Security in the Data Dictionary
Within the APPX data dictionary, you use field and record security specifications to control which users can view and modify data presented on images in applications.
To secure fields on input and output images, you assign a read rights security code. Read rights govern whether or not a user can see the contents of a field as defined on an image either input (transaction entry or maintenance screens, for example) or output (journals, lists, or reports). If a user does not have read rights to a secured field, the contents of the field are invisible and non-editable. Refer to the discussion on Database Security for more information.
Field security specifications, unlike record security specifications, do not restrict access to fields when developing or modifying an application within application design. For example, a designer can define statements to modify values in secured fields, or to load the contents of secured fields into unsecured fields. The contents of a secured record, however, cannot be accessed or modified with statements.
You define read and modify security specifications for each of the following components of the dictionary:
Domain security specifications cannot be overridden for any domain-type fields and work fields that reference them.
File security specifications control read and write access to files.
Field security specifications control read and write access to fields. If security specifications are blank, access to the field is unrestricted.
Work field security specifications control read and write access to work fields. If security specifications are blank, access to the work field is unrestricted.
In addition to the file/field-level security described above, you can establish record-level security as described in the next section. |