| Product(s): | AWLRS | ||
| Version(s): | 1.2.x-1.3.x | ||
| Environment: | N/A | ||
| Area: | Other | ||
| Subarea: | N/A |
This is by design due to security considerations.
AWLRS provides screens to manage processes and their execution. This is mainly intended for observation and limited management. Currently Exor Forms still provide more capable functionality and can still be used for the detail where AWLRS does not support a particular aspect. Process scheduling and management is also under wider review as part of the journey to use databases other than Oracle.
With the current release of AWLRS the intention is to provide a process management tool to satisfy the majority of daily use cases, to avoid users needing to use different tools throughout the working day. However, some aspects have been intentionally limited (for example made read only) in AWLRS until other mechanisms are developed. The reason for these limitations is ultimately to ensure the security of the database and the information it stores.
AWLRS potentially expands availability to a wider audience of users, as it is web based and does not need complex installation or deployment. It is incumbent on Bentley to ensure the software is not open to exploitation should access fall into the wrong hands. The ability to modify database code is one such area of concern, damage to the data through accidental or intentional acts is something we are actively trying to avoid. SQL injection are a prevalent attack vector and one of many we are doing our utmost to protect our users from. As a result some working practices will need to adjust to adapt to a strengthened approach in the way the database is used.
| Original Author: | PV |