Lantica Software Support Center
Lantica Software Home Page


Knowledgebase

Security Can Do More Than Protect Your Data


From the Inside Sesame Help Desk

I have a hopefully easy requirement that I just can't find a way to accomplish. Is there a way for Sesame to know which computer it's working on? What I mean is can it tell what workstation is entering or modifying data? I want to add a field that tells me who was the last person to add or modify a record and when they did it. I can figure out the when but I can't get Sesame to tell me who did it.
Pat

This is just one of the reasons you should be using security in your databases. Of course it will protect access to your databases but maybe you feel that you don't need that type of protection. That's OK. Let's look at some uses for security other than protection.

Before we begin - a word of caution. If you are using security and you have multiple databases in your application where you are doing external lookups from one to the other, you must set an external lookup userID and password. This is done on the Application Settings tab of the Security Manager. The external lookup password is not one that a user needs to log on with. It's an internal password sent from one database to the other that says it is OK to provide your data. You need to create the external user as if they were a real person and then give them a password. After that's done, you re-enter that information on the settings tab. While this is an internal function, remember that it can also be used to log onto the application, so give it a level of complexity that matches that required by your overall application security.

In addition, even if you are not really concerned with true security, please establish one administrative group with an ID and Password that you do not share with everyone. Also set this as the only group that can redesign the application. This is just insurance against future problems such as a disgruntled employee changing all the passwords and locking all of you out of the system.

Now, on to your question. Once you have assigned security id's and passwords to each of your users, they will have to use them to log into your application. Once they do, Sesame will know who they are. If you want to keep it simple (and not really secure) you could assign each person an id and password of their first and last name, respectively.

On your form add a new text field called Changed By and a corresponding date field called On. Program your form On-Form-Change event as follows:

Changed By = @UserId
On = @Date  

That's all it takes to do what you asked for but, now that you have security instituted, here are a few more ideas.

Make certain fields visible only to certain people or groups. In your Form's On-Form-Entry event:

If @Mode()<2        // Adding or Updating records
{
	If @UserId="Bill" or @UserId="Tom"  
// You could also do this by @Group rather than person by person
	{
		// Hide the following form elements
		Visibility(Customer Comment, 0)
		Visibility(Profit, 0)
		Visibility(Another LEName, 0)
	}
	Else     // If it is not these users
	{
		Visibility(Customer Comment, 1)
		Visibility(Profit, 1)
		Visibility(Another LEName, 1)
	}
}

Make records read only for certain groups of people In your Form's On-Form-Entry event:

Var vElements as String
Var vCnt as Int
Var vLoop as Int
Var vName as String
Var vNN as Int		//For Special Read Only Set

//Use On Form Entry to set all elements to Read only (not grey) for low level users
If @mode()=1 and @Group="users" 
{	
	vElements = @StringArrayElementList()
	vCnt = @CountStringArray(vElements)
	vLoop = 0

	While vLoop < vCnt
	{
		vLoop = vLoop + 1
        		vName = @AccessStringArray(vElements, vLoop)
        		SetThisElement(vName)
		vNN = @ElementType(ThisElement)
		If (vNN > 999 and vNN < 1009) 
		{
    			ReadOnly(ThisElement, 2)
		}
	}
	UnSetThisElement()
}

These are just a few of the things you can do once you have added security to your application. Use your imagination and you will find even more.