I'm creating a administration program in vb.net based on a new msSql db. This programme is involved with customeradmin, facturation, products, sales,...
by example: Some employees don't has anything to do with product, so they don't need the rights to delete, create or edit it.
The question is how can i resolve this problem, because i don't find any good solution. The rights are for every employee different, and can be changed by a admin panel. The admin can give a employee specific rights for every part of the programme
so how can we give a user certain rights when he is logging in into the program.
If you are talking about row-level security, there is nothing built in for doing that. You will have to "roll your own" code to do it.
The complex but versatile way is to create a table of permissions that dictate what records each user can access, but the exact implementation is going to be specific to your business rules.
Another method is to create or procedures that restrict access to a subset of records, and then grant your users rights to those database objects.
Either way, this can get fairly complex.
If it's not practically useful, then it's practically useless.