Results 1 to 3 of 3

Thread: [code examples] Users and Roles

  1. #1
    Lianja MVP
    Join Date
    Dec 2012
    Location
    Croatia, Zagreb
    Posts
    1,121

    [code examples] Users and Roles

    (OS) login name of the current user
    USER
    Code:
    ? user()
    william
    https://www.lianja.com/doc/index.php/USER()

    Login name of the current user as defined in the Lianja Users Workspace
    USERNAME
    Code:
    ? username()
    william
    https://www.lianja.com/doc/index.php/USERNAME()

    Dynamic data mask for the specified column for the current user
    USERDATAMASK
    Code:
    open database southwind
    ? username()
    ? userdatamask("customers","customerid")
    https://www.lianja.com/doc/index.php/USERDATAMASK()

    Domain/tenancy information for the current or specified user as defined in the Lianja Users Workspace
    USERDOMAIN
    Code:
    ? userdomain()
    lianja.com
    https://www.lianja.com/doc/index.php/USERDOMAIN()

    Domain/tenancy information for the current or specified user as defined in the Lianja Users Workspace
    USERTENANCY
    Code:
    ? usertenancy()
    lianja.com
    https://www.lianja.com/doc/index.php/USERTENANCY()

    Email address for the current or specified user as defined in the Lianja Users Workspace
    USERMAIL
    Code:
    ? useremail()
    myuser@lianja.com
    https://www.lianja.com/doc/index.php/USEREMAIL()

    Full name of the current user as defined in the Lianja Users Workspace
    USERFULLNAME
    Code:
    ? userfullname()
    William Colline
    https://www.lianja.com/doc/index.php/USERFULLNAME()

    Roles for the current or specified user as defined in the Lianja Users Workspace
    USERROLES
    Code:
    ? userroles()
    hr,sales
    https://www.lianja.com/doc/index.php/USERROLES()

    Rowfilter condition for the current or specified user for the current or specified table
    USERROWFILTER
    Code:
    // 'Harry' has the 'salesuk' role
    ? userrowfilter("Harry","southwind","customers")  //  --> 'country = "UK"'
     
    // 'Sally' has 'salesusa' role
    ? userrowfilter("Sally","southwind","customers")  //  --> 'country = "USA"'
     
    // Logged in as 'Harry'
    open database southwind
    use customers
    ? userrowfilter()  //   --> 'country = "UK"'
    ? userrowfilter("Sally")  //  --> 'country = "USA"'
    https://www.lianja.com/doc/index.php/USERROWFILTER()

    String representing masked data
    MASKEDDATA
    Code:
    open database southwind
    use customers alias cust in 3
    // Display customerid data with 'partial' mask applied
    ? maskeddata(cust,"customerid","partial")
    ? maskeddata(3,"customerid","partial")
    // Display customerid data with current user's dynamic data mask applied
    ? maskeddata(cust,"customerid")
    ? maskeddata(3,"customerid")
    https://www.lianja.com/doc/index.php/MASKEDDATA()

    Enable/disable use of LDAP/ActiveDirectory for user/group authentication
    LIANJA_LDAP
    Code:
    set LIANJA_LDAP=ON
    set LIANJA_LDAP=OFF
    https://www.lianja.com/doc/index.php/LIANJA_LDAP

    Define LDAP/ActiveDirectory Base DN
    LIANJA_LDAP_BASEDN
    Code:
    set LIANJA_LDAP_BASEDN=OU=AD LDS Users,O=Lianja,C=UK
    https://www.lianja.com/doc/index.php/LIANJA_LDAP_BASEDN

    Define LDAP/ActiveDirectory server
    LIANJA_LDAP_SERVER
    Code:
    set LIANJA_LDAP_SERVER=192.168.80.139:389
    https://www.lianja.com/doc/index.php/LIANJA_LDAP_SERVER

    LDAP/ActiveDirectory groups the specified user is a member of
    LDAP_USERROLES
    Code:
    ? ldap_userroles("Mandy Monroe","192.168.80.139:389","OU=AD LDS Users,O=Lianja,C=UK"))
    HR,sales
    https://www.lianja.com/doc/index.php/LDAP_USERROLES()

