Solved

DATABASE SECURITY

Posted on 2000-03-31
12
206 Views
Last Modified: 2010-04-04
I NEED TO ADD SOME PASSWORD TO A DATABASE TABLE AND CHANGE THE FIELDS RIGHTS USING DELPHI IN CODE, NOT THE DATABASE EXPLORER

 NEED CODE, NOT SOME WEB PAGES LINKS OR BLA BLA
 
        500
0
Comment
Question by:VictorZ
  • 2
  • 2
  • 2
  • +6
12 Comments
 
LVL 3

Expert Comment

by:darinw
ID: 2673761
Monitoring question.

darinw
Customer Service
0
 
LVL 27

Expert Comment

by:kretzschmar
ID: 2673820
also monitoring . . .
0
 

Expert Comment

by:SuperSy
ID: 2673935
Me too.
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 
LVL 13

Expert Comment

by:Epsylon
ID: 2673936
Ok, here we go again   :o)


Don't know how to add password but if your database supports it you can use 'GRANT' and 'REVOKE' to set privileges:


grant <privilege[,privilege,...]>
   on <rel1>[,...<reln>]
   to [public | group <group> | <username>]

privilege is {ALL | SELECT | INSERT | UPDATE | DELETE | RULE }


Example

grant insert
   on mytab
   to public



revoke <privilege[,privilege,...]>
   on <rel1>[,...<reln>]
   from [public | group <group> | <username>]

privilege is {ALL | SELECT | INSERT | UPDATE | DELETE | RULE }


Examples

revoke insert
   on mytab
   from public
0
 

Expert Comment

by:perkley
ID: 2674148
Listening also
0
 
LVL 9

Expert Comment

by:ITugay
ID: 2675697
I'm trying to answer.

Hi Victor,
You ask it again? You miss my answer?

This is working sample how to change Paradox password for table using Delphi in code not Database Explorer.

---------------------
procedure TForm1.SpeedButton1Click(Sender: TObject);
begin
    Session.AddPassword('OLD_PASSWORD');
    Table1.Close;
    Table1.Exclusive:=true;
    Table1.Open;
    AddMasterPassword(Table1,'NEW_PASSWORD');
end;


The code bellow is from Delphi help.
-----------------
procedure AddMasterPassword(Table: TTable; pswd: string);

const
  RESTRUCTURE_TRUE = WordBool(1);
var
  TblDesc: CRTblDesc;
  hDb: hDBIDb;
begin
  { Make sure that the table is opened and is exclusive }
  if not Table.Active or not Table.Exclusive then
    raise EDatabaseError.Create('Table must be opened in exclusive ' +
      'mode to add passwords');
  { Initialize the table descriptor }
  FillChar(TblDesc, SizeOf(CRTblDesc), #0);
  with TblDesc do begin

    { Place the table name in descriptor }
    StrPCopy(szTblName, Table.TableName);
    { Place the table type in descriptor }
    StrCopy(szTblType, szPARADOX);
    { Master Password, Password }
    StrPCopy(szPassword, pswd);
    { Set bProtected to True }
    bProtected := RESTRUCTURE_TRUE;
  end;
  { Get the database handle from the cursor handle }
  Check(DbiGetObjFromObj(hDBIObj(Table.Handle), objDATABASE, hDBIObj(hDb)));
  { Close the table }
  Table.Close;

  { Add the master password to the Paradox table }
  Check(DbiDoRestructure(hDb, 1, @TblDesc, nil, nil, nil, False));
  { Add the new password to the session }
  Session.AddPassword(pswd);
  { Re-Open the table }
  Table.Open;
end;

-------
Igor

PS: what's wrong? why lot of people monitoring this question?

0
 
LVL 1

Expert Comment

by:flooder
ID: 2676405
Monitoring as well.
0
 
LVL 2

Expert Comment

by:mullet_attack
ID: 2685925
me too
0
 
LVL 13

Expert Comment

by:Epsylon
ID: 2713414
I'm getting cold....
0
 
LVL 4

Accepted Solution

by:
SurferJoe earned 500 total points
ID: 2728947
1) Create a security database with a field for each database or form needing protection and a record for each user or workstation.

2) Define field values that reflect the desired level of protection.

3) When the form or application loads find the user or workstation name in the registry.

4) Match the user/workstation name with the values in the security database.

5) Then set access attributes accordingly.

In my application we use values from 1-99 so future categories can be added.
Presently;

0-25 = no access, form access buttons are grayed out.
26-50= Read Only, some fields may not be visible.
51-75= Read and write some fields.
75-90= Full control accept administrative writes.
91-99= The boss/administrator.

When any form "beginning" with the main form is loaded loop through a multi dimensional array containing a list of components that need protection and their cutoff values, set visibility, read only or other properties based on the value in the security table for that user or workstation.

This method negates the need to have the user enter a password after the system is booted.

I have centralized all of the validation code to one unit for easy of maintenance, and provided a form for the Network admin to add or modify users. New users can be added with default settings depending on where they are in the food chain "Levels 1-5".

May sound like a lot of work, the result is tight as a drum and the boss loves it.


0
 
LVL 4

Expert Comment

by:SurferJoe
ID: 2728953
If you get past the Bla Bla Bla and need help with aspects of coding this solution let me know.
0
 
LVL 1

Expert Comment

by:flooder
ID: 2729590
Its a lot of work but it looks like a very workable alternative and the advantage is it is db-independant.
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article explains how to create forms/units independent of other forms/units object names in a delphi project. Have you ever created a form for user input in a Delphi project and then had the need to have that same form in a other Delphi proj…
Hello everybody This Article will show you how to validate number with TEdit control, What's the TEdit control? TEdit is a standard Windows edit control on a form, it allows to user to write, read and copy/paste single line of text. Usua…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Finds all prime numbers in a range requested and places them in a public primes() array. I've demostrated a template size of 30 (2 * 3 * 5) but larger templates can be built such 210  (2 * 3 * 5 * 7) or 2310  (2 * 3 * 5 * 7 * 11). The larger templa…

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question