Dennis,
The owner is MikeV, but it is pasworded as well. You cannot set user MikeV without an error message that prompts for a password. Without the password you have 0 access to the database. NO tables accessible. I will have to do as Razzak suggested and connect as the owner with password and unload all, edit the unload to remove the owner and reload.
As far as security goes, I already had my own login/password in my codes, so each user here had a different security level. Before any code is allowed to run, the usersecurity must match... however that is only when the code is run... some users are smart enough to hit escape during the start process and get access to the tables from the R< This is where the boss wants to have the tables locked from all of us (including me the developer...what a hassle)
Along those lines... when I get things more figured out later (he still wants to protect one table in the database from anyone except him to see) Is there an easier way to grant access to all tables, then just revoke access to that table? I had to write a program that
granted all privileges for (tablename) to (userlist)
one line for each tablename. Is there an easier way... we have 70 tables in the database.
I have read all the help files, and a few of the old books, but found no shortcut.
At 06:18 AM 6/10/2003 -0700, you wrote:
Dan,
If you know the owner name you can do whatever you want.
The key is knowing how the NAME and USER settings work.
Think of USER as "USER PASSWORD" NAME is only an identifier, it does not affect access to tables.
If the DB owner is GEORGE, at the r> you type SET USER GEORGE. You will have total access to the database. When yo are done, SET USER NONE to return to normal.
NONE and PUBLIC are pretty well synonomous. Granting rigths to PUBLIC will let anyone use that right. Granting rights to any other password will only allow access to those rights when the USER is set to that password. If the USER is set to the owner password, all access is allowed.
I have a client that insisted on setting up this kind of security. In the login to the application, each user enters their ID and a USER name is retrieved from a table and set. It is saved in a variable. Then, when my code needs to do something only allowed to the owner, I change USER to the owner, process, and then SET USER &vUserName and all is back to normal.
If one really wanted to make this more secure, all code that does this could be codelock so noone could find out the owner password.
Having security on a database really adds a great deal of complication to the whole app. But, if the boss is paranoid (rightfully so sometimes), one must go there.
Dennis McGrath
--- Dan <[EMAIL PROTECTED]> wrote: > > Ok, > So, If I read this right.... A. = I am right... only the owner can > do the > unload/reload which he doesn't want to do. > and B... sure don't understand B... use the grant option to take > care of > EVERYTHING? > The question was, how do I UNDO giving the onwer total control. He > wants > to lock us all out of one table, but thinks things can continue as > normal. > They can't... now he hea to do my job and maintain the database > (according > to example A) and B does not give ME control of the database. I am > really more confused than I was to begin wtih. I think assigning the > owner > of our company. OWNERship of the database was a mistake. I should > have > left it PUBLIC so I can still maintain the data. > > How do I undo giving him ownership... I tried setting the owner as > public > but get an error message about SQL not working if I do. > > (please forgive any misspellings, I had an accident with my eyest > today and > can't see what I am typing) > > Dan > At 12:15 PM 6/9/2003 -0400, you wrote: > > > >At 12:06 PM 6/9/2003 -0400, Dan Champion wrote: > > > >>Does anyone have some good advice on the topic of Database > Ownership. > >>We just recently took our PUBLIC 'ly owned database, but now the > company > >>owner would like to be able to restrict access to one of the > tables. I Set > >>him as OWNER, and Granted access (table by table) to the users. > Now... > >>unload/reloads can't be done by anyone but the owner? > >>How do we set it back to public till we figure a better way to do > this? > > > >Dan, > > > >A few options: > > > >A. At the R> prompt: > > > >01. CONNECT dbname IDENTIFIED by OwnerPasword > >02. SET NULL -0- > >03. OUTP dbname.UNL > > UNLOAD ALL > > OUTP SCREEN > > > >04 Open dbname.UNL file in RBEDIT or any text editor and then > > change the structure accordingly. > > > >B. > > > >01. CONNECT dbname IDENTIFIED by OwnerPasword and then > > > > Use GRANT option to take care of everything. > > > > For complete details: http://www.RSyntax.com > > > >Hope that helps! > > > >Very Best R:egards, > > > >Razzak. > > >
Dan Champion P.O. Box 223 Grandville, MI. 49428-0223 www.championsolutions.net