    Test an LDAP/ActiveDirectory user login and return the Groups and Roles the user is a member of
    LDAP_LOGIN
    Code:
    ? ldap_login("Mandy Monroe","CcxkTpjFbfw2ulmv","192.168.80.139:389","OU=AD LDS Users,O=Lianja,C=UK"))
    HR,Sales,Readers,Users
    https://www.lianja.com/doc/index.php/LDAP_LOGIN()

    Grants access privileges for users to tables
    GRANT
    Code:
    // Grant update privilege for columns lastname and firstname and insert for the table
    GRANT UPDATE (lastname, firstname) INSERT;
      ON customer;
      TO '[20,100]' 
     
    // Grant all privileges to all users
    GRANT ALL ON test TO PUBLIC
    https://www.lianja.com/doc/index.php/GRANT

    Revoke access privileges for users to tables
    REVOKE
    Code:
    // Revoke update privilege for columns lastname and firstname and insert on the table
    REVOKE UPDATE (lastname, firstname) INSERT;
      ON customer;
      FROM '[20,100]'
     
    // Grant all privileges to all users
    REVOKE ALL;
      ON test;
      FROM PUBLIC
    https://www.lianja.com/doc/index.php/REVOKE

    Currently active users on the system
    SYSACTIVEUSERS
    Code:
    SELECT user_name FROM sysactiveusers
    https://www.lianja.com/doc/index.php/SYSACTIVEUSERS

    Alert records for watched records
    SYSALERTS
    Code:
    SELECT * FROM sysalerts WHERE user = user()
    https://www.lianja.com/doc/index.php/SYSALERTS

    Username and email information for alerts for watched records
    SYSUSERS
    Code:
    SELECT * FROM sysusers WHERE user = user()
    https://www.lianja.com/doc/index.php/SYSUSERS

    User access group
    ACCESS
    Code:
    if access() > 100
        dialog box "Sorry, access denied."
    endif
    https://www.lianja.com/doc/index.php/ACCESS()

    Group name
    GETGRNAM
    Code:
    use accounts
    @2,3 get name
    @3,3 get rates;
      when getgrnam() = "lianja"
    read
    https://www.lianja.com/doc/index.php/GETGRNAM()

    Group identity
    GETID
    Code:
    if getgid() > 100 and getgid() < 200
    //...
    endif
    https://www.lianja.com/doc/index.php/GETGID()

    User identity
    GETUID
    Code:
    if getuid() > 100 and getuid() < 200
    //...
    endif
    https://www.lianja.com/doc/index.php/GETUID()

    Dynamic role information
    SYSPERMS
    Code:
    select * from system!sysperms
    https://www.lianja.com/doc/index.php/SYSPERMS

    User and role information
    SYSROLES
    Code:
    select * from system!sysroles
    https://www.lianja.com/doc/index.php/SYSROLES

    Role based dynamic data masking
    SYSDATAMASKS
    Code:
    select * from system!sysdatamasks
    https://www.lianja.com/doc/index.php/SYSDATAMASKS

    Role based row level filters
    SYSROWFILTERS

    Code:
    select * from system!sysrowfilters
    https://www.lianja.com/doc/index.php/SYSROWFILTERS





    All topics in [code examples] alphabetically: https://www.lianja.com/community/sho...ll=1#post19067

  2. #2
    Senior Member
    Join Date
    Oct 2019
    Posts
    127
    In the example from which one can query the information of the logged in user (username (), useremail, ..) an example userrowfilter ("Harry", "southwind", "customers") was given. The last two parameters make sense to me. "southwind" is the database and "customers" is the corresponding table. "Harry" I suspect should be the search term. If I enter the command with a correct name from the customers table, I do not get any information back. I also cannot see in which field he is looking for "Harry" and why the land is then returned as a return. What am I missing. Thanks Olaf

  3. #3
    Lianja Development Team barrymavin's Avatar
    Join Date
    Feb 2012
    Location
    UK, USA, Thailand
    Posts
    6,350
    Hi Olaf,

    row filters can be defined for a user when they login so they are restricted to what data they can work with. This is known as Row Level Security.

    See doc
    https://www.lianja.com/doc/index.php/Users_and_Roles

    “Harry” in this example is the user name.
    Principal developer of Lianja, Recital and other products

    Follow me on:

    Twitter: http://twitter.com/lianjaInc
    Facebook: http://www.facebook.com/LianjaInc
    LinkedIn: http://www.linkedin.com/in/barrymavin

Bookmarks

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
Journey into the Cloud
Join us