|
|
|
|
|
|
|
|
|
|
version 2004 (Modified)
CHANGE CURRENT USER ({user}{; }{password})
| Parameter | Type | Description | |
| user | String | Num |  | Name or unique user ID |
| password | String | | Password (not encrypted) |
Description
CHANGE CURRENT USER is used to change the identity of the current user in the database, without having to quit. The user can change their identity themselves either using the database connection dialog box (when the command is called without parameters) or directly via the command. When a user changes their identity, they abandon any former access privileges in favor of those belonging to the chosen user.
If the CHANGE CURRENT USER command is executed without parameters, the database connection dialog box is displayed. The user must then enter or select a valid name and password in order to enter the database. The contents of the connection dialog box will depend on the options set on the Application/Access page of the database Preferences.
You can also pass the two optional user and password parameters in order to specify by programming the new account to be used.
In the user parameter, pass the name or unique user ID (userRef) of the account to be used. The user names and IDs can be obtained using the GET USER LIST command.
| User ID | User description |
| 1 | Designer |
| 2 | Administrator |
| 3 to 15000 | User created by the Designer |
| (user No. 3 is the first user created by the Designer, | |
| user No. 4 is the second, etc.). | |
| -11 to -15010 | User created by the Administrator |
| (user No. -11 is the first user created by the Administrator, | |
| user No. -12 is the second, etc.). |
If the user account does not exist or was deleted, error -9979 is returned. You can intercept this error with the error-handling method installed by the ON ERR CALL command. Otherwise, you can call the function Is user deleted to test the user account before calling this command.
Pass the non-encrypted user account password in the password parameter. If the password does not match the user, the command will return error message -9978 and do nothing.
The command execution is now delayed to prevent flooding (brute force attack), in other words, attempts of multiple user name/password combinations. As a result, after the 4th call to this command, it is run only after a period of 10 seconds. This delay is throughout the entire work station.
Offering a custom access management dialog box
The CHANGE CURRENT USER command can be used to set up custom dialog boxes for entering the name and password (with entry and expiration rules) that benefit from the same advantages as the access control system of 4th Dimension.
It works as follows:
1. The database is entered directly in the "Default user" mode, without a dialog box.
2. The On Startup database method displays a custom dialog box for entering the user name and password. All types of processing are foreseeable in the dialog box:
- It is possible to display the list of database users, as in the standard access dialog box of 4th Dimension, using the GET USER LIST command.
- The password entry field can contain various controls in order to check the validity of the entered characters (minimum number of characters, uniqueness, etc.).
- In order for the characters of passwords being entered to be masked on screen, you can use the FONT command with the special %password font.
- Expiration rules can be applied at the moment when the dialog box is validated: expiration date, forced change to the initial connection, locking of account after several incorrect entries, memorization of passwords already used, etc.
3. When the entry is validated, the required information (user name and password) are passed to the CHANGE CURRENT USER command in order to open the database with the user account privileges.
Example
The following example displays the connection dialog box:
CHANGE CURRENT USER
See Also
|
|
|
|
|
|
|
|
|
|