If you use the Reporter (Part I)

[ Follow Ups ] [ Post Followup ] [ Signature.net Forum ]

Posted by Barbara Brazil on July 07, 2008 at 10:11:27:

Now that several of you are using the new Reporter it's time to start discussions about what we can do to make it even more useful to you. I'd like to start a thread here about security and user privileges.

From discussions amongst ourselves and in requests we've gotten from you we think you'd like to be able to do some or all of these things:

Restrict which reports a user can edit / delete
Restrict which reports a user can run
Restrict which #CFILES a user can access
Restrict which files a particular user can report on
Restrict particular users from running DbMgr

Some of these things you can control at least to some extent thru a user's dab accesses. Others will require some method of linking a user to a set of privileges. In designing this we have to keep in mind that we cannot tie this to the QMONITOR security scheme because not everyone uses it.

We have discussed one solution for restricting which files a particular user can write reports for. We could introduce a new Security Level system variable. You could assign a security level to each file definition in #CFILES and a privilege level to each user. By default each file defined in #CFILES would have a security level of 0 and each user would have a privilege level of 0. This would allow every user access to every file just as it is today. If you wanted to use this security scheme you would assign a non-zero security level to the file (this would be done in DbMgr) and a non-zero privilege level to each user (you could do this in your main menu when the user logs in). The higher the number, the greater the restriction. So, a user with a privilege level of 2 could write reports only for files with a security level of 2 or less. Is it something you want? If so, is this the right way to accompish it?

Maybe this scheme could also be used to control which reports a user could edit / delete. We could provide the report author a way to assign a security level to their report. Only those users with a privilege level at or above the report level could either edit or delete the report. Anyone with access to the directory where the .ibr file resided regardless of privilege level could run the report. What do you think about that?

Restricting which report directories and which #CFILES a user has access to can be controlled thru their dabs. Do you need more control than that? Would you want the security level logic to apply to the running of reports also? Then instead of having to store higher level reports in a separate directory, the Reporter could restrict a user at runtime if the report used a file with a higher security level than the user had.

We could even use the security level mechanism to control who is allowed to run DbMgr. By default it would have level 0 so anyone could run it. The problem of assigning security levels to reports or to DbMgr is where we store these settings. The first solution that comes to mind is the use of a control file. I don't like this idea for several reasons:

It becomes one more thing to write a maintenance utility for.
It will end up containing obsolete records for reports that were deleted from outside the Reporter.
Since it must reside in a directory that every user has access to anyone with access to MAINT or CometExplorer could hack in to it.

Anyone got any other ideas? And don't even think about using the QDIR! :-)

Well that's enough for now. I've started the discussion. Let's hear from you. What security features do you want to see?

Follow Ups:

Re: If you use the Reporter (Part I) Joe Forani 14:28:17 07/08/08 (1)
- Re: If you use the Reporter (Part I) Stephen Auerbach 06:27:00 07/09/08 (0)

Post a Followup

Each file can be a maximum of 1MB in length Uploaded files will be purged from the server on a regular basis.

[ Follow Ups ] [ Post Followup ] [ Signature.net Forum ]