom

Curmudgeon
You have added Progress 8.3B to your portfolio? You are moving backwards from ancient, obsolete, unsupported and criminally irresponsible towards public endangerment.

Many applications enforce security through their own designs. You have not mentioned what application you are using so I have no idea if that is the case for you. If your application is using its own security then you need to consult that application's documentation.

If your application is using standard Progress users and security:

Code: 
for each _user no-lock:
  display _user.
end.

Table permissions:

Code: 
for each _file no-lock where _file-num > 0 and _file-num < 10000:
  display
    _file-name
    _can-create
    _can-delete
    _can-dump
    _can-load
    _can-read
    _can-write
  .
end.

Field permissions:

Code: 
for each _file no-lock where _file-num > 0 and _file-num < 10000,
      each _field no-lock of _file:
  display
    _file-name
    _field-name
    _can-read
    _can-write
  .
end.

This topic is, by the way, a major source of criminally irresponsible security. These security measures were designed when the world was a very different place and the defaults are wholly inadequate for a modern environment. The _user table and _can* permissions were widely recognized as being, at best, "weak" back in the 90s.

"Security" when running v8 or v9 is as full of holes as Swiss cheese. Significant improvements have been made in more modern releases.
 
dimitri.p

dimitri.p

Member
You are moving backwards from ancient, obsolete, unsupported and criminally irresponsible towards public endangerment.
Click to expand...
You may be preaching to the wrong choir. The sermon, amuzing at first, starts to get repetitevly annoying.

"Security" when running v8 or v9 is as full of holes as Swiss cheese. Significant improvements have been made in more modern releases.
Click to expand...
...and yet here we are. There is a chance among all the "buy my product or service" presentations over the years I might have missed the ones on how to implement "more secure" "security". At the same time, arguing about security "flaws", actual or perceived, realistic, pragmatical, imagined or philosophical in public doesn't exactly enhance the security of existing systems ...
 
TomBascom

TomBascom

Curmudgeon
Perhaps you missed features like disallowing blank userids? Enforcing security at run time rather than compile time? Using the OE Authentication gateway?

You have much, much better options for security with a modern release.
 
You must log in or register to reply here.

Similar threads

J
  • Locked
[Progress News] [Progress OpenEdge ABL] Secure Managed File Transfer Solutions: Best Practices for User Authentication and Access Control
Replies
0
Views
84
John Iwuozor
J
R
Question Db hanged issue with user unable to access application .
Replies
3
Views
307
Ravi09
R
Mike
Pro2sql User guide need help
Replies
2
Views
323
TomBascom
TomBascom
Y
  • Locked
[Progress News] [Progress OpenEdge ABL] How Accessibility Can Improve Your Reach: The Case of Situational Disabilities
Replies
0
Views
245
Yana Vasileva
Y
J
  • Locked
[Progress News] [Progress OpenEdge ABL] Making Your DXP Accessible: What Businesses Need to Know
Replies
0
Views
424
John Iwuozor
J
Top