PC SOFT

ONLINE HELP
FOR WINDEV, WEBDEV AND WINDEV MOBILE

Home | Sign in | English US

  • Overview
  • What are the available rights?
  • The "super user" users
  • Assigning rights
  • The different available rights
  • Managing an action on a server, a database or a data file
  • Action on a server or on a database
  • Action on a data file
  • Example
  • Special cases
  • Owner of a database or data file
  • Modifying the rights
  • What are the rights required to add/modify the users or the groups?
WINDEV
WindowsLinuxUniversal Windows 10 AppJavaReports and QueriesUser code (UMC)
WEBDEV
WindowsLinuxPHPWEBDEV - Browser code
WINDEV Mobile
AndroidAndroid Widget iPhone/iPadApple WatchUniversal Windows 10 AppWindows Mobile
Others
Stored procedures
Overview
To ensure data security and confidentiality, some actions may be restricted to a group of users.
Higher rights can be granted to the administrators of the database and limited rights can be granted to the end users.
Note: The HFSQL Control Center allows you to graphically manage the rights granted to the users on the different database elements.
Note: From version 19, HFSQL is the new name of HyperFileSQL.
Versions 22 and later
Android Widget This feature is now available in Android Widget mode.
Android This feature is now available for the Android applications.
WINDEVJava This feature is now available for the Java applications.
New in version 22
Android Widget This feature is now available in Android Widget mode.
Android This feature is now available for the Android applications.
WINDEVJava This feature is now available for the Java applications.
Android Widget This feature is now available in Android Widget mode.
Android This feature is now available for the Android applications.
WINDEVJava This feature is now available for the Java applications.
What are the available rights?

The "super user" users

The users defined as "Super user" are allowed to perform all types of actions on the server, on the databases and on all the data files.
To define a user as a "Super user", all you have to do is specify it in the description variables of users.

Assigning rights

No specific rights are granted by default to a new user or to a new group.
The following functions can be used to grant rights:
Versions 09 and later
HModifyDatabaseRights
New in version 09
HModifyDatabaseRights
HModifyDatabaseRights
Modifies the rights granted to a user or to a group for a HFSQL Client/Server database.
Versions 09 and later
HModifyFileRights
New in version 09
HModifyFileRights
HModifyFileRights
Modifies the rights granted to a user or to a group on a HFSQL Client/Server data file.
Versions 09 and later
HModifyServerRights
New in version 09
HModifyServerRights
HModifyServerRights
Modifies the rights granted to a user or to a group on a HFSQL server.
When the user is associated with a group, the user automatically inherits the rights granted to the group.

The different available rights

For each type of element (database, data file, server), rights can be granted to the users and/or to the groups.
One of the following values can be specified for each rights:
AllowedThe user or the group is allowed to use this feature.
ForbiddenThe user or the group is not allowed to use this feature. If he tries to use this feature, a WLanguage error indicates that the user has no sufficient rights to use this feature.
InheritedThe rights are undefined at this level. The HFSQL server uses the rights defined at the higher level:
  • rights defined at group level for a user.
  • rights defined at database level for a file

To find out the current rights granted to a user or to a group, use one of the following functions:
Versions 09 and later
HInfoDatabaseRights
New in version 09
HInfoDatabaseRights
HInfoDatabaseRights
Allows you to find out the rights granted to a user or to a group on a database.
Versions 09 and later
HInfoFileRights
New in version 09
HInfoFileRights
HInfoFileRights
Allows you to find out the rights granted to a user or to a group on a HFSQL Client/Server data file.
Versions 09 and later
HInfoServerRights
New in version 09
HInfoServerRights
HInfoServerRights
Allows you to find out the rights granted to a user or to a group on a server.
Managing an action on a server, a database or a data file

Action on a server or on a database

The following actions depend on the rights:
  • Delete or add users or groups, see the users.
  • Create or delete a database.
  • Connect to a server (encrypted connection only).
  • Create a file.
  • Stop the server.
See HInfoDatabaseRights and HInfoServerRights for more details.
When a user want to perform one of these actions, the following operations are performed by the server:
  1. Check the user rights to perform this action.
  2. The following cases can occur:
    • The action is allowed for the user: the action is performed.
    • The action is not allowed for the user: the action is refused.
    • The action is inherited: the server searches for the rights granted to the groups to which the user belongs.
If the user belongs to at least one group for which the action is allowed on this server or on this database, the action is performed ; otherwise, the action is refused.

Action on a data file

The following actions depend on the rights:
  • Read the records found in a data file.
  • Add, modify, delete records.
  • Delete a data file.
  • Start the automatic data modification.
  • Start a re-index operation or a statistical calculation on a data file.
  • Modify the integrity rules.
  • Enable or disable the management of duplicates.
See HInfoFileRights for more details.
When a user want to perform one of these actions, the following operations are performed by the server:
  1. Check the user rights to perform this action.
  2. The following cases can occur:
    • The action is allowed for the user: the action is performed
    • The action is not allowed for the user: the action is refused
    • The action is inherited: the server searches for the rights granted to the groups to which the user belongs.
      • If the user belongs to at least one group for which the action was allowed on this data file: the action is performed.
      • If the user belongs to at least one group for which the action was forbidden on this data file: the action is refused.
    • If the action was not defined at group level, the server searches whether the action on the database to which the file belongs is:
      • allowed: the action is performed.
      • forbidden: the action is refused.
    • If the action was not defined at database level, the server searches whether the user belongs to a group for which the action on the database to which the file belongs was allowed or not.
      • If the action was allowed for a group, the action is performed.
      • If the action was not allowed for a group, the action is refused.

Example

The user rights are defined as follows:
ElementRead-only rightsRights to add a record
DatabaseForbiddenAllowed
File 1 of the databaseAllowedForbidden
File 2 of the databaseInheritedInherited
In this case:
  • The user can read the records found in File 1 and add records into File 2.
  • The user cannot read the records found in File 2 because the restriction is inherited from the rights defined on the database.
  • The user cannot add records into File 1 because this action is explicitly forbidden.
Special cases

Owner of a database or data file

The databases and the data files belong to a owner. The user who created the database or the file automatically becomes the owner of this element.
The HFSQL Control Center can also be used to modify the owner.
Modifying the rights
Modifying the rights consists in allowing, forbidding or removing an authorization or a restriction.
To modify the rights, you must:
  • have the rights to "Modify the rights".
  • be a "Super User".
Note: The owner of the database or the owner of the data file is always allowed to grant to himself the rights to "Modify the rights" on this element (HModifyDatabaseRights or HModifyFileRights)
What are the rights required to add/modify the users or the groups?
The table below presents the rights required to handle the characteristics of groups and users:
hRightsManageUserhRightsSeeUser
Actions on the other users or groups (other than the current user and group)x
Modify the name of a user or groupxx
Add a user or a groupxx
Modify the characteristics of the current user or groupx
See the users or the groupsx
These constants are used in HInfoServerRights and HModifyServerRights.
Minimum required version
  • Version 9
This page is also available for…
Comments
Click [Add] to post a comment