Re: 4D Authentication Strategy...

2018-11-14 Thread Robert ListMail via 4D_Tech
Hi Hilsen, thanks for your input.

So, if you are storing users in user tables, couldn’t that be used to restore a 
new structure? When you say you are storing lists outside of the DB you lose 
me.  With your strategy, is the structure or the data file the authority? Are 
you using your own custom dialog for all authentication?

Thanks,

Robert

> On Nov 9, 2018, at 2:00 AM, 4dialog via 4D_Tech <4d_tech@lists.4d.com> wrote:
> 
> I always use both, 4d user and user tables to add info about the user. 4D
> user has a uniq id, so its easy to add records about any user. When updating
> versions on the server, i just sends the 4D users to a list that can be
> stored outside or in the dbase and replace them after startup of server.

**
4D Internet Users Group (4D iNUG)
Archive:  http://lists.4d.com/archives.html
Options: https://lists.4d.com/mailman/options/4d_tech
Unsub:  mailto:4d_tech-unsubscr...@lists.4d.com
**

Re: activating default user

2018-11-14 Thread Robert ListMail via 4D_Tech
HI Kirk, thanks for taking the time to weigh-in on this… I’m in need of some 
clarification, see below:

> I include a field in the [Users] table for the database id and database
> name. The significance of that value depends on the rules you set up for
> yourself.

I assume that these are arbitrary values….  How might you use this ID 
(Integer?) and the Database Name? I’m assuming that the scope is limited to 
this single database.
 
> 1) You could say the 4D structure is the authority in which case if the
> structure doesn't, or no longer, has that user's db id in it that [user] is
> inactive and I'd clear the db id field.

Are you looking for a [User]DB_ID in the structure? Clearing an ID from the 
structure? Okay, I think I understand now… Since the structure is the 
“authority” in this case I’m thinking you are using the 4D dialog and allow the 
user to login… you GET USER LIST then lookup the user_ID via user_name that was 
retrieved from Current User and then see if the user is in the [user] table? 
However, the more I think about it, I bet your perspective is coming from a 
custom dialog… where the [user] table could be used first and that the 4D users 
could still be the authority…

> 2) Or you can take the other approach and say that every 'active' [user]
> will have a 4D login and create any that are missing.

Okay, that makes sense…

> With #1 you can limit who can create users to who can get to EDIT USERS.

WHAT?!? :)  Please clarify what you mean here.

> It's easy to… update the 4D user id…

What do you mean by update the 4D user ID here...

> The tricky part about creating 4D users is keeping out of the password
> business. Part of my goal was to not have to manage passwords. I want users
> to be responsible for that. But you still need some control. Plus when you
> create a user you have to assign a password. My solution is to have a temp
> password field in [users]. If a user has their password reset by admin, for
> whatever reason, a temp password is assigned to the 4D user and saved in
> the [user] record. My rule is 'the next time you log in with the temp
> password you have to change it.’

Great Idea!  With this current DB the Admin is managing users and passwords via 
“Edit Access”. Only about 10 users but I suppose the Admin knows everyone’s PW. 

> This is where USERS TO BLOB and BLOB TO USERS comes in. These
> commands preserve the 4D user passwords. To allow me to update the
> structure I save the users with USERS TO BLOB every time the server shuts
> down. And then every time is starts up I look for the user blob and call
> BLOB TO USERS.

So in this case where you USERS TO BLOB and BLOB TO USERS, is the 4D structure 
the authority? How was it originally populated?  I can see it starting from 
[users] that updated 4D or where the Admin created a bunch of users that got 
synced to [users] or where no users table was used at all since it could be 
maintained in 4D if you needed no additional user info stored and if you were 
not using your password reset feature.

I very much appreciate your detailed post—for some reason I’m having trouble 
getting full clarity. 

Thanks,

Robert


**
4D Internet Users Group (4D iNUG)
Archive:  http://lists.4d.com/archives.html
Options: https://lists.4d.com/mailman/options/4d_tech
Unsub:  mailto:4d_tech-unsubscr...@lists.4d.com
**

V15 and SQL

2018-11-14 Thread Robert McKeever via 4D_Tech
a 4D server (Mac) is receiving new records in a table via SQL. That is fine 
EXCEPT that 

 ((Trigger event=On Saving New Record Event) | (Trigger event=On Saving 
Existing Record Event))

never triggers. I need this to happen so other related tables can be updated 
accordingly. Any suggestions?

