We have a lot of old applications that are full of hard coding for authorization. Consider item master maintenance, for instance. Mary can maintain items with item numbers that begin with 4, Bill can maintain items in classes 01 and 02, and Joe can maintain items for class 06 and also items that begin with 78, but not if they begin with 782. So we have logic like ?IF USER = ?MARY? . . .?. Sometimes it?s user profile, sometimes it?s terminal ID.
I asked the database gurus on another forum how they handle this sort of thing, and the few answers I got were pitiful (e.g. ?Create a view for Mary.?) It seems the folks who work with Oracle, SQL Server, MySQL, mainframe DB2, Unix DB2, etc. don?t have all the answers.
Since I?m always looking for a better way, I?d like to know if you?ve found an elegant way to eliminate hard coding.
I asked the database gurus on another forum how they handle this sort of thing, and the few answers I got were pitiful (e.g. ?Create a view for Mary.?) It seems the folks who work with Oracle, SQL Server, MySQL, mainframe DB2, Unix DB2, etc. don?t have all the answers.
Since I?m always looking for a better way, I?d like to know if you?ve found an elegant way to eliminate hard coding.
Comment