To create records for the permissions table, you must first determine the users and the activities. The users are identified by their user IDs, and the activities by specific procedures or subsystems.

In the following example, three user IDs—manager, salesrep, and inventory—are given permission to perform the following activities:

  • Add new Customers to the database by running i-adcust.p, which manager and salesrep have permission to run.
  • Update records in the database by running i-chcust.p, which manager and salesrep have permission to run.
  • Remove Customer records from the database by running i-delcus.p, which manager has permission to run.
  • The order report and mailing label procedures (i-itlist.p and i-rept6.p) are grouped into a subsystem called print, which manager and inventory have permission to run.

To add these application activities as records to the permissions table, you can write this simple ABL procedure:

i-prmsn.p

REPEAT:
  INSERT permissons.
END.

This procedure lets you add records of activities to the permissions table until you press ENDERROR. The following figure shows records of application activities that you can add to the permissions table.

Figure 1. Sample activity permissions entries


After you create these records of application activities, you must include statements in your procedures that check them at run time. After that, the security administrator is responsible for maintaining these records.