Security Considerations


The Customizer uses NOMADS Security Classifications and user definitions. Only those users assigned to the ADMIN or CUSTOMIZER classifications can create public definitions or have access to Customizer General Maintenance. If no NOMADS Security is defined in a NOMADS environment, then the default is no restrictions. In an iNomads environment, however, NOMADS Security is required for personal custom definitions and for access to the run-time Customize panel utility.

The ADMIN security classification is created automatically when NOMADS Security Classifications are initially set up. The CUSTOMIZER classification does not exist and must be created using Security Class Maintenance. Assigning this class to users allows them to access Customizer General Maintenance and public definitions without being given full ADMIN access to the system.

In the NOMADS Data Dictionary, security classifications may be assigned at both the file and field level. Public user files and their elements also may have security classifications assigned to them. For user files, the classifications determine whether there is full access (i.e. the user data may be updated) or view-only access or no access.

If a file or field has been assigned security, it would have to be assigned an ADMIN and/or CUSTOMIZER classification to be available for public definitions.

When creating a custom definition, security classifications determine from which files and items the user may select. When creating a public definition, files with differing security classifications may be selected, but what is displayed at run time is determined by the current user's security classifications. Only those assigned to the ADMIN or CUSTOMIZER security classifications can define free-form formulas. The use of program variables is also restricted. Formulas defined in public definitions may also be assigned security classifications to control who sees what.

(Support for the creation of the CUSTOMIZER classification was added in PxPlus 2018.)