To ensure that only authorized users can access certain features in your application, you can provide run-time authorization to check the user ID of any user attempting to run a particular procedure or to access database tables and fields. ABL provides a mechanism, the CAN-DO function, which allows you to validate a list of user ID patterns against one of the following:

  • The user ID for a given database connection (database connection ID)
  • An application specified user ID

You can use the success of this validation to determine if a given procedure can be run.

You can also check the authorization (configured in a given OpenEdge RDBMS) for users to access specific database tables and fields, based on the current database connection ID.