Configuration Key
Configuration keys allow administrators to enable or disable features in the application for all users. Disabling an unneeded feature helps to minimize the attack surface against potential attacks.
Configuration keys allow administrators to enable or disable features in the application for all users. Disabling an unneeded feature helps to minimize the attack surface against potential attacks.
- Many types of AOT elements are controlled by a configuration key. These elements have a property that is named Configuration Key. If the property value is empty, the element is not controlled by a configuration key.To apply a configuration key, set the Configuration Key property of the element to the name of a configuration key.
Create a Configuration Key
- Expand the Data Dictionary node in the AOT.
- Right-click the Configuration Keys node, and then select New Configuration Key.
- Right-click the configuration key object, and then click Properties.
- Rename the configuration key by modifying the Name property.
- Right-click the object, and then click Create on the shortcut menu.
- Right-click the object, and then click Save on the shortcut menu.
- Right-click the object again, and then click Check In.
- A field or table can be disabled by manipulation of a configuration key. When a configuration key is turned off, a set of tables becomes disabled. However, the data remains in the disabled tables. Later, if the configuration key is turned back on, the tables become re enabled and their data becomes available again.
The AOS Authorization table property enables you to specify which data access operations must undergo user permission checking
- None
- CreateDelete
- UpdateDelete
- CreateUpdateDelete
- CreateReadUpdateDelete
Suppose AOSAuthorization is set to CreateDelete on a given table. In this case, create and delete operations would be allowed to execute only if the Application Object Server (AOS) can confirm that the user has the appropriate permissions. Update and read operations would execute without checking user permissions, because they are not mentioned in the chosen AOSAuthorizationvalue.
Table Methods
The permission checking is performed by the AOS. The AOS is called to perform this checking by the following table methods:
- aosValidateDelete
- aosValidateInsert
- aosValidateRead
- aosValidateUpdate
Security Key(2009)
Security keys allow administrators to set security on a user group level. Minimizing access on a user group level helps to reduce the attack surface against potential attacks.
The main reasons to apply user-level security are to:
- Allow users to do only their designated tasks.
- Protect sensitive data in the database.
- Prevent users from inadvertently breaking an application by changing code or objects on which the application depends.
You need to apply a security key to:
- Tables
- Views
- Menus
- Menu items
- Form controls
- Report controls
Within a security profile, you can assign permissions that define access to Menu items, Form controls, Tables and Fields.
There are five available access levels:
- - Completely restricts access to that item and any sub-items it controls. The Open command is disabled. Also, the node is not displayed in the Application Object Tree (AOT).
- access - Members of the user group are allowed to view the item, but not use it. The Save, Compile, Lock and Unlockcommands are disabled.
- access - Members of the user group are allowed to view and use the item. The New, Duplicate and Rename commands are disabled.
- access - Members of the user group are allowed to view and use, as well as add new items. The Delete command is disabled.
- - Members of the user group have full access and consequently no commands are disabled. Additionally, members can provide additional rights in special cases.
No comments:
Post a Comment