To define database authorizations

Normal users have only restricted authorizations in Tools. The authorizations that a group of users, who are linked to a role in an organization, has for a database, are defined in the database authorizations. They contain a set of sessions that can be used to print, display, maintain, and convert the authorizations for a specific table or table field.

The type of authorizations must also be specified for all database authorizations. For example, read, update, insert, delete, or not authorized. Tools uses this data to determine if a user is authorized to perform database actions on tables or table fields. If no database authorizations are specified for a user, the user has no database permission at all.

You can specify the database authorizations for specific companies, or for all companies. The authorizations for a specific company have the highest priority.

You can specify the database table authorizations at several levels. For example:

  • At company level. Exceptions can be maintained at package, module, table, and table data level.
  • At package level. This is an exception to the company level, and exceptions can be maintained on a module, table, and table data level.
  • At module level. This is an exception to the company and package level, and exceptions can be maintained at table and table data level.
  • At table level. This is an exception to the company, package and module level, and exceptions can be maintained at table data level.
  • At table data level. This is the most specific authorization.

You can also specify the database table field authorizations) at several levels. For example:

  • At form field level. Exceptions can be maintained at form field data level.
  • At form field data level. This is the most specific form field authorization.

The authorization that is stated at the most specific level has the highest priority. For example, the table authorizations per table data, for a specific company. The authorization that is stated at the most global level has the lowest priority. For example, the table authorizations per company for all companies.

You can define conditions and expressions to, for example, limit the authorizations for a form field for a group of users who are linked to the role. Define the expressions in the 表字段数据权限 (ttams3146m000) session, or in the 表数据权限 (ttams3145m000) session.

示例

Expression : ttaad200.user between dwatson and sholmes.

This means that the user cannot access the ttaad200 table for users between dwatson and sholmes.