Operations Registry entry
Assign permissions to users / groups on a per table basis.
Usage
This Registry entry can be assigned to users and groups:
Key | User | User | Group | Group | Group | Group |
---|---|---|---|---|---|---|
Key 1 | User
|
User
|
Group
|
Group
|
Group
|
Group
|
Key 2 | user | user | group | group | Default
|
Default
|
Key 3 | Table
|
Table
|
Table
|
Table
|
Table
|
Table
|
Key 4 | table | Default
|
table | Default
|
table | Default
|
Key 5 | Operations
|
|||||
Value | priv;priv;... |
User
|
user | Table
|
table | Operations
|
priv;priv;... |
User
|
user | Table
|
Default
|
Operations
|
priv;priv;... |
Group
|
group | Table
|
table | Operations
|
priv;priv;... |
Group
|
group | Table
|
Default
|
Operations
|
priv;priv;... |
Group
|
Default
|
Table
|
table | Operations
|
priv;priv;... |
Group
|
Default
|
Table
|
Default
|
Operations
|
priv;priv;... |
where:
priv;priv;... | is a semicolon separated list of permissions: | |||||||||||||||||||||||||||||||||||||||||||
|
Tip:
Think of da
as "define access".
The Operations and Table Access Registry entries work hand in hand: the Table Access Registry entry determines which tables (modules) a user / group is permitted to access; the Operations Registry entry then determines what actions the user / group is permitted to perform on records in the table.
Note: There must be an Operations Registry entry for each table to which the user / group has been granted access through the Table Access Registry entry.
Examples
This entry specifies permissions for the Admin group on all modules:
Key | Setting |
---|---|
Key 1 | Group
|
Key 2 | Admin
|
Key 3 | Table
|
Key 4 | Default
|
Key 5 | Operations
|
Value | daQuery
|
Note:
If the permissions are the same for all tables, enter Default
in Key 4 instead of the name of a table. This will reduce the amount of Registry entries required for a group.
The Volunteers group are only allowed to search, view and edit Parties records:
Key | Setting |
---|---|
Key 1 | Group
|
Key 2 | Volunteers |
Key 3 | Table
|
Key 4 | eparties
|
Key 5 | Operations
|
Value | daDisplay
|
Note: If daEdit privilege is not provided, all fields in records returned by a search will be read-only (they will appear grayed out). To restrict users to editing only certain fields, provide them with the daEdit privilege and use the Column Access Registry entry to restrict access to required fields.