Messages

1

General Board / Re: Database repository - single or multiple projects per database ?

« on: Today at 12:27:18 pm »

Any certification for that?

I don't think that anyone offers certification for using a database feature.

Seriously, do a search for Oracle or SQL server row level security. That will give you a very good idea of what is happening and why it's better security than anything EA can do on the client side.

2

General Board / Re: Database repository - single or multiple projects per database ?

« on: Today at 10:00:40 am »

Across the EA15 presentations videos I see that I could make multiple root nodes in a project and limit their visibility so users can't even see the root node.
Would this feature help me acheive my goals ?

No. This feature is not related to the row level security function. Consider it more as a convenience for your users who don't want to see things in those root nodes. They can still access the information if they try a little.

I would not trust this mechanism to meet any information security requirements without having done a proper analysis in the context of the proposed deployment.

By all means, review it. Row level security is not our term. What we have done is applied the techniques described by Oracle and Microsoft to the Enterprise Architect data model, allowing useful portions of the database to be restricted. The good news is you only need to do your analysis on the EA portion of the technology. The DB side is well documented.

Row-level security has been introduced to help address this, but there is no public documentation that goes into any detail beyond the fact that row-level security is applied only to 24 "critical" tables (out of the 94 tables in EA's database schema). However, the documentation does state explicitly that "only models hosted by a Pro Cloud Server are able to make use of this feature", so for client users the old access model still applies.

The changes all happen directly within your database, which as far as I'm concerned means that they are quite open. As Geert states, the security is within the database. The PCS offers an added redirection so that users don't have direct DB access, but even if they could connect using the credentials the cloud is using, they couldn't access the data they aren't meant to see.

Since the EA client's security model is trivial to bypass, the only way to achieve meaningful security is to use the security features of the underlying database. This means that the project (which is essentially the same as a database) is the smallest unit at which security protections can be applied.

Which is what row level security is doing.

That's as may be, but there are several industries where security is the business, or is at least integral to it. In those, convenience of use takes a backseat to security, and in those, EA has to be set up the way I've described.

Maybe you should actually investigate the features within EA and PCS before you make such a blanket statement.

3

General Board / Re: EA and PostgreSQL x64

« on: December 06, 2019, 09:20:11 am »

Do they still have a 32 bit driver to connect to the 64 bit database? If so, that's your answer.

4

General Board / Re: Foreign Keys removing themselves when I save

« on: December 05, 2019, 08:41:42 am »

Finding yourself in 2011 must have been a hell of a surprise.

It was the first time around.

5

General Board / Re: Code Generation Template: the definition of "$parameter1"

« on: December 04, 2019, 08:47:37 am »

https://www.sparxsystems.com/enterprise_architect_user_guide/15.0/model_domains/call_templates_from_templates.html

6

Bugs and Issues / Re: C++ include guards

« on: December 04, 2019, 08:43:52 am »

It's stored in each eap(x) file or database.

7

Bugs and Issues / Re: C++ include guards

« on: December 03, 2019, 04:58:03 pm »

I just tried a generation with the default templates and it generated:

Code: [Select]

#if !defined(EA_20DC1767_DEDE_46a2_A251_3EDA957EA5AB__INCLUDED_)
#define EA_20DC1767_DEDE_46a2_A251_3EDA957EA5AB__INCLUDED_
I don't get a warning for identifiers with double underscore within the name, but if your compiler is it's coming from line 18 in the C++ File template.

8

Automation Interface, Add-Ins and Tools / Re: Repository.OpenFile2: Problems to connect to cloud repository

« on: December 03, 2019, 11:49:25 am »

The http(s) security prompt comes directly from Windows. The exact appearance will vary depending on Windows version.

Generally you should see the server name and model name listed. In my test environment it also uses a title of 'Windows Security' and explicitly states that the request is coming from 'EA.exe'.

The EA project security prompt will not provide any of those things. It should have a title 'Login to EA Repository'.

9

General Board / Re: Code Generation Template: the excution of template "file Impl"

« on: December 03, 2019, 11:44:18 am »

If you want to use the File Impl for your language, you'll need to create an MDG technology that specifies ImplementationExtension in the code options.

See https://www.sparxsystems.com/enterprise_architect_user_guide/15.0/modeling/define_code_options.html

10

Bugs and Issues / Re: php7 methods with returnType not imported in classes

« on: December 02, 2019, 09:28:52 am »

Changing the code generation templates won't change the import behavior at all. Neither will setting required or active, but required could prevent other people from accessing your model.

The behavior with perspectives was not intentional, and I believe it has been corrected in the latest builds. So the easiest approach is updating to the latest build.

In the perspectives menu, select manage perspectives. On the second page create a new perspective and select the php7 technology. Save it and you're done. As long as you are in 'All' or your new technology when first importing PHP in an EA session it should take effect.

11

Automation Interface, Add-Ins and Tools / Re: Best language for bulk updates?

« on: November 29, 2019, 08:32:26 am »

No scripting (or even compiled) language is going to make much of a difference unless you're doing some serious crunching in your code. The big time costs are associated with the DB access itself.

12

General Board / Re: V15 - User Tools Ribbon not pupulated

« on: November 25, 2019, 09:55:28 am »

Not sure why that's empty. It is customizable, but the default should contain what you want.

As for setting up a data source, the only trick is to use the 32 bit version. So you need to run C:\Windows\SYSWOW64\odbcad32.exe

13

General Board / Re: Code Template Editor

« on: November 25, 2019, 09:49:43 am »

Edit the Operation and Operation Impl templates.

Code: [Select]

$params = %list="Parameter" @separator=", "%
%opName%(
%if $params != ""%
$params
$else%
void
%endIf%
)

Code: [Select]

$params = %list="ParameterImpl" @separator=", "%
%opName%(
%if $params != ""%
$params
$else%
void
%endIf%
)

14

General Board / Re: Relationhip matrix order with custom SQL

« on: November 22, 2019, 02:55:29 pm »

I'd like to see a Don't Sort option, i.e., just list in the order the elements appear in the browser, with child elements indented.

Project browser sort is probably the hardest. It depends on a number of user options, explicit re-ordering and dynamic sorting. It's certainly not Don't Sort.

15

General Board / Re: Modeling Memory Layout

« on: November 21, 2019, 09:29:46 am »

It's not overly difficult to create something like that using the custom drawing style.

Still probably harder than a simple drawing tool and I'm not sure the resulting model would be more meaningful than a drawing.