Configuring the 4D Database

For security and performance reasons, access to the tables, data and methods of the 4D database by means of 4D Mobile (Wakanda server) requests must be enabled and explicitly authorized. You must configure three levels of access:

• startup of 4D Mobile services,
• control of 4D Mobile accesses (optional but recommended),
• individually setting the exposure of each database object (table, field or project method) in 4D Mobile services according to your needs. By default:
  
  • all tables and all fields are accessible to 4D Mobile,
  • project methods are not accessible to 4D Mobile.

By default, 4D Server does not respond to 4D Mobile requests. You must enable 4D Mobile services in order for these requests to be processed and so that the Wakanda / 4D connector can be used. 

Note: 4D Mobile services use the 4D HTTP server, so you need to make sure that the 4D Web server or 4D Server is started. 

To activate 4D Mobile services:

1. In the Database Settings, display the Web/4D Mobile page.   
2. Check the Activate 4D Mobile service option:
   
   The warning message "Caution, check the access privileges" is displayed to draw your attention to the fact that when 4D Mobile services are activated, by default access to database objects is free as long as the 4D Mobile accesses (via REST) have not been controlled (see below).

Control of 4D Mobile accesses lets you authorize (or not) the opening of a session on the 4D side following a Wakanda request. 

As part of a 4D Mobile access, the identifiers checked are the name and password sent during the connection request performed by:

• the "Connect to Remote Datastore" dialog box of the Wakanda Enterprise Studio
• the mergeOutsideCatalog(), openRemoteStore() or addRemoteStore() SSJS methods. 

At the global level, there are two ways to control 4D Mobile accesses:

• either automatically, by means of 4D passwords,
• or by programming by means of the On 4D Mobile Authentication database method.

These two control modes are exclusive: if an On 4D Mobile Authentication database method is defined, the control of automatic accesses by 4D passwords is disabled.

Warning: if neither of these two control modes are enabled, accesses to the database through 4D Mobile are always accepted (not recommended).

 In 4D, you can specify the group of 4D users that is authorized to establish the link to the 4D server from the Wakanda application. 

To designate the logon account:

1. In the Database Settings, display the Web/4D Mobile page.
2. Choose the group to use in the "Read/Write" menu of the Access area:
   
   By default, the menu displays <Anyone>, which means that 4D Mobile accesses are open to all users.

Once you have specified a group, only a 4D user account that belongs to this group may be used to access 4D by means of a Wakanda request -- to open a session on the 4D Server using the mergeOustideCatalog() method, for example. If an account is used that does not belong to this group, 4D returns an authentication error to the sender of the request.

Note that in order for this setting to take effect:

• the 4D password system must be activated (a password must have been assigned to the Designer),
• the On 4D Mobile Authentication database method must not be defined. If it exists, 4D does not take into account any access settings defined in the Database Settings.

You can use the On 4D Mobile Authentication database method to control access rights for 4D Mobile requests sent to the Web server engine. When it is defined, it is automatically called by 4D or 4D Server when the HTTP server receives a 4D Mobile request.

When the request to open a 4D Mobile session comes from Wakanda Server (general case), the connection identifiers are provided in the header of the request. The On 4D Mobile Authentication database method is called so that you can evaluate these identifiers. You can use the list of users for the 4D database or you can use your own table of identifiers.

For more information, please refer to the On 4D Mobile Authentication database method description in the 4D Language Reference.

Once 4D Mobile services are enabled in the 4D database, by default a 4D Mobile session can access all tables and fields of the database, and thus use their data. For example, if your database contains an [Employee] table, it is possible to write, on the Wakanda Server side:

var emp=ds.Employee.query("name == 'Martin'"); 
    //Return all employees whose name field is ’Martin’

Note: 4D tables and/or fields that have the "Invisible" attribute are also exposed in 4D Mobile by default. 

The Wakanda server can also access the project methods of the 4D database. However, by default, this access is disabled for security reasons.

If you want to customize the list of database objects accessible in 4D Mobile, you must:

• disable the exposure of each table and/or field that you want to hide,
• enable exposure of each project method to which you want to give access. 

When a 4D Mobile request attempts to access an unauthorized resource (table or project method), 4D returns an error.