_
Bob McKeever  http://www.mswl.com 
McKeever's Software Wizardry
Port Coquitlam, B.C.
bobmckee...@mac.com




**
4D Internet Users Group (4D iNUG)
Archive:  http://lists.4d.com/archives.html
Options: https://lists.4d.com/mailman/options/4d_tech
Unsub:  mailto:4d_tech-unsubscr...@lists.4d.com
**

Re: activating default user

2018-11-14 Thread Kirk Brooks via 4D_Tech
Robert,
I include a field in the [Users] table for the database id and database
name. The significance of that value depends on the rules you set up for
yourself.

1) You could say the 4D structure is the authority in which case if the
structure doesn't, or no longer, has that user's db id in it that [user] is
inactive and I'd clear the db id field. And if there is no [user] for a 4D
user I'd add a record.

2) Or you can take the other approach and say that every 'active' [user]
will have a 4D login and create any that are missing.

With #1 you can limit who can create users to who can get to EDIT USERS.
It's easy to create [users] as you need or update the 4D user id but not
easy to link up the 4D user with [users] if they are created already.
I prefer #2. But either way works depending on what you need to do.

The tricky part about creating 4D users is keeping out of the password
business. Part of my goal was to not have to manage passwords. I want users
to be responsible for that. But you still need some control. Plus when you
create a user you have to assign a password. My solution is to have a temp
password field in [users]. If a user has their password reset by admin, for
whatever reason, a temp password is assigned to the 4D user and saved in
the [user] record. My rule is 'the next time you log in with the temp
password you have to change it.'

You can see if this password was used when the user logs in with VALIDATE
PASSWORD using that password. If it validates it means they used it and you
can prompt them to changed it.

What you can't do is get the password from the 4D user. So while you can
create 4D users easily you blow out the old passwords if you update the
structure. This is where USERS TO BLOB and BLOB TO USERS comes in. These
commands preserve the 4D user passwords. To allow me to update the
structure I save the users with USERS TO BLOB every time the server shuts
down. And then every time is starts up I look for the user blob and call
BLOB TO USERS.

This is great if you have a number of installations with their own users
but you need to update the structure.


On Wed, Nov 14, 2018 at 11:36 AM Robert ListMail via 4D_Tech <
4d_tech@lists.4d.com> wrote:

> Kirk, what was your method of keeping use rand 4d recs in sync?
>
> Thanks,
>
> R
>
> > On Sep 2, 2016, at 10:52 AM, Kirk Brooks  wrote:
> >
> > You have to explicitly
> > offer some way to log in as a different 4D user or, as I eventually did,
> > tie my user records to a 4D user.
>
> **
> 4D Internet Users Group (4D iNUG)
> Archive:  http://lists.4d.com/archives.html
> Options: https://lists.4d.com/mailman/options/4d_tech
> Unsub:  mailto:4d_tech-unsubscr...@lists.4d.com
> **



-- 
Kirk Brooks
San Francisco, CA
===

*We go vote - they go home*
**
4D Internet Users Group (4D iNUG)
Archive:  http://lists.4d.com/archives.html
Options: https://lists.4d.com/mailman/options/4d_tech
Unsub:  mailto:4d_tech-unsubscr...@lists.4d.com
**

RE: Can Designer Groups Be Deleted?

2018-11-14 Thread Tai Bui via 4D_Tech
Hi,

http://doc.4d.com/4Dv17R2/4D/17-R2.1720/Managing-users-and-groups.300-3839424.en.html

Under "Creating and configuring access groups"
"Keep in mind that once a group has been created, it cannot be deleted. If you 
want to deactivate a group, you just need to remove any users it contains."

Best Regards,
Tai B.




-Original Message-
From: 4D_Tech <4d_tech-boun...@lists.4d.com> On Behalf Of Robert ListMail via 
4D_Tech
Sent: Wednesday, November 14, 2018 2:24 PM
To: 4D iNug Tech <4d_tech@lists.4d.com>
Cc: Robert ListMail 
Subject: Can Designer Groups Be Deleted?

Is there a way to delete Designer groups in 4D?

Thanks,

Robert


**
4D Internet Users Group (4D iNUG)
Archive:  http://lists.4d.com/archives.html
Options: https://lists.4d.com/mailman/options/4d_tech
Unsub:  mailto:4d_tech-unsubscr...@lists.4d.com
**
**
4D Internet Users Group (4D iNUG)
Archive:  http://lists.4d.com/archives.html
Options: https://lists.4d.com/mailman/options/4d_tech
Unsub:  mailto:4d_tech-unsubscr...@lists.4d.com
**

Can Designer Groups Be Deleted?

2018-11-14 Thread Robert ListMail via 4D_Tech
Is there a way to delete Designer groups in 4D?

Thanks,

Robert


**
4D Internet Users Group (4D iNUG)
Archive:  http://lists.4d.com/archives.html
Options: https://lists.4d.com/mailman/options/4d_tech
Unsub:  mailto:4d_tech-unsubscr...@lists.4d.com
**

Re: 4D Authentication Strategy...

2018-11-14 Thread Robert ListMail via 4D_Tech
Thanks Jim, for the database I’m working on I might be able to get by with a 
couple of checkboxes that represent groups and not really have a groups table. 
I’m planning to have all of the database users in a users table and to 
authenticate against that and to also verify that there is a matching 4D user 
in the structure and to automatically create one if necessary. BTW: the main 
benefits of having the users in the table is that I need to record a user ID to 
certain records that have been created and I need user initials and when new 
structure is delivered the credentials are all in place. Oh, and if I decide to 
implement SSO I already have a Windows_ID field ready to go. So, I’m trying to 
keep it simple. I’ve never tried to do to this way, I call it a hybrid approach 
since it uses table and structure based resources. Any ideas on ways to keep it 
simple are appreciated.

Robert

> On Nov 14, 2018, at 3:39 PM, Jim Labos - infobase via 4D_Tech 
> <4d_tech@lists.4d.com> wrote:
> 
> We roll our own mostly. Using a list of available "action". Each user then
> either has or has not permission for the "action". 

**
4D Internet Users Group (4D iNUG)
Archive:  http://lists.4d.com/archives.html
Options: https://lists.4d.com/mailman/options/4d_tech
Unsub:  mailto:4d_tech-unsubscr...@lists.4d.com
**

Re: activating default user

2018-11-14 Thread Dani Beaubien via 4D_Tech
Sigh, there is a hard limit of 15k admin users in the 4D User system. I am 
working with systems that have more than that # of users. Going to have to come 
up with a different approach. Thinking about having a smaller set of 4D User 
setup that I recycle and link them up to the users in the database when they 
log in. Essentially tie them to the user’s login session. That would keep the # 
of 4D Users down to a reasonable level.

I have enjoyed this topic. Been giving me things to think about.

Dani Beaubien
Open Road Development


> On Nov 14, 2018, at 12:36 PM, Robert ListMail via 4D_Tech 
> <4d_tech@lists.4d.com> wrote:
> 
> Kirk, what was your method of keeping use rand 4d recs in sync?
> 
> Thanks,
> 
> R
> 
>> On Sep 2, 2016, at 10:52 AM, Kirk Brooks  wrote:
>> 
>> You have to explicitly
>> offer some way to log in as a different 4D user or, as I eventually did,
>> tie my user records to a 4D user.
> 
> **
> 4D Internet Users Group (4D iNUG)
> Archive:  http://lists.4d.com/archives.html
> Options: https://lists.4d.com/mailman/options/4d_tech
> Unsub:  mailto:4d_tech-unsubscr...@lists.4d.com
> **

**
4D Internet Users Group (4D iNUG)
Archive:  http://lists.4d.com/archives.html
Options: https://lists.4d.com/mailman/options/4d_tech
Unsub:  mailto:4d_tech-unsubscr...@lists.4d.com
**

Re: activating default user

2018-11-14 Thread Robert ListMail via 4D_Tech
Kirk, what was your method of keeping use rand 4d recs in sync?

Thanks,

R

> On Sep 2, 2016, at 10:52 AM, Kirk Brooks  wrote:
> 
> You have to explicitly
> offer some way to log in as a different 4D user or, as I eventually did,
> tie my user records to a 4D user.

**
4D Internet Users Group (4D iNUG)
Archive:  http://lists.4d.com/archives.html
Options: https://lists.4d.com/mailman/options/4d_tech
Unsub:  mailto:4d_tech-unsubscr...@lists.4d.com
**

Re: 4D Authentication Strategy...

2018-11-14 Thread Robert ListMail via 4D_Tech
Tim, I just toggled on the checkbox on the server that activates this feature 
but I’ve not implemented the code just yet….  So, how do you specify that you 
are logging in with the local 4D password instead of SSO? Modifier keys? Hidden 
Menu? Also, I’m not sure when the SSO login is in effect. Once the SSO code is 
in effect will you lock yourself out if the authentication server is down or 
you are developing on a different network without AD services?

Thanks,

Robert

> On Nov 9, 2018, at 9:08 AM, Tim Nevels via 4D_Tech <4d_tech@lists.4d.com> 
> wrote:
> 
> I do still have a password field in my [Users] table and a special way that I 
> can log in to the database as any [Users] record using that password. But 
> that’s only for me and the IT administrator when we need to do testing of 
> permissions or privileges in the database as another user. 

**
4D Internet Users Group (4D iNUG)
Archive:  http://lists.4d.com/archives.html
Options: https://lists.4d.com/mailman/options/4d_tech
Unsub:  mailto:4d_tech-unsubscr...@lists.4d.com
**

Re: 4D Authentication Strategy...

2018-11-14 Thread Robert ListMail via 4D_Tech
Supercool Tim!

BTW: did you have a way of testing this in your office?  Right now I’m thinking 
that when I’m connected to the client VPN I’d have access to that Windows 
server for authentication.

Thanks,

Robert

> On Nov 9, 2018, at 9:08 AM, Tim Nevels via 4D_Tech <4d_tech@lists.4d.com> 
> wrote:
> 
> This is going to be my standard, default way of letting users connect to 4D 
> Server on pure Windows environments. Totally eliminates the need to save 
> passwords in the 4D data file. No need to implement a change password” 
> feature in your database. No need for a “login” dialog box for the average 
> user. 

**
4D Internet Users Group (4D iNUG)
Archive:  http://lists.4d.com/archives.html
Options: https://lists.4d.com/mailman/options/4d_tech
Unsub:  mailto:4d_tech-unsubscr...@lists.4d.com
**

Re: Mojave, dark mode and v17

2018-11-14 Thread Jeremy Roussak via 4D_Tech
Yes, you can set up colours for dark mode in the editor. Dark mode doesn’t 
affect the application windows, though. I expect they too can be faked, but 
these are things that an application which is configured to run under Mojave 
should do automatically when the appearance mode is changed.

Maybe v18.

Jeremy


> On 13 Nov 2018, at 20:49, Jim Medlen via 4D_Tech <4d_tech@lists.4d.com> wrote:
> 
> 
> 
> I went through the 4D preferences for Methods Styles and colors and set up a 
> Dark Theme set of colors.
> 
> The only thing is that 4D does not allow me to change the Highlight color, so 
> the system applies a light colored highlight to light text on a black 
> background unless I go to System preferences and change the highlight color.
> 
>> I’m slightly surprised there’s been no response to this from anyone at 4D. 
>> Dark mode is a pleasant environment in which to write code and it’s curious 
>> that 4D seems not to support it.
>> 
>> Jeremy
>> 
> 
> On 6 Nov 2018, at 0
**
4D Internet Users Group (4D iNUG)
Archive:  http://lists.4d.com/archives.html
Options: https://lists.4d.com/mailman/options/4d_tech
Unsub:  mailto:4d_tech-unsubscr...@lists.4d.com
**

Re: What is the "REST" process for?

2018-11-14 Thread John DeSoi via 4D_Tech
I'm not seeing what ACI0098723 has to do with this issue. I'm not doing 
anything here with ORDA.

After some further testing I discovered the issue is related to saving records 
on tables with triggers enabled in a preemptive process. If I disable all the 
triggers, no REST process shows up. Also a big difference in performance. In a 
one minute test, I could create 55,000 more records with the trigger disabled. 
All the trigger does is set a timestamp value.

John DeSoi, Ph.D.


> On Nov 13, 2018, at 9:38 PM, Keisuke Miyako via 4D_Tech 
> <4d_tech@lists.4d.com> wrote:
> 
> search for ACI0098723 on
> 
> https://bugs.4d.fr/fixedbugslist?branch=17_R3
> 
> I think it is the same issue.

**
4D Internet Users Group (4D iNUG)
Archive:  http://lists.4d.com/archives.html
Options: https://lists.4d.com/mailman/options/4d_tech
Unsub:  mailto:4d_tech-unsubscr...@lists.4d.com
**

Re: What is the "REST" process for?

2018-11-14 Thread Nils Kollandsrud via 4D_Tech
I've had the same issue with 4D v16R6 after starting preemptive threads and
I asked about it on forums.4d.fr without any response.
I've now tested with the latest 4D v17R3 build and the issue is still there.

-- 
Nils Kollandsrud
**
4D Internet Users Group (4D iNUG)
Archive:  http://lists.4d.com/archives.html
Options: https://lists.4d.com/mailman/options/4d_tech
Unsub:  mailto:4d_tech-unsubscr...@lists.4d.com
**