CDO$HELP.HLB  —  CDO Commands, DEFINE  PROTECTION  Examples
    1.CDO>  DEFINE PROTECTION RECORD PERSONNEL
      cont>   POSITION 2
      cont>   IDENTIFIER [JONES,DICT]+LOCAL+INTERACTIVE
      cont>   ACCESS READ+WRITE+DELETE.

      In this example, the DEFINE PROTECTION command creates a new
      second ACE for the PERSONNEL record. The former second ACE
      becomes the new third ACE.

    2.CDO>  DEFINE PROTECTION FOR RECORD PERSONNEL
      cont>   AFTER [JONES,DICT]+LOCAL+INTERACTIVE
      cont>   IDENTIFIER [CDD,SMITH] ACCESS READ.

      In this example, the DEFINE PROTECTION command inserts a new
      ACE with the identifier [CDD,SMITH] after the ACE with the
      [JONES,DICT]+LOCAL+INTERACTIVE identifiers.

    3.CDO>  DEFINE PROTECTION FOR RECORD BENEFITS.*;* POSITION 4
      cont>   IDENTIFIER [PERSONNEL,*] ACCESS SHOW.

      In this example, the DEFINE PROTECTION command creates a fourth
      ACE for all current records in the BENEFITS directory. This ACE
      does not become the default protection for definitions that are
      subsequently created.

    4.CDO>  DEFINE PROTECTION FOR RECORD PERSONNEL
      cont>   IDENTIFIER [*,*] ACCESS NONE.

      In this example, the DEFINE PROTECTION command creates an ACE
      that denies all access rights to all users. CDO places this
      ACE first in the ACL, because the user did not specify either a
      POSITION clause or an AFTER clause in the command. As a result,
      everyone (including the user who issued the command) is denied
      all access to the definition.

      Only the owner can regain access to the definition by using
      either the DELETE PROTECTION or CHANGE PROTECTION command to
      remove or change the ACE.

    5.CDO>  DEFINE PROTECTION FOR REPOSITORY PERSONNEL
      cont>   POSITION 2 IDENTIFIER [SYSTEM]
      cont>   ACCESS READ+WRITE+DELETE+CONTROL.

      In this example, the DEFINE PROTECTION command creates an
      ACE in the second position that grants the SYSTEM user
      READ+WRITE+DELETE+CONTROL access.

    6.CDO>  DEFINE PROTECTION FOR REPOSITORY PERSONNEL
      cont>   POSITION 2 IDENTIFIER [*,*]
      cont>   DEFAULT_ACCESS READ+WRITE.
      CDO>  DEFINE FIELD NEW_FIELD DATATYPE TEXT SIZE 5.

      In this example, the DEFINE PROTECTION command defines
      the default access rights for the PERSONNEL repository to
      READ+WRITE. If a context has not been set, CDO will grant the
      newly created field, NEW_FIELD, with access rights that are
      equivalent to the repository's default access rights.

    7.CDO> DEFINE PROTECTION FOR REPOSITORY CDD$REPOSITORY2
      cont> POSITION 2 IDENTIFIER [*,*]
      cont> ACCESS NONE.

      In this example, the DEFINE PROTECTION command defines the
      access rights for the repository using a logical name for the
      repository name.
Close Help