By default, all tables are exposed in 4D Mobile.

For security reasons, you may want to only expose certain tables of your database to 4D Mobile calls. For instance, if you created a [Users] table storing user names and passwords, it would be better not to expose it.

To modify the 4D Mobile exposure for a table:

1. Display the Table Inspector in the Structure editor and select the table you want to modify.
   By default, the Expose with 4D Mobile Service option is checked:
   
2. Uncheck the Expose with 4D Mobile Service option.
   OR
   Check this option to expose a table.
   Do this for each table whose exposure needs to be modified.

By default, all 4D database fields are exposed in 4D Mobile.

You may not want to expose certain fields of your tables to 4D Mobile. For example, you may not want to expose the [Employees]Salary field. 

To modify the 4D Mobile exposure for a field:

1. Display the Field Inspector in the Structure editor and select the field you want to modify.
   By default, the Expose with 4D Mobile Service option is checked:
   
2. Uncheck the Expose with 4D Mobile Service option for the field.
   OR
   Check this option to expose a field that was unchecked.
   Repeat this for each field whose exposure needs to be modified.

Note that in order for a field to be accessible through 4D Mobile, the parent table must be as well. If the parent table is not exposed, none of its fields will be, regardless of their status. Because of this, you can temporarily enable/disable 4D Mobile exposure for a table, while the individual values of the Expose with 4D Mobile Service option for each field remain unchanged.

No project methods are exposed in 4D Mobile by default.

You may want to make certain project methods of your 4D database accessible by means of 4D Mobile. To do this, you must check the appropriate option and define the Wakanda execution context of the method.

Note: If an access group is associated with the 4D method, you need to make sure that the 4D Mobile group is part of this group. 

To set 4D Mobile exposure for a project method:

1. Display the "Method Properties" dialog box.
   Note: You can access the method properties dialog box using the context menu on the "Methods" page of the Explorer, or from the Method/Method Properties... menu in the Method editor.
2. Check the Available through 4D Mobile call option:
   
3. Define the Wakanda execution context for the project method by means of the Table and Scope menus.
   
   These settings are required in order to respect the logic of Wakanda. For more information about this point, refer to the following section.
4. Click on OK to validate the changes.
   Project methods available through 4D Mobile are listed in the "4D Mobile Methods" section of the 4D Explorer (see the “Explorer” paragraph below).

When you declare a project method available through 4D Mobile requests, you must explicitly declare its calling context using the Table and Scope parameters:

• Table: table to be attached with the project method. This setting is not linked directly to the use of the table's data, but allows you to designate the datastore class object through which you want to access the method using JavaScript code.
  The menu displays the list of database tables that are exposed in 4D Mobile. If the method specifically uses a table's data, you can select that table. If the method is not related to a single table, you can use any table that is exposed. Or, yet again, if you only want to expose methods that correspond with the business logic of your 4D application, you can create and expose a dedicated table, for example, a [4D MobileInterface] table and then associate all the project methods exposed in 4D Mobile with it.

• Scope: span of records where method is applied. This declaration is necessary because, on the Wakanda side, methods are properties of JavaScript objects and can only be called by means of these objects. Each 4D method that is exposed must be explicitly associated with the database context where it will be called: Table, Current record and Current selection.
  
  • Table: This option indicates that the 4D method will be executed using all the records of the designated table.
    On the Wakanda side, the method will be called on an object of the Datastore class type, for example ds.MyTable.MyMethod.
  • Current record: This option indicates that the 4D method will be executed using the current record of the designated table.
    On the Wakanda side, the method will be called on an object of the Entity type, for example ds.MyTable(1).MyMethod.
  • Current selection: This option indicates that the 4D method will be executed using the current selection of records of the designated table.
    On the Wakanda side, the method will be called on an object of the Entity Collection type, for example ds.MyTable.all().MyMethod.

Warning: When you change the exposure or scope of a project method on the 4D side, you have to reload the remote model on the Wakanda side for these changes to be taken into account.

When 4D Mobile services are enabled, the tables exposed in 4D Mobile and the project methods attached to them are displayed on the "Methods" page of the 4D Explorer in the 4D Mobile Methods section: