Let's say I have a multi-user app on a network server. Are there easy answers to the following questions?

- Can one set up one of the users of the app as read-only?

- Can one set up one of the workstations to have read-only access to the app?

I apologize if this is well documented somewhere. Please just point me in the right direction.

Thanks,

- Oystein -

Can a "user" of an app be read-only???

Can the "workstation" be read-only???

Can you explain what you want to acomplish? What you should consider is to put in your own functionality to see what user is currently using the app and depending on who that user is, grant or deny them the rights you want. (IE Write, delete, etc…)

Hughie,

Thanks for replying. I guess I wasn't very precise. But again I (my clients) might want a lot of different things.

* Old app *

What I have is this app that is already written and I cannot put much more effort in. It is a system for storing information about artefacts of cultural and social history, historical photographs and similar. It is mostly used at small museums. There are no real security features in the application. There should have been, but there was never time to develop them; other features were more important. Now some of my clients who run multi-user systems want to bar particular users, or particular workstations, from changing the data. So I am looking for an easy way to achieve that, without having to reprogram and redesign. Not much, at least.

Can it e.g be done totally outside OpenInsight and the app, at the network level, by setting access rights to certain folders to read-only? Or will there be problems with e.g temporary files?

* New app *

But I am also developing a new app, that will eventually take over from the old app, so I might have a new opportunity to do it like you suggest. I'll be thankful for any thoughts, even if I realize I have to supply more details about the app for you to respond properly.

* Copy *

With the old app, what some clients have done so far is letting the "read-only users" access a separate copy of the data, taken at regular intervals. Those users can of course change data, but not the base data since they work on a copy. And I know one can use the Revparam file to make an app read-only, so I can help these clients make the separate system real read-only if they need to. But of course it is still off-line from the original database.

Some clients actually prefer that, for at least two reasons. Firstly, their data often have to go through revisions before they are ready to be presented to others. Secondly, some of the data might be sensitive, so they want to limit the copy to a subset of the original. I have made a tool for exporting subsets of a database as, or to, a different database.

But some clients would rather have all their data immediately accessible. Even if in the world of museums and historical photo collections "immediately" might not mean more than "once or twice a day", I'd have to develop a more automatic process to copy new/changed rows from the original to the copy. The current export tool is "manually operated". I'm open to suggestions for an automatic process.

* Web *

I will soon develop web access to the database, and that will be read-only. But my thoughts so far is again to let web access be to a copy of the database, a severely simplified copy even, with the original's handful of tables for user data and a dozen other tables flattened into one single table. The web solution will satisfy "naive" users like the public, but perhaps not professional users.

- Oystein -

What we did in AREV was pretty simple. I'm not sure whether

it will work in OI:

SUBROUTINE READ_ONLY

OK_TO_LOCK=0

* use whatever conditional logic you need:

@STATION for Workstation address

@USERNAME for Logged in user

set OK_TO_LOCK=1

* we used the AREV COMMON element SRC.FILE which

* contains the file handle used by the

IF OK_TO_LOCK THEN LOCK SRC.FILE,@ID

RETURN

* we used similar logic in menus to prevent unauthorized

process execution. it turned out that if @ANS was set

to 0, then the next element in a menu chain won't execute

Maybe similar logic will work for you

This code was hooked as a Post Read process.

View this thread on the Works forum...