Re: Trigger programme without a trigger.

[Joe Pluta <joepluta@xxxxxxxxxxxxxxxxx>]

David Gibbs wrote:
> If you are relying entirely on system security and an io module to 
> enforce your business rules, then someone with sufficient authority CAN 
> casually violate the business rules by updating the data directly.
If I can't count on my security, then I don't have any.  Nobody will 
"casually" get sufficient authority in my scenario.  You musty either 
have *ALLOBJ (bad) or you must swap to the HSA profile (bad) or you must 
put the HSA as a group profile (bad).  None of these is a casual thing, 
and in general can be prevented for all but the most powerful users.

Now, the argument is that you need to do this to "fix" production data.  
I just don't buy the argument that in a well-run shop someone is going 
to be regularly fat-fingering production data.  Once in a blue moon, 
sure!  But you don't design your systems around that.  And so, to have 
someone have to jump through some hoops to get the authority to update 
the data is not necessarily a bad thing.

And maybe I'm just being a snob.  You guys seem to be insisting that 
it's normal procedure to fat-finger production data, and that you need 
to design your systems to account for it. That's your opinion and we'll 
just have to leave it at that.

I suppose the best of both worlds would be to lock down the data 
entirely *and* put validation triggers on it, so that when you do have 
to fat finger it, those triggers are in place.... hmm.

Maybe I have to rethink my position a little bit...

Joe