Database Applications
On top of granting users native access to database from any client, system administrators can also determine the access granularity by:
-
Database instances on top of the server
In addition to giving an all-or-nothing connectivity to the server, Harmony Connect Application-Level allows you to determine access granularity by database: allow certain users to access specific database instances and tables only.
-
Profile
Administrators can determine the access profile of their users out of four profiles: Owner, Editor, Viewer, and No Access.
To set up database server:
-
In the Policy menu, go to Access Control > Application Access and click Add.
-
In the Add New Application window, select Database.
-
From the database types list, select your database type and click Next.
- In the New Application window, fill in the details and click Launch:
Application name: Select an indicative, short name. This name appears later in the User App Portal.
Application address: Insert your internal server address.
Application port: Use the default port or insert your port.
Application site: Select the site where your database application is located.
Authentication database: The default database to which the users authenticate.
Database username and Password: Insert the server login credentials, username and password, to allow Harmony Connect Application-Level to connect to your server.
When the new app is launched, users with permissions can access it from any designated client.
-
Click the Edit Permissions button under the Access Permissions tab to configure access permissions to your new applications: add and remove groups by selecting or clearing the group checkbox. When you are done, click Save.
- You can determine each group access profile. There are four types of profiles:
Owner: can execute all statements.
Editor: can only execute SELECT, UPDATE, SET, DELETE, INSERT.
Viewer: can only execute SELECT.
No Access: cannot execute any statement.
Set general access to the databases on the server by editing the Default column. This column shows the group access profile to all the databases on the server
To edit the profile, click it and select the requested option.
-
To set profile to specific databases, add them to the system by clicking the Add Database button and inserting their exact name.
Then, you can change permissions so that a group can have different permissions to specific databases.
For example, the group Backend can have the Viewer Access to all the database instances on the server, except for dev and Stage databases, where it has the Editor permission.