Log In    |    Knowledge Base    |    4D Home
Tech Tip: Properly Restrict Users from Having Designer Rights
Published On: December 27, 2022

When a new 4D database is started, users—be it developers or end-users—have access to every part of the database. By default, only the Designer and Administrator users exist, and there are no groups. Simply creating users and assigning them to groups does not restrict access to specific parts of the database; the access system must first be activated. Without properly doing so, end-users have the ability to access sensitive information or cancel backups even without access to 4D’s design environment.

To activate the access system, you simply need to designate a password to the Designer user. To do this, go to Toolbox > Users > select the Designer user > click the “Edit” button next to the Password field.

You will know the Designer is assigned a password when four dots appear in the text field.

Then, create a group that you would like to assign design environment access to. Go to Groups > click on the + button under the list of users. Give this group a name.

There is no need to include the Designer user to this group because this unique user will always have access to every part of the database. You may also opt to only include the Designer in this group if you also would like for the Administrator user to have restricted access.

Lastly, go to Settings > Security > choose a group for “Design and Runtime Explorer Access”. Now, only the users within this group have designer rights.

In summary, to keep general users out of the design environment and from having special rights under the Designer user, you need to properly activate the access system and assign a custom group to have “Design and Runtime Explorer Access''. This way, end-users will only have access to application mode of the database.

For further information, please look at the references below.

Users and Groups Design Reference (new):

Users and Groups Design Reference (legacy):

4D Security Guide: