SimonLockington
Member
Hi everyone,
I was trying to setup a new user group with permissions that were a subset of an existing group.
I thought that rather than do everything manually, I would use SQL to create the necessary records in the SYS7333.F00950 table.
I created a query that created the records correctly (basically a select on the existing records I required and substituted the old FSUSER with the new group name.
The query ran fine with the expected amount of results.
However when testing this group security we found that the users could do anything they liked.
I thought it could have been the format of the SQL query so enabled debugging while I assigned and removed permissions from security work bench. I saw that the SQL JDE was creating was the same as what I had created and I also saw it was writing to an audit table.
HOWEVER, I also saw that it was doing a lot of cache work immediately after submitting the SQL to the database.
Given that JDE was generating the same SQL as I was, I do not believe that the SQL query I wrote did not work, rather that because I did not flush the cache afterwards as Security Workbench does, then the changes did not take effect.
Does anyone have any knowledge that would disprove or validate this theory?
Thanks,
Simon
I was trying to setup a new user group with permissions that were a subset of an existing group.
I thought that rather than do everything manually, I would use SQL to create the necessary records in the SYS7333.F00950 table.
I created a query that created the records correctly (basically a select on the existing records I required and substituted the old FSUSER with the new group name.
The query ran fine with the expected amount of results.
However when testing this group security we found that the users could do anything they liked.
I thought it could have been the format of the SQL query so enabled debugging while I assigned and removed permissions from security work bench. I saw that the SQL JDE was creating was the same as what I had created and I also saw it was writing to an audit table.
HOWEVER, I also saw that it was doing a lot of cache work immediately after submitting the SQL to the database.
Given that JDE was generating the same SQL as I was, I do not believe that the SQL query I wrote did not work, rather that because I did not flush the cache afterwards as Security Workbench does, then the changes did not take effect.
Does anyone have any knowledge that would disprove or validate this theory?
Thanks,
Simon
