ISTech Support Forum

ISTech Support Forum
http://www.istechforum.com/YaBB.pl
Crystal Reports, ODBC & Access >> Crystal Reports General Issues >> creating reports while limiting access
http://www.istechforum.com/YaBB.pl?num=1119026867

Message started by Lenette on 06/17/05 at 08:47:47

Title: creating reports while limiting access
Post by Lenette on 06/17/05 at 08:47:47

I finally got Crystal Reports 10 up and running after all this time. Now I'm faced with security issues.

Can you limit the tables accessed by the CR designer??

Example: Production Employee wants to run various Inventory reports, label layouts, etc. (and maybe wants to give a try at designing some of his own). Can I limit him to just BKICMSTR & MTICMSTR?? Currently he has access to all the other tables with employee info, etc.

Lenette

Title: Re: creating reports while limiting access
Post by aricon on 06/17/05 at 11:24:30

Only with Crystal Enterprise since the Pervasive ODBC functionality does not have security as part of it the way that some do. And with just the report writer there is no table security.

Title: Re: creating reports while limiting access
Post by Danimal on 06/18/05 at 00:26:59

You might say it is more of an ethical than security issue. Anybody with access to the data they need should understand that other things are outside of their responsibility... aka don't stick your nose in others' business.

If you trust your production employees to create reports, you must understand the responsibility that becomes. If the access is beyond your control, then it is a management issue, and create the reports for them by their request. Just speaking as an employee whom "reports" for many. ;)

Title: Re: creating reports while limiting access
Post by Lenette on 06/20/05 at 09:00:29

aricon, thanks all for the info.

Danimal, I do agree with the ethical issue vs. the security issue.

Now I know who can be trianed (in my absence)...

Thanks again, Lenette

Title: Re: creating reports while limiting access
Post by kevind on 06/21/05 at 05:09:38

I enabled security on my ODBC DDF files and then granted only select on non critical files (non payroll and non gl) to PUBLIC.

When you enable security, Pervasive automatically creates a MASTER user with full privileges. This is the user that I use for my financial reports.

I then added one general user. The user I added only has access to the "PUBLIC" privileges since I did not specifically assign any privileges to this user.

The recommended way to setup security, assign users, create views, etc. is to create an SQL script. By doing so, you can apply these same settings if it becomes necessary to re-create the ODBC DDF files by running ODBCDDF.RUN. Re-creating the DDF files deletes all security and stored views.

Having said that, be sure to either move ODBCDDF.RUN, or protect access to this specific file with Operating System Security.

Title: Re: creating reports while limiting access
Post by aricon on 06/21/05 at 07:18:46

Kevin,

SQL script for security huh? VERY interesting. Would you be willing to send me some examples off-line of this and how you implemented it? Thanks!

Title: Re: creating reports while limiting access
Post by Danimal on 06/21/05 at 07:41:57

If you really care to go through the hassle of implementing security on your database, it is all accessible through the Pervasive Control Center. You must enable security on your database by setting a Master user password, then create/modify your users/groups, and change the table security/permissions using the table view of PCC accordingly. I suggest testing this method on the DEMODATA database until you feel comfortable modifying your DBA database.

If you're really k33n you can use the SQL functions GRANT, DENY, REVOKE, etcetera, to set the permissions via command statements. ;)

Title: Re: creating reports while limiting access
Post by aricon on 06/21/05 at 15:33:46

Does the PCC security affect ODBC?

Title: Re: creating reports while limiting access
Post by Danimal on 06/22/05 at 05:11:17

Yes, and there is no need to run any additional programs to recreate the DDF files. As long as your ODBC DSN resides on the computer you will be accessing/creating your reports from, when you enter Crystal Reports and access your database, a prompt for a username and password will appear. As I suggested before, give this a try with your DEMODATA database as you can report from the data within it and experiment with enabling security and setting permissions.