SETUSERID function

Returns a TRUE value and assigns the user ID to the user if the user ID and password supplied to the SETUSERID function are in the _User table. If the user ID is not in the _User table or the password is incorrect, SETUSERID returns a FALSE value and does not assign the user ID to the user.

Note: Using this function overrides the database user ID previously set by either the SET-CLIENT( ) method or the SET-DB-CLIENT function.

Syntax

SETUSERID ( userid , password [ , logical-dbname ] )

userid

A constant, field name, variable name, or expression that results in a character value that represents the user’s user ID. If you use a constant, you must enclose it in quotation marks (" ").

password

A constant, field name, variable name, or expression that results in a character value that represents the user’s password. If you use a constant, you must enclose it in quotation marks.

logical-dbname

The logical name of the database where you want to check and set your user ID. The logical database name must be a character string enclosed in quotes, or a character expression. If you do not specify this argument, the Compiler inserts the name of the database that is connected when the procedure is compiled. If you omit this argument and more than one database is connected, it results in a Compiler error.

Example

To use the login.p procedure that is provided with ABL, you must define user IDs and passwords for those users who are authorized to access the database.

r-login1.p

/* Prompt user for userid and password and set the userid */ DEFINE VARIABLE id       LIKE _User._Userid NO-UNDO. DEFINE VARIABLE password LIKE _Password     NO-UNDO. DEFINE VARIABLE tries AS INTEGER         NO-UNDO. IF USERID("DICTDB") <> "" OR NOT CAN-FIND(FIRST DICTDB._User) THEN RETURN. DO ON ENDKEY UNDO, RETURN: /* return if they hit endkey */ /* Reset id and password to blank in case of retry */   ASSIGN     id       = ""     password = "". UPDATE SPACE(2) id SKIP password BLANK WITH CENTERED ROW 8 SIDE-LABELS ATTR-SPACE TITLE " Database " + LDBNAME("DICTDB") + " ". IF NOT SETUSERID(id, password, "DICTDB") THEN DO: MESSAGE "Sorry, userid/password is incorrect.". IF tries > 1 THEN QUIT. /* Only allow 3 tries */ tries = tries + 1. UNDO, RETRY. END. HIDE ALL. RETURN. END. QUIT.

The login.p procedure uses the SETUSERID function to check the value of the user ID and password that a user enters. If the value of the function is FALSE, the procedure allows the user another try. The user has three tries to log in. The first time, the tries variable is 0; tries is 1 the second time, and 2 the third. The third time, tries is greater than 1 and the procedure exits from ABL with the QUIT statement.

Notes

Use the Userid (-U) parameter together with the Password (-P) parameter. The AVM checks the _User table for the userid supplied with the -U parameter. When it finds that userid, it compares the password supplied with the -P parameter with the password in the _User table. If the two passwords match, the AVM assigns that userid to the ABL session.
Under the following conditions, the SETUSERID function returns a value of FALSE and does not assign a user ID to the user:
There are no entries in the _User table.
There is no _User record with the same user ID as the one supplied with the SETUSERID function.
The password supplied with the SETUSERID function does not match the password in the _User table record of the specified user ID.
When using the SETUSERID function, ABL returns a compiler error under the following conditions:
There is no database connected.
The logical-dbname argument is omitted, and more than one database is currently connected.
When specifying the logical-dbname argument, you must provide the name of the logical database, not the physical database.
SETUSERID encodes the password argument and then compares the result with the value stored in the _User._password field of the _User table.
After SETUSERID returns a value of TRUE and assigns a user ID to a user:
ABL uses that user ID when the user compiles procedures.
Subsequent uses of the USERID function return the assigned user ID.
If the root user ID does not exist in the _User table, SETUSERID returns a value of FALSE when supplied with a userid of root. If the _User table does have a root entry, the user who assumes that user ID has all the privileges associated with the root user ID on UNIX.
You must create a blank user ID ("") if you want to set the user ID to a null value.
Table 62 shows how ABL determines a user ID on UNIX.

Table 62: Determining a UNIX user ID 

Are there records in the _User table?	Are the -U and -P startup options supplied?	User ID
NO	YES	Error: -U and -P not allowed unless there are entries in the _User table.
NO	NO	UNIX user ID.
YES	NO	"" (blank user ID).
YES	YES	If the -U userid and -P password match those in the _User table, use that userid. Otherwise, do not assign a user ID.

Table 63 shows how ABL determines a user ID in Windows.

Table 63: Determining a Windows user ID

Are there records in the _User table?	Are the -U and -P startup options supplied?	User ID
NO	YES	Error: -U and -P not allowed unless there are entries in the _User table.
NO	NO	"" (blank user ID) or operating system user ID if available.
YES	NO	"" (blank user ID).
YES	YES	If the -U userid and -P password match those in the _User table, use that user ID. Otherwise, do not assign a user ID.

See OpenEdge Development: Programming Interfaces and OpenEdge Data Management: Database Administration for more information on user privileges.
Calling this method generates an audit event, and creates an audit record for the event in all connected audit-enabled databases according to each database’s current audit policy settings.
Once an initial database connection is established, you can also use the SET-CLIENT( ) method (on the SECURITY-POLICY system handle) or the SET-DB-CLIENT function to set the user ID for the connection.

See also

CONNECT statement, SET-CLIENT( ) method, SET-DB-CLIENT function, USERID function

OpenEdge Release 10.2B

Copyright © 2009 Progress Software Corporation