Table/SQL security and import/export

Is there something special I need to do to export/import table security with a solution?

I’ve suddenly realize that the solution I’ve been deploying at a client is enforcing all the form security I’ve setup in developer, but none of the table security seems to have come over with the export/import of the solution.

I typically import via the server web interface, and leave the “overwrite repo group security settings” checkbox checked.

Do I need to select something special when exporting?

Help!

greg.

I just did some more testing on this issue, by trying to import in developer rather than through the web interface – and got the same result.

The import asked me individually about replacing the settings for the various security groups, but only the form security came over – not the table security.

Any ideas?

greg.

Talking to myself, here…but, I’m confused. After digging around in the .servoy file, I can’t find anything that looks like table-related security settings. The “security_info.xml” file has specifications for the form level security I have set, but nothing else.

I did more digging, setup a clean install of Servoy (3.5.3, Java6/Win), created a test solution, setup some security, exported, and found the same thing.

I’m probably just dense, but is there something special I need to do to get Table-Group security settings to export with a solution?

Help! I really need to get this resolved today for a client.

Thanks,

greg.

Ok, I’m really hoping someone can help me on this…I’ve put a request in the support system, but am not getting any response as yet and I’ve got a pretty mad client.

I feel like I must be really dim and just be missing a checkbox somewhere, but I cannot get Table security to export with a solution. At first, I assumed it was something to do with my solution, but I’ve tried clean solutions with the same result. Here’s what I know…

All these steps have been tested in Servoy 3.5.3, both in my stock install and in a clean install, on Mac (Leopard), and WinXP (java6).

I can create a solution, with one form, using example data, two groups, each with a user attached.

In the security dialog, check “login required”, and assign privileges to the form and tables used in the solution. In this case I did “viewable” for the form and “Explicit-Read” for the table…but it doesn’t seem to matter what.

Login as the different users, test the security, all working great.

Go to the repository and export the solution. I don’t know all the details of the “.servoy” export format, but I’ve tried all combinations of the export options and dug in the unzipped file – in no case can I find any reference to the table security settings being exported. The /solution/[solutionname]/security_info.xml file has the form security settings in it.

Import this solution – in a different install of Servoy, same one, whatever – either via server-admin or the developer repository dialog. You get asked to import the group security settings, etc.

Once imported, the table level security is not there. If you’re importing over the original, your settings that were there are wiped out.

I can’t find anything in the docs about this – but I’m pretty sure those table security settings should get exported with the solution.

HELP!!! I was delinquent in testing, because I just assumed these settings were going with my exports – but I’ve got a rather upset client who’s suddenly discovered their security is not being enforce.

I’m going to have to manually create table security on the server tonight – but it will get wiped out on the next import, so I need to get this solved…

Anyone seen this? Am I a bonehead and missing something obvious? Help!!!

Thanks,

Greg.

Hi Greg – I’m not the most experienced person to be answering this question, but I’ll give it a shot. Do you have a User in each of your Groups in your developer copy?

I seem to remember reading something to the effect that in order to export security settings one must have a user in each Group. IIRC, it works off the same premise as whether or not a column will be created on a spanking new solution import on a server – the column will have been exported from the development server only if it is actually used in the solution.

I give myself a 50/50 chance of being correct on this –

kazar

Thanks for the ideas, I have found comments on those issues in the forum and made sure. There are users in all groups, and all the effected tables are used in the solutions that I’ve tested this on.

greg.

If this is an urgent issue make sure to call Servoy, filing an issue does not mean (unless you have an SLA with us in place) that we can address it immediately.

Hi Greg,

I don’t use the Servoy security settings so I can’t give you answers out of experience but since the settings are in the export file as you say and Servoy does overwrite existing settings it suggests this is a bug.
Do you see any (error) messages in the servoy log or in the log of the database when you import a solution?
Also to rule out that Java 6 has anything to do with it have you tried to import it on a machine that uses Java 5 instead of 6 ?

Hope this helps.

This issue seems to be happening when using only table security in a solution. We actually did correct this in the past, but fix was applied to wrong servoy version, It will be fixed in Servoy 3.5.4 which will be release next week.

I did have both Form and Table security configured in the solutions I had a problem with, but the patch I got from support did correct the issue for me.

Thanks for the help, everybody!

greg.

agiletortoise:
… the patch I got from support did correct the issue for me.

holy cannoli, Servoy, “awesome”.

kazar