Ken, It probably should have been worded differently, I am only familiar with UV-SQL not Unidata so it may work in Unidata also. In UV Basic programs will adhere to UV-SQL permissions, although from memory I there may be a configuration mechanism for this. Ray, may provide some more insight as it is a long time ago that I helped implement the SQL functionality in UV.
Cheers, Phil -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Tuesday, 31 January 2006 12:01 p.m. To: [email protected] Subject: RE: [U2] SQL and Unidata Updates, Deletions Phil Walker wrote: > In [UV] as opposed to [UD] you can grant SQL SELECT privilege and not > INSERT, UPDATE or DELETE privileges. > > George Smith wrote: > How do you prevent in Unidata someone from using SQL to update (or > delete) your Unidata data while at the same time allow them the ability > to read the data with such tools as Excel and/or Crystal Reports. I'm confused. When you say 'In [UV] as opposed to [UD] you can ...' it suggests that in [UD] you cannot do the same thing, but I can't see anywhere in the documentation that backs this up. I don't have a systm handy on which I can try this and confirm it, but I know that in UniData you need to GRANT SELECT ON <file> TO <user> before they can use SQL queries against the file. If you want to allow only certain fields to be seen you can create views, or if you want certain fields to be updateable and others not, then you can create sub-tables. If all you are trying to do is allow PC tool users to query but not update then life becomes even easier because UniData's schema building tools make the distinction that views are never updateable, while sub-tables are. All you have to do then is build a schema based on views and Excel, etc users will be able to see whatever you allow them to see, but not update anything. If you want to prevent command line SQL users from updating the data, then you'll have to GRANT and REVOKE the appropriate privileges, but remember that 'in [UD] as opposed to [UV]' SQL privileges don't impose constraints on BASIC programs including AE so if users can get to ECL they'll be able to update the data irrespective of your SQL privileges unless the underlying OS permissions are set up to prevent it. Best Regards, Ken ------- u2-users mailing list [email protected] To unsubscribe please visit http://listserver.u2ug.org/ ------- u2-users mailing list [email protected] To unsubscribe please visit http://listserver.u2ug.org/
