File Access Definition Editor

Use the File Access Definition Editor to define a File Access Definition. This dialog allows you to select an Access Control Domain to be used as the basis for the File Access Definition, select tables to secure using the Table List, and define access permissions for each selected table using the Table Access Control list. You can also define access permissions for columns in a listed table.

Open the File Access Definition Editor by selecting the Tools > New FAD menu option in the File Access Definitions dialog. You can also open that Editor for an existing File Access Definition by double-clicking a listing in the File Access Definitions dialog.

File Access Definition Editor dialog

Description

Enter text that describes the File Access Definition.

Access Control Domain

Type or select the name of an Access Control Domain (ACD) to use as the basis for the File Access Definition. The ACD translates the roles specified in the Table Access Control list into accounts in your network. After a File Access Definition is saved, you can select a different ACD by modifying the associated ACL.

Table List

(Default) and names of tables for which the File Access Definition explicitly controls access. Select an entry in the list to display or define corresponding access permissions in the Table Access Control list. The (Default) setting applies to archived data in tables not otherwise listed and cannot be deleted.

Arrow
Identifies the active entry; to select an entry, click the arrow.
Table
The fully qualified table name. You cannot save a File Access Definition if any table name is not fully qualified.

Type the fully qualified three-part name, or use Add Table from the shortcut menu to select a table name from a database or an Archive File. To remove a table name, select the row number and press Delete or use the Remove commands in the shortcut menu.

Any security settings for tables or columns that are not in the secured Archive File have no effect.

AC Type
The type of access permissions associated with the table. Access permissions are displayed in the Table Access Control list. Select one of the following:
Explicit
Table-specific access permissions apply.
Default
The access permissions for (Default) apply.
None
Access permissions do not apply. All users are allowed to access the table.
Notes: If AC Type is None:
  • The Column Secured check box and Table Access Control list are unavailable and any user account is allowed full access.
  • If for (Default), the Default AC Type is unavailable for other entries in the Table List.
Column Secured
Indicator that access permissions are defined for one or more columns in the table.

To define access permissions for columns, right-click the table entry and select List Columns from the shortcut menu. Column access permissions are defined in the Table Access Control dialog. Column Secured indicates a table with column access permissions defined.

Shortcut Menu Commands

Right-click a row in the Table List to display the following shortcut menu commands:

Remove Table
Remove the table name from the list. This command is not available for (Default).
Remove All Tables
Remove all table names, except (Default), from the list.
List Columns
Open the Table Access Control dialog to define access permissions for columns in the selected table. This command is not available for (Default).
Add table
Display submenus and select a source, From Database or From Archive File, for a table selection list. Use the list to add one or more table names to the Table List.
Note: Add table is available only from the blank row at the bottom of the Table List.

Select From Database to display the Select Table(s) dialog listing tables in the database. For more information, see Selecting Tables from a Database.

Select From Archive File to display the Open dialog, from which to choose an Archive File before displaying the File Access Definition Table/Column Selection dialog. For more information, see Selecting Tables from an Archive File.

Note: Access permissions in the ACL for the FAD determine the options and actions that are available to you. For example, the Remove shortcut menu options are not available to a role that is limited to read access.

Table Access Control

Use the Table Access Control list to define access permissions for an entry in the Table List. You can assign access permissions to selected roles in the associated ACD and a default for all user accounts and roles for which access permissions are not assigned explicitly. If the AC Type for an entry in the Table List is None, Table Access Control list is blank and cannot be edited.

Role
(Default) and names of roles for which the File Access Definition explicitly controls access. Role names not included in the Access Control Domain that serves as the basis for the FAD are italicized and settings for them have no effect.
Notes:
  • If a user is included in multiple roles in the list, the most restrictive permission applies.
  • Unless the AC Type for the Table List entry is None, the Table Access Control list includes a (Default) setting. This default cannot be deleted and applies to users for which no explicit permissions are granted.

Type the name or use the drop-down list to select the name of a role defined in the ACD. You can also edit a role name. To remove a role name, use the Remove commands in the shortcut menu.

Access
The type of access permissions for the role. Select one of the following:
Allow
The role is allowed access to the table.
Deny
The role is denied access to the table.

You must select either Allow or Deny for (Default). Roles for which both Allow and Deny are blank assume the permission selected for (Default).

Shortcut Menu Commands

Right-click the Table Access Control list to display the following shortcut menu commands:

Remove
Remove the role from the list. This command is not available for (Default).
Remove All
Remove all roles, except (Default), from the list.
Allow all non-default
Allow access for all listed roles, except (Default).
Deny all non-default
Deny access for all listed roles, except (Default).

Selecting Tables from a Database

Use the Select Table(s) dialog to select the names of one or more tables from a database referenced by a specified DB Alias. To open the Select Table(s) dialog, right-click the blank row at the bottom of the Table List, select Add table from the shortcut menu, and select From Database from the submenu. You can then select one or more table names to be added to the Table List.

The Select Table(s) dialog lists the database tables:

  • To list tables in a database, double-click the DB Alias or overtype the DB Alias in the Pattern box.
  • Objects referenced by the selected DB Alias are listed in the Database Table grid in alphabetical order by Creator ID and Table Name. The type of object (table, view, alias, synonym), DBMS, and fully qualified name are provided.

Selecting Tables from an Archive File

When you select Add table from the Table List shortcut menu, and select From Archive File from the submenu, the Open dialog is displayed to allow you to select an Archive File.

In the Open dialog, select the server on which the file resides and click Refresh. Use Look In to select the directory or path containing the file, and then double-click a listed file name or enter the file name and click Open. The names of tables in the selected file are listed in the File Access Definition Table/Column Selection dialog. Source indicates the path for the file.

File Access Definition Table/Column Selection dialog

Use the File Access Definition Table/Column Selection dialog to select the names of one or more tables in the Archive File. Click a table name to select it. To select multiple tables, hold the Ctrl or Shift key while clicking the table names. To select names of all tables in the Archive File, click Select All. Click OK to add the selected names to the Table List and display the File Access Definition Editor again.



Feedback