A developer can write custom run-time authorization to prevent unauthorized users or precompiled procedures from accessing restricted database tables and fields. To establish run-time security for precompiled procedures, you must set up a permissions table within the database and ensure that only your application's precompiled procedures are allowed to run against the database.
The permissions table contains records that specify users who are authorized to run specific procedures or classes. Each record in the permissions table must contain at least two fields: an Activity field and a Can-Run field. The Activity field contains the name of the procedure and the Can-Run field contains the user IDs of those who have permission to run the procedure. Within the application, you can use the ABL CAN-DO function to test whether the current application user can run a specific procedure.
As security administrator, you must maintain the permissions table. It is also your responsibility as the developer to provide the tools to maintain this table. For more information about setting up run-time security with a permissions table, see the information on run-time security in OpenEdge Development: Programming Interfaces.