Results 1 to 9 of 9

Thread: Custom Secruity

  1. #1
    Join Date
    Nov 2004
    Posts
    34

    Unanswered: Custom Secruity

    Ok, I've taken the plunge and started to creat emy own secruity for my database since an mdw workgroup file is defenceless against anyone with a little know how. So far I've created a log in form thats displayed automatically. There is also a table containing the user, their password and which group they belong to. What I wish to accomplish is to have didn't permission based on each group, just like with the security built into Access. However I'm not sure how to go about this, do I declare permissions in VBA or have a table that states what permissions each group have? Any Ideas greatly appreciated.

    Just to recap, I am not trying to set up an mdw workgroup file, i am meerly trying to set up my own custom security with users that belong to groups. Just to avoid confusion.

  2. #2
    Join Date
    Mar 2003
    Location
    The Bottom of The Barrel
    Posts
    6,102
    Provided Answers: 1
    It's pretty straight-forward... Create a group table with id's, another table to house user/group combinations, and a table to specifiy which groups have access to which objects.
    oh yeah... documentation... I have heard of that.

    *** What Do You Want In The MS Access Forum? ***

  3. #3
    Join Date
    Nov 2004
    Posts
    34
    Ok, thought that might be the case, was then wondering how the permissions stored in the table get read upon opening a form. I'm only guessing at this but would it be something like; In the forms On_open event I use a Dlookup to the table to find out the permissions or is it something much simpler. A quick step-by-step process list would help immensly as I don't think I would have any trouble wit the code or anything. Thanks again.

  4. #4
    Join Date
    Sep 2003
    Location
    MI
    Posts
    3,713
    What I do is have a "security" table in the database somewhere ... (keep in mind: THIS WILL NOT WORK IF THE FORMS AND TABLES ARE IN THE SAME DB) ... The in the form's Open method I run some code to determine if the user has permission to run the form ... Ex:

    Code:
        IsAdmin = False
        SQLString = "SELECT PurchaseOrderAdmin FROM UserBillingSettings WHERE (UserID='" & MyUserID & "');"
        MyRecSet.Open SQLString, MyConnect
        If MyRecSet.BOF = False Then
            MyRecSet.MoveFirst
            IsAdmin = MyRecSet.Fields(0).Value
        End If
        MyRecSet.Close
        
        If Not IsAdmin Then
            MsgBox "You do not have permission to access this interface.", vbCritical, "System Monitor"
            PopulateMyTables = 0
            Exit Function
        End If
    Back to Access ... ADO is not the way to go for speed ...

  5. #5
    Join Date
    Nov 2004
    Posts
    34
    That could work, as there is a front end and back end to my database. So you're saying that each time the form opens it would look to see which group the current user is a member of, then set read, write, and indeed whether it can open the form, based on the group. I think this is going to be alot more extensive than I first realised. Thanks for all the support. Will post again if I need anymore help.

  6. #6
    Join Date
    Sep 2003
    Location
    MI
    Posts
    3,713
    Quote Originally Posted by jammybasturd
    That could work, as there is a front end and back end to my database. So you're saying that each time the form opens it would look to see which group the current user is a member of, then set read, write, and indeed whether it can open the form, based on the group. I think this is going to be alot more extensive than I first realised. Thanks for all the support. Will post again if I need anymore help.
    Actually all you have to do is deny access to the form ... You don't need to set read/write/design permissions ...
    Back to Access ... ADO is not the way to go for speed ...

  7. #7
    Join Date
    Nov 2004
    Posts
    34
    But what if I want to allow the user to open the form, write and update data but not delete data?

  8. #8
    Join Date
    Nov 2004
    Posts
    34
    Ok, I've been thinking about this problem more and more and I think the best solution that allows me the security and flexibility I need is to use binary; i.e. each type of permission is assigned a binary number and then this is stored in a table of groups versus each object in my database. Example:

    0 - Object Hidden
    1 - Read data
    2 - Update data
    4 - Insert data
    8 - Delete data

    For form1, if Group 'Users' has a value of 7 then this means that group have access to that form, can write data and update and insert data but not delete data. What I am asking is - Can anyone think of any problems that may arise with this solution and as my database is split into front end and back end, with users having no access to tables (except link tables), will I need anymore permissions? Any other thoughts would help greatly. Thanks.

    When I have completed this I'll post an example database with this security system.

  9. #9
    Join Date
    Nov 2004
    Posts
    4

    Talking

    You can secure it with an MDW file, provided no one can replace the shared workgroup file with an unsecured (or differently secured) MDW of the same name. Use the AutoExec macro to run code:

    SysCmd(13) = "[absolute pathname].MDW"

    If False, give 'em a:

    MsgBox "And just what do you think you're doing?"
    Application.Quit

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •