Introduction
The DBWARM lets an administrator to assign access rights for groups of functionalities in MechworksPDM.
The system stores all it's data in the MechworksPDM database; in particular it needs the following tables:
managed by the application DBWARM.EXE:
DBWARM |
|||
|---|---|---|---|
PK |
Field Name |
Data Type |
Allow Nulls |
|
GROUP_ID |
varchar(128) |
|
RIGHTS |
varchar(128) |
|
|
EXTENDED_RIGHTS |
varchar(50) |
|
|
managed by the application DBWARM.EXE:
DBWARM_CLASS_GROUP |
|||
|---|---|---|---|
PK |
Field Name |
Data Type |
Allow Nulls |
|
CLASS_ID |
varchar(50) |
|
|
LOGIN_GROUP |
varchar(50) |
|
MASK_GROUP |
varchar(50) |
|
|
managed by the application DBWARM.EXE:
DBWORKS_USERS |
|||
|---|---|---|---|
PK |
Field Name |
Data Type |
Allow Nulls |
USER_ID |
varchar(128) |
|
|
FULLNAME |
varchar(128) |
|
|
PASSWORD |
varchar(128) |
|
|
GROUP_ID |
varchar(128) |
|
|
PHONE |
varchar(128) |
|
|
varchar(128) |
|
||
PIN |
varchar(50) |
|
|
LOCKED |
int |
|
|
TRUSTED_DOMAIN |
varchar(50) |
|
|
INITIALS |
varchar(10) |
|
|
ABBREV_NAME |
varchar(128) |
|
|
DBW_PROJECT_USER(managed by the DBWorks application)
DBWARM_CLASS_GROUP |
|||
|---|---|---|---|
PK |
Field Name |
Data Type |
Allow Nulls |
|
PROJECT_ID |
varchar(128) |
|
|
USER_ID |
varchar(128) |
|
These tables are created automatically during installation using the .MDB database file.
If the installation is based on MS SQL Server, they need to be created manually through SQL Server Enterprise Manager.
The DBWARM system is made of the following components:
1.An application named DBWARM.EXE
2.A built-in verification system in MechworksPDM
3.A project manager integrated in MechworksPDM
4.DBWARM dedicated options in MechworksPDM
5.A set of protected queries
Main concepts
The philosophy behind this system is that all the features are denied only at the USER INTERFACE level, but not at the SHELL / API level, so to permit a script to run independently of any deny. The only way to change this behaviour (inhibiting also the script execution itself) is to DENY the use of the scripts itself ( option Execute .VBS scripts in the Script page of the Access Rights Editor , described below ).
The scripts themselves, however, can use some special functionalities of the DBWorks Shell, so to can query the authorization level of the current user; dependently of the type of script, some function can be denied to the execution or not.
This is normally the most common case, where a novice or some other unauthorized user can be DRIVEN by some administrator-prepared scripts in accessing the system.