Tags:
tag this topic
create new tag
view all tags
---+ .UTIL CHECK RBS _This subroutine is called to check the security access for the specified user when Role Based Security is used. Added in 5.2.0_ <br />%TOC% ---++ Usage: <pre> PASS --- SECCHK RECORD FIELD SHARE? Y GOSUB --- .UTIL CHECK RBS * Check for errors IF --- .UTIL CHECK RBS NE </pre> ---++ Description: This subroutine is called to check the security access for the specified user when Role Based Security (RBS) is used. If you are not using Role Based Security, use [[0LASubrUtilCheckSecurity][.UTIL CHECK SECURITY]] instead. The --- SECCHK RECORD is a required parameter, if it is missing the subroutine will CANCEL. Using this subroutine, you can check to see if a specific user is allowed to run a specific process from a specific parent, or if the specific user has access to a record or field in a file. <div id="_mcePaste">Different fields are required and returned in --- SECCHK, depending on whether you are checking Process or File/Field security. The common fields are:</div> <div id="_mcePaste" style="padding-left: 30px;"> * SECCHK SECUSER RID </div> <div id="_mcePaste" style="padding-left: 90px;">This is the Record Id (RID) of the specific user/role to be checked. In RBS, a user may have more than one Role and you need to indicate which Role you want checked. To determine which RID to use, read 0SA SECUSER by user id (possibly in a BEG READ/END READ loop), and GOSUB 0SA R/S – LOAD HIERARCHY for each record. You can then check SECDB DATABASE ID and / or SECDEPT DESC and/or SECWG DESC and /or SECROLE DESC to see if this is the DB/Dept/Workgroup/Role you are interested in. If so, use SECUSER RID, otherwise read next SECUSER</div> <div id="_mcePaste" style="padding-left: 30px;"> * SECCHK DB ID - The 3 character database id to be checked * SECCHK ACL CONTEXT - The context to be checked, PROCESS, FILE or FIELD * SECCHK SOURCE (Required if SECCHK ACL CONTEXT = PROCESS) * <span style="white-space: pre;">O</span>ne of: * UNKNOWN to check at any process starting point * <span style="background-color: transparent;">USER START to check processes started from 0SA USER startup or the command line.</span> * SYSPARM to check Direct Process 1 * DEF INP to check processes invoked as Default Inputs from SCAN * OPT CHILD to check optional children * AUTO CHILD to check automatic children </div> *For Processes:* <div id="_mcePaste" style="padding-left: 30px;"> * SECCHK PRNT AP ID - The Application Id of the Parent Process * SECCHK PRNT TYPE - The Process Type of the Parent Process * SECCHK PRNT NAM - The name of the Parent Process. Not Required if SECCHK SOURCE is not UNKNOWN, OPT CHILD or AUTO CHILD * SECCHK PROC AP ID - The Application Id of the Child Process * SECCHK PROC TYPE - The Process Type of the Child Process * SECCHK PROC NAM - The Process Name of the Child Process </div> <div id="_mcePaste" style="padding-left: 30px;">Returns a Y, N or Blank in the following fields:</div> <div id="_mcePaste" style="padding-left: 30px;"> * SECCHK PROC RUN OK - Indicates if the user can run the process. * SECCHK PROC ADD OK - Indicates if the user can add records to the PCF file. * SECCHK PROC DEL OK - Indicates if the user can delete records in the PCF file. * SECCHK PROC CHG OK - Indicates if the user can change records in the PCF file. </div> <div id="_mcePaste">If a blank is returned, it means the flag will be inherited from some parent process at runtime.</div> <div id="_mcePaste"> *For Files:* </div> <div id="_mcePaste" style="padding-left: 30px;"> * SECCHK FLD AP ID - The Application Id of the file to be checked. * SECCHK FLD FI NAM - The File name to be checked. </div> <div id="_mcePaste">Returns:</div> <div id="_mcePaste" style="padding-left: 30px;"> * SECCHK FI ACC OK - Y or N indicating if the user has access to the file or not </div> <div id="_mcePaste"> *For Fields:* </div> <div id="_mcePaste" style="padding-left: 30px;"> * SECCHK FLD AP ID - The Application Id of the file to be checked * SECCHK FLD FI NAM - The File containing the field to check * SECCHK FLD NAM - The field name to be checked. Note that GROUP HEADER/TRAILERS and SYNONYMS do not have security, and will return the system defaults. </div> <div id="_mcePaste">Returns</div> <div id="_mcePaste" style="padding-left: 30px;"> * SECCHK FLD VIEW OK - Y or N indicating if the user is allowed to view the contents of the field or not * SECCHK FLD EDIT OK - Y or N indicating if the user is allowed to change the contents of the field or not </div> ---++ Comments: _Read what other users have said about this page or add your own comments._ <br />%COMMENT% -- Main.JeanNeron - 2012-10-30
E
dit
|
A
ttach
|
Watch
|
P
rint version
|
H
istory
: r5
<
r4
<
r3
<
r2
<
r1
|
B
acklinks
|
V
iew topic
|
Ra
w
edit
|
M
ore topic actions
Topic revision: r5 - 2024-11-19
-
BrianRyan
Home
Site map
Main web
MedicaidBilling web
Sandbox web
TWiki web
Main Web
Users
Groups
Index
Search
Changes
Notifications
RSS Feed
Statistics
Preferences
P
View
Raw View
Print version
Find backlinks
History
More topic actions
Edit
Raw edit
Attach file or image
Edit topic preference settings
Set new parent
More topic actions
Account
Log In
E
dit
A
ttach
Copyright © 2008-2025 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki?
Send feedback
Site map
Main web
Users
Groups
Index
Search
Changes
Notifications
RSS Feed
Statistics
Preferences
