Setting up authorization for developers
Most USoft development tools are themselves USoft applications and as such, developers who use them need permission from USoft authorization rules to access data.
For this reason, you need to be aware of access rights in Development environments for USoft team members.
In large and complex USoft projects with different teams and people in different roles, you can be very precise about who has access to what, in exactly the same way as in the runtime USoft applications that you build yourself.
Initially, however, most USoft teams start out as small, agile teams. They only require minimal concern about authorization rules in Development because USoft Binder creates default authorization rules automatically.
Automatic authorization from USoft Binder
The development tools for which you need authorization rules have a "Create Tables" option on the context menu in USoft Binder.
When you run this option, in addition to (re)creating database tables that the development tool needs, USoft Binder also creates default authorization rules. These default rules give access to every aspect of the data in the tables.
Since USoft Authorizer is the development tool responsible for checking these authorization rules, you need to run the "Create Tables" routine for USoft Authorizer as an initial action, so that you can have authorization rules in the first place. If you do not perform this action, you do not have an authorization layer and no database user will get access to any of the other USoft development tools.
In summary, the steps for setting up initial authorization rules for developers are as follows:
You have now set up authorization rules for USoft Definer, USoft Web Designer, USoft Windows Designer and the User Application for anybody who is allowed to know the database username and password or who is allowed to use your USoft Binder file. You can distribute copies of this file that carry the database password as a non-readable item. You can open USoft Authorizer and inspect the authorization rules that have been set up.
This minimal authorization is "one-user-per-project" authorization. It has the drawback that USoft will record change information as if only 1 developer were active. You cannot trace exactly who did what. Also, you cannot differentiate between groups with different access rights. To do those things, read the next section.
IMPORTANT: By default, in USoft Authorizer, a user has full access to all tables as long as no specific Table Rights or Column Rights are introduced for that user. Be aware that introducing the first Table Rights will bar access to any other tables unless you specifically define Table Rights for those tables as well.
Personal authentication for development team members
To trace who did what, or to give different access rights to different users, you need to introduce multiple username/password combinations, typically one for each team member.
The following steps are just general instructions for doing this. In practice, there are many advanced options that allow you to set up sophisticated authentication and authorization rules in the Development environment.
Here are general instructions for setting up personal authentication for development team members:
* The USD application comprises only USoft Definer, USoft Web Designer and USoft Windows Designer. You need to define separate access to other USoft development tools (if using). Here is a list of the application names of all USoft development tools:
In large development teams with complex applications, there are many ways to regulate authentication and authorization. Here are just a few pointers:
•You can have single sign-on so that developers automatically log on to USoft with their OS username/password combinations.
•You can let USoft Authorizer pre-define user groups that you can then assign people to. For example, a predefined group of business architects who get access only to the USoft Teamwork module in USoft Definer.