Deployed Jade Database Inspection Security
The Schema Inspector blocks access to user class instances by default, if any of the following is true.
-
Production mode is enabled
-
The system does not have any developer licenses installed
-
The _jadeapp or the _jadedef database file has been marked offline (and optionally removed (deleted) from the database directory)
-
The jadeDevelopmentFunctionSelected security hook inspectInstances task fails for the selected class
You can implement the optional allowedToInspect security filter method to override this behavior, or since the deployed Jade Database Inspector is subject to development security, you can implement the optional Jade development security hook inspectInstances task to control access. If none of these conditions apply, there are no restrictions to accessing user instances.
The allowedToInspect method must have the following signature.
allowedToInspect(userName: String; password: String): Boolean;
If the allowedToInspect method is present on a class, the Schema Inspector uses the user name and password from the Schema Inspector Utility logon dialog and calls the allowedToInspect security filter method, passing these values as parameters. If the allowedToInspect method returns true, the instances of that class are displayed. If this method returns false, a message box is displayed, informing the user that there are insufficient security rights to inspect instances of that class.
As the allowedToInspect method defaults to false in a runtime application, you must implement the allowedToInspect method to return true in a runtime system. (This ensures that any user of the Schema Inspector in a runtime application can inspect only those classes to which access has been specifically permitted by the application software developer.)
The allowedToInspect method applies to the class in which it is implemented and to any subclasses of that class. To restrict deployment inspection access for all classes, implement the allowedToInspect method for the
The following example shows the implementation of the allowedToInspect method in a user-defined Employee class to restrict deployment inspection access to that class by all users other than wilbur2, who has a password of taonga.
allowedToInspect(userName, password: String): Boolean; begin if userName = "wilbur2" and password = "taonga" then return true; else return false; endif; end;
For details about the Schema Inspector, see Chapter 1, "