Defining Access Permissions for Columns

Permissions for columns are defined using a method similar to that for tables. To define access permissions for one or more columns in a table, right-click the table name in the File Access Definition Editor Table List and select List Columns from the shortcut menu. The Table Access Control dialog is displayed.

Table Access Control dialog

Table

The table for which column access permissions are defined. Use Table to select other names from the Table List in the Access Definition Editor and define column access permissions.

Column List

(Default) and names of columns in the table for which the File Access Definition explicitly controls access. Select an entry in the list to display or define corresponding access permissions in the Column Access Control list. The (Default) setting applies to archived data in columns not otherwise listed and cannot be deleted.

Arrow
The arrow indicates the active entry. To select an entry, click the row.
Column
The column name. Type the name, or use Add column from the shortcut menu to select a column name from a database or an Archive File. To remove a column name, select the row number and press Delete or use the Remove commands in the shortcut menu.

Any security settings for tables or columns that are not in the secured Archive File have no effect.

AC Type
The type of access permissions associated with the column. Access permissions are displayed in the Column Access Control list.

Select one of the following:

Explicit
Column-specific access permissions apply.
Default
The default access permissions apply.
None
Access permissions do not apply. All users are allowed to access the table.
Notes: If AC Type is None,
  • The Column Access Control list is unavailable and any user account is allowed full access.
  • If for (Default), the Default AC Type is unavailable for other entries in the Column List.

Shortcut Menu Commands

Right-click a row in Column List to display the following shortcut menu commands:

Remove Column
Remove the selected column name from the list. (This command is not available for (Default).)
Remove All Columns
Remove all column names, except (Default), from the list.
Add column
Display submenus and select a source, From Database table or From Archive File, for a column selection list. Use the list to add one or more column names to the Column List.
Note: Add column is available only from the blank row at the bottom of the Column List.

Select From Database table to display the File Access Definition Table/Column Selection dialog listing columns in the database table. For more information, see Selecting Columns from a Table.

Select From table in Archive File to display the Open dialog, from which to choose an Archive File before displaying the File Access Definition Table/Column Selection dialog. For more information, see Selecting Columns from a Table in an Archive File.

Note: Access permissions in the associated ACL determine the options and actions that are available to you. For example, the Remove shortcut menu options are not available to roles limited to read access.

Column Access Control

Use the Column Access Control list to define access permissions for the entry in the Column List. You can assign access permissions to roles in the ACD and a default for all user accounts and roles for which access permissions are not assigned explicitly. If the AC Type for an entry in the Column List is None, Column Access Control list is blank and cannot be edited.

Role
(Default) and names of roles for which the File Access Definition explicitly controls access. Role names not included in the Access Control Domain that serves as the basis for the FAD are italicized and settings for them have no effect.
Notes:
  • If a user is included in multiple roles in the list, the most restrictive permission applies.
  • Unless the AC Type for the Column List entry is None, the Column Access Control list includes a (Default) setting. This default cannot be deleted and applies to users for which no explicit permissions are granted.

Type the name or use the drop-down list to select the name of a role defined in the ACD. You can also edit a role name. To remove a role name, use the Remove commands in the shortcut menu.

Access
The type of access permissions for the role. Select one of the following:
Allow
The role is allowed access to the column.
Deny
The role is denied access to the column.
Note: If a role is denied access to any file attachment pseudocolumn in an Archive File, the role cannot use the Archive File in a Delete, Restore, Update, or Insert process.

Shortcut Menu Commands

Right-click the Column Access Control list to display the following shortcut menu commands:

Remove
Remove the selected role from the list. (This command is not available for (Default).)
Remove All
Remove all roles, except (Default), from the list.
Allow all non-default
Allow access for all listed roles, except (Default).
Deny all non-default
Deny access for all listed roles, except (Default).

Selecting Columns from a Table

Use the File Access Definition Table/Column Selection dialog to select and add one or more names of columns from the table specified in the Table Access Control dialog to the Column List. Source displays the fully qualified table name.

To open this dialog, right-click the blank row at the bottom of the Column List and do one of the following:

  • Select Add column from the shortcut menu and then select From Database table from the submenu.
  • Select Add column from the shortcut menu and then select From table in Archive File from the submenu to first specify an Archive File containing the table.
    File Access Definition Table/Column Selection dialog

Click a column name to select it. To select multiple columns, hold the Ctrl or Shift key while clicking the column names. To select all columns in the table, click Select All. Click OK to add the names of selected columns to the Column List and display the Table Access Control dialog again.

Selecting Columns from a Table in an Archive File

When you select Add table from the Column List shortcut menu, and select From table in an Archive File from the submenu, the Open dialog is displayed to allow you to select an Archive File.

In the Open dialog, select the server on which the file resides and click Refresh. Use Look In to select the directory or path containing the file, and double-click a listed file name or enter the file name and click Open. The names of columns in the selected table are listed in the File Access Definition Table/Column Selection dialog. Source indicates the fully qualified name of the table.

Note: The selected Archive File must contain a table with a fully qualified name that matches the name in Table on the Table Access Control dialog.


Feedback