 |
|
 |
|
|
|
Simply Clarion - A Simple Button Security Template
by Don Reynolds
Published 1997-10-01 Printer-friendly version
Sometimes I have a client who has a rather complex security need. Depending on the security level of the person logging on, a person may be authorized to do one or more of the following:
- Look at the browse only
- Do not insert any new records
- Insert new records
- Do not look at the form associated with the browse (inhibit change)
- Look at the form associated with a browse but don’t change anything.
- Update records using the associated form.
- Do not delete any records
- Delete records
- Use one or more of the other buttons on the screen
- Inhibit use of one or more of the other buttons on the screen
Since the set of approved authorizations varied quite a bit, I wanted to set up a simple way of handling this security.
Security Levels
During the login process, the user enters a name and password. Associated with
an approved password is a security level. I stored this value in a global value,
g:SecLevel. Appropriate values were predefined as:
- Level 1 - Able to leap tall buildings with a single bound…..does the most
- Level 2 - Able to leap small buildings (Does less than 1, but more than 3)
- Level 3 - Runs into buildings…..does the least
Setting up the value of g:SecLevel is outside the scope of this article. But the rest of the article assumes that the value has been set.
Security Message
After putting in several security violation messages, I wrote a template which in essence says the following:
Each security violation calls this one procedure. I built a template to create this procedure so it only needs to exist once in the application.
Button Security
I then wanted a simple button security template which I could put into the embed code. It would use the above predefined security levels and the g:SecLevel value. In the embed point it looks like this:
The Template Set
#TEMPLATE(SMPL0003,'Simple Button Security')
#!---------------------------------------------
#! Security Message Procedure
#!---------------------------------------------
#PROCEDURE(SecMsg,'Security Message Procedure')
#DISPLAY('')
#DISPLAY('This message displays if security is')
#DISPLAY(' inadequate.')
#DISPLAY('')
#LOCALDATA
Loc_Msg String('Option not authorized at your security level')
#ENDLOCALDATA
%Procedure %ProcedureType
#FOR(%LocalData)
%[20]LocalData %LocalDataStatement
#ENDFOR
CODE
IF MESSAGE(Loc_Msg,'Security',Icon:Exclamation,Button:OK,Button:Ok,0).
#!----------------
#! Button security
#!----------------
#CODE(ButtonSecurity,'Regular Button Security')
#DISPLAY('')
#DISPLAY(' This should be embedded in')
#DISPLAY(' Control Event Handling')
#DISPLAY(' Before Generated Code')
#DISPLAY(' ')
#DISPLAY(' This routine uses g:SecLevel')
#DISPLAY(' ')
#PROMPT('Do not execute if Security Level',Option),%LevelCheck
#PROMPT('=3',Radio)
#PROMPT('=2',Radio)
#PROMPT('>1',Radio)
IF g:SecLevel %LevelCheck
SecMsg
CYCLE
END !If
Using the Template Set
- Register the template.
- In the application tree add the SecMsg procedure
- Press the Insert Key
- Enter SecMsg as the name of the new procedure
- Press OK button
- Under the SMPL0003 class, select SecMsg and press the Select Button
- Press OK button
- SecMsg now appears in the application tree
- For each procedure where this security is needed:
- Select the procedure
- Press properties
- Select Window
- For each button which needs security:
- Right-click on the button
- Select Embeds
- Select Control Event Handling, Before Generated Code/Accepted press Insert
- Under class SMPL0003, select Button Security
- Fill in the appropriate radio button for the security level needed.
- Press OK
- Compile and run
Summary
Use of the above two template sets allows a simple button security to be implemented very quickly. Its simplicity creates an ease of communication with the end user in determining who should do what. Making appropriate modifications to the templates could create even more complex security scenarios.
Copyright © 1999-2008 by CoveComm Inc. All Rights Reserved. Reproduction in any form without the express written consent of CoveComm Inc., except as described in the subscription agreement, is prohibited.
Clarion Magazine ISSN 1718-9942
Search
Related Articles
- » Template Writing Made Easy
- » Cloning List Boxes Part 1
- » Cloning List Boxes Part 2
- » Template Writing Made Easier: The Template Wizatron
- » An Introduction To Writing Templates: Part 1
- » An Introduction To Writing Templates: Part 2
- » A Template for Preserving Procedure Variables
- » Creating #AT Statements The Easy Way
- » Finding A File Using Template Code
- » Date Checking, Time Stamping
- » Using KEYSTATE For Backdoors And Other Tricks
- » Clarion/ASP Review Part 1
- » Class Wrapper Templates The Easy Way
- » Understanding Template Symbols
- » A Tool For Understanding Template Symbols
- » A Template For Exporting Classes
- » Finding Source With Enhanced Templates
- » A C6 Tagging Class Template Wrapper
- » A C6 Tagging Class Template Wrapper
- » A Simple Versions And Annotations Template
- » Understanding Clarion Templates, Part 3: Introducing Code Templates
- » Understanding Clarion Templates Part 4: Writing Code Templates
- » Cryptography and Clarion: Using the MSCrypto API
- » Understanding Clarion Templates Part 5: Enhancing Code Templates
- » Cryptography and Clarion: Using the MSCrypto API Part 2
- » Generating A Unique Registration Code
- » Understanding Clarion Templates Part 6: Using #GROUPs
- » Speeding Development With Defaults And Small Templates
- » Modifying The Frame Background - A 10 Minute Template
- » Modifying The Frame Background - A 10 Minute Template, Part 2
- » A Template Debugger
- » Signing Your Applications, Part 1
- » Signing Your Applications, Part 2
- » Signing Your Applications: New Challenges
- » Querying ActiveDirectory In Clarion
- » The Joys of Reusable Code - Maintaining your own Function Library
- » Templates 101 - It's About Time
- » DAS_Security - Tinman Development Corporation
- » Product Shootout - Security Systems for Clarion for Windows
- » Conditional Browse Formats
- » Better Ellipsis Buttons
- » "Cancel that Selection!" - Global and Local Templates Interact
- » Simply Clarion - A Simple Yes/No Template
- » Simply Clarion - Converting Simple Templates to ABC: Part 1
- » Hand Coded View Templates in C4+ABC
- » "Tab Popup" Template
- » Simply Clarion - A Simple Template Conversion to ABC
- » #SUSPENDing Disbelief - Conditional Code Generation With EMBEDS
- » Protecting Your Application - The Overview
- » Protecting Your Applications - The Tools
- » Quicken Hotkeys For Your Date Fields
One year: $184
(includes all back issues since '99)
Renewals from $134
Two years: $274
Renewals from $224
ClarionMag Blog
- » More Clarion# on tap for May
- » Latest Clarion beta adds generics and other goodies
- » Delayed news items...
- » I'm a hero!
- » Template Language Functions
RSS Feeds
Updates via Email
Quick Links
- » HOME
- » Subscribe/Renew
- » E-Books
- » Printed Books
- » Free Articles
- » All Content
- » Reader Comments
- » Download PDFs
- » News
- » Blog
- » Download Files
- » Free Membership
- » Log In Now
- » Log In Help
- » Advertise
- » Write For ClarionMag
- » FAQ (Frequently Asked Questions)
- » Privacy
- » Contact