My client/server application has an OpenEdge RDBMS back end and a CHUI ABL front end. I am experimenting with being able to configure a client session such that that client only has permission to query the database, not add/update/delete. I am hoping to be able to do this with session configuration changes rather than code changes. I want to see what happens when the user tries to perform, say, an update; would the program throw an error or would the session handle it gracefully?
In reading the docs it looked to me like the -rq client startup parameter was exactly what I was looking for, but when I tried it with prowin32 I got the error "This client is not licensed to use the startup parameter -rq. (4395)." According to Progress support that parameter is for use with Progress Query/Results, not an ABL client.
Has anyone done this? Is there a way to accomplish this without adding custom query-only-mode code to my app? Thanks in advance.
Maybe you can use the -RO parameter.
Hi Peter,
Thanks for your prompt response. I am not sure if -RO fits my scenario. The docs say "Note: Do not run servers for a read-only database. OpenEdge does not support servers for read-only users." and "a read-only user opens the database file...", so it sounds to me as if this parameter is for shared-memory sessions on the DB server as opposed to remote clients connecting via TCP. Am I misinterpreting the documentation?
Thanks,
Rob
Just as a follow-up, I tried starting a remote client with -RO and was able to do updates as well as queries in an editor. Given that result I didn't try running the client app, as I'm sure it would behave the same. I guess the client isn't able to tell the server via TCP that it wants to be read-only. So I'm still looking for a solution.
The ABL has compile time security for database tables (only).
It should be sufficient to enable security and revoke update and delete for all tables to those reporting users. They will still be able to modify data in precompiled R-Code, give that the user that is compiling has sufficient privileges.
sit_robf wrote:
Just as a follow-up, I tried starting a remote client with -RO and was able to do updates as well as queries in an editor. Given that result I didn't try running the client app, as I'm sure it would behave the same. I guess the client isn't able to tell the server via TCP that it wants to be read-only. So I'm still looking for a solution.
You don't say what version of Progress you are using, but I would be extremely surprised if -RO did not work (it works with the editor in 10.2B). Keep in mind that -RO is a database connection parameter, not a session parameter, so needs to be specified for each DB connection